[FX.php List] Security Concerns
Joel Shapiro
jsfmp at earthlink.net
Thu Jan 25 13:22:43 MST 2007
Maybe a dumb question, but...
If a web form sends data (email, cred card...) to a FileMaker field
but that field's contents are nowhere displayed on the website, can
bots still see the data in that field? (I had thought Ed's concern
over bots was because the emails *are* displayed on his website)
-Joel
On Jan 25, 2007, at 12:14 PM, Andrew Denman wrote:
> David,
>
> You will have to test this, but you could make one account that can
> only create records (no viewing, access to all fields) and use that
> to write to the database. A separate account would be used to
> retrieve records, and it would be denied access to fields you want
> to hide.
>
>
>
> Andrew Denman
>
>
> From: fx.php_list-bounces at mail.iviking.org [mailto:fx.php_list-
> bounces at mail.iviking.org] On Behalf Of David Tinoco
> Sent: Thursday, January 25, 2007 1:38 PM
> To: fx.php_list at mail.iviking.org
> Subject: [FX.php List] Security Concerns
>
>
>
> Well guys, this scares me now, as I was planning to design a secure
> page that took a customer's credit card information and stored it
> only for a few hours in FM until the sales rep transferred it to a
> secure "internetless" computer.
>
> But I realized that in order to have create and view access, you
> obviously must have read access, right?
>
> So couldn't anyone theoretically lookup any credit card number
> while it hadn't been transferred?
>
> Any help with suggestions would be great.
>
> David
>
> Get into the holiday spirit, chat with Santa on Messenger. Ho-Ho-Ho!
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list
More information about the FX.php_List
mailing list