Search the Community
Showing results for tags 'https'.
-
Hello Larry, I had a question regarding php.ini file. Have the newer versions changed the way session.entropy_file and session.hash_function work? Because the manual says they were removed, but does that mean deprecated? I searched for these settings under the 'php.ini session' section but did not find them. My purpose for searching for them was to edit them to use dev/urandom instead of dev/random and then hash with sha256. That leads me to another question. But I think Ill post that under a different post and title because it is kinda different. Thanks Larry. questionpicture.pdf
-
Hello to the members of this community. I am a web design consultant by profession and I have joined this community to seek help with a critical issue I am thinking over these days. As we all know, website security is so mainstream these days and a wide majority of e-commerce shops and portals are transferring their sites from HTTP encryption to HTTPS. Although I am quite familiar with the technical aspects of this transition that leads towards more secure web experiences especially when there is a payment gateway integrated on your site, it must comply with latest protocols of internet security. However, my question here is a bit different from these facts. I am willing to ask if this implementation of securing websites is going to affect the site standings in the eyes of search engine bots anyway? I am sure we all are familiar with this behavior of search engine that is getting smarter every second. So, let's say I am working with a web design company which is purely working on web design and development projects for their clients, Do you think adding this more-secure encryption will help gain more prominence in the eyes of search crawlers? I am positive that I have made my point clear. Your valuable comments will be appreciated in this regard.
- 1 reply
-
- https
- web security
-
(and 2 more)
Tagged with:
-
Hello, I'm new to this forum, and unsure whether or not this is the right place to post this. I'm working on a membership system for a local organization which initially will have contact information (names, addresses, telephone numbers, email addresses, birth dates, etc) as well as other info related to the organization in a MySQL database. There are no plans to add data that is any more sensitive (i.e. credit card numbers), and we will never be doing any kind of e-commerce. There is also a separate part of the existing site, created using Wordpress, that (as far as I can see) has no need whatsoever to be secured with https. But because there is a login for managing this contact information, I am asking: is it recommended, or even necessary that the site use https for the pages behind the login? And, if it is indeed recommended, are there sites you can recommend for implementing this: info about SSL certificates, etc. Thanks very much, and especially thank you for your books. I have PHP and MySQL for dynamic web sites, and I've been using it since 2006.
-
Hi Larry, The connection of return pages (cancel.php and thank.php) must be secure (using https connection) ? The ipn.php need secure https connection ? If cancel.php, thank.php and ipn.php need secure connection, my web hosting must got SSL ? I ask because when I configured paypal integrate payment on paypal sandbox site, I saw the return page textfields example show ( https://www.example.com/cancel.php or https://www.example.com/thank.php ) Thanks for reply
-
I'm developing my site with shared hosting ssl certificate. As Larry describes in the book, I'm trying to use the session id from the http pages after I get to the https pages, and be able to go back and forth. From home page I click login, I log in and my code tries to redirect to loggedin page. But between login and loggedin there is a new id generated. That is what I think is happening. So that causes my loggedin page to fail because test says user is not logged in. And this will also cause everything else to fail but this is the first thing I'm testing. Here is the code I am using, at the start of each page: (I pass $sid in the url) // Start output buffering: ob_start(); // Start the session: // if the session is available from the url use that otherwise start a new session if ($_SERVER['REQUEST_METHOD']=='GET') { if (isset($_GET['sid'])) { $sid = $_GET['sid']; if ($sid > 0) { // I set it zero when there is none echo "
- 3 replies
-
- session ids
- sessions
-
(and 2 more)
Tagged with: