Hi

I am doing credit card number encyption in my code(functions.php) .anyway i should make it secured from crackers. plz suggest me an apt way to make my application secured...

I thought if this code can be encoded..but it should be compiled at runtime.
This file shouldnot be viewed by outsiders.

plz help..


keats

https! make sure you have an ssl cert before doing anything with credit cards!

Ya i have used ssl cert.thanks..is there anyother way

You do not need to encode the PHP scripts. Just make sure that your server is secure and that there are no vulnerable scripts.

You should use SSL however.

While I'm not clear on what you're doing with the numbers, you can store your include files in directories which are not within the web- or ftp-accessible directories of your site (i.e., not under the public_html or public_ftp directories). As long as the user under which your web server runs PHP scripts has read access on those directories, you can still include them into scripts.

Also if you are on a shared server don't hold any sensitive data in a session. Session data is accessible by all users of the server.