Re: Orderfile Encryption

This WebDNA talk-list message is from

2007


It keeps the original formatting.
numero = 69048
interpreted = N
texte = Clint Davis wrote: > The double [url] was discussed at some point on the list. I thought it was > required. I'll try with the single [url] and see what happens. The double [url] is required because [encrypt] can include some high ASCII characters that are not escaped properly with a single [url] (whether that is a bug or not is up for discuss). A single [unurl] is required when reading the data back out, because WebDNA implicitly has an [unurl] for any header field. As for encrypting the contents of the AccountNum field, I don't think that is possible; WebDNA has special handling for that field (checksum, et al) that may limit the effective size of the field (though it isn't mentioned in the docs that I can see). I would use the AC (Account) PayMethod and store the encrypted CC number in one of the Text[A-Z] fields instead. It may be that if you use AC for PayMethod, you can then stuff the encrypted CC in the AccountNum field. However, be aware that anyone with physical access to your server (which is what is required to read the order files), would have access to your templates as well (unless you encrypt those two) and would be able to gain access to your seed value to decrypt the order files. Security is only useful if you understands both its strengths and weaknesses... HTH John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Orderfile Encryption ( "Planet DJ (Chris W.)" 2007)
  2. Re: Orderfile Encryption ( Clint Davis 2007)
  3. Re: Orderfile Encryption ( John Peacock 2007)
  4. Re: Orderfile Encryption ( Clint Davis 2007)
  5. Re: Orderfile Encryption ( Clint Davis 2007)
  6. Re: Orderfile Encryption ( Donovan Brooke 2007)
  7. Re: Orderfile Encryption ( Donovan Brooke 2007)
  8. Re: Orderfile Encryption ( John Peacock 2007)
  9. Re: Orderfile Encryption ( Clint Davis 2007)
  10. Re: Orderfile Encryption ( Matthew A Perosi 2007)
Clint Davis wrote: > The double [url] was discussed at some point on the list. I thought it was > required. I'll try with the single [url] and see what happens. The double [url] is required because [encrypt] can include some high ASCII characters that are not escaped properly with a single [url] (whether that is a bug or not is up for discuss). A single [unurl] is required when reading the data back out, because WebDNA implicitly has an [unurl] for any header field. As for encrypting the contents of the AccountNum field, I don't think that is possible; WebDNA has special handling for that field (checksum, et al) that may limit the effective size of the field (though it isn't mentioned in the docs that I can see). I would use the AC (Account) PayMethod and store the encrypted CC number in one of the Text[A-Z] fields instead. It may be that if you use AC for PayMethod, you can then stuff the encrypted CC in the AccountNum field. However, be aware that anyone with physical access to your server (which is what is required to read the order files), would have access to your templates as well (unless you encrypt those two) and would be able to gain access to your seed value to decrypt the order files. Security is only useful if you understands both its strengths and weaknesses... HTH John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748 ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ John Peacock

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

writing checkboxes to a database (2000) RAM variables (1997) WCS Newbie question (1997) 2.1.5: Too Many Nested [xxx] (1998) Add to a field (1998) A Global Variable (1997) Download URL & access on the fly ? (1997) Intermitent problem using [referrer] (1997) OT : javascript form filling (2000) Stumped (1999) Blowback and budgets. (2000) Subtotal Not Calculated on Invoice.html (1998) [format] problem (2001) Director 7 (1999) WebCatalog2 Feature Feedback (1996) [isfile] ? (1997) WebCatalog 2.0 b 15 mac (1997) Emailer compatibility..... (1998) FYI: virus alert (1996) info (1997)