Secure Web forms for payment
there probably plenty of you here who have done secure payment forms in their life, 开发者_开发技巧so am i. My question is general what from your experience is "more right" way to process these forms. I'm not talking about SSL or server based security but about programming itself using pseudo code ...
Thanks
Besides having the page protected with valid certificate and SSL, You need to validate all field, use parameters when sending the data, check for Injections of any kinds, and try to use an many listbox as possible and as little free texts..
thats my 2 cents on payment security.
If you want to protect your site from phishing attacks - you should also use some anti-phishing mechanism (like a personalized pictures)
and to protect against bots (very annoying) use captcha....
精彩评论