• Home Page
  Data Koncepts'
    Home Page
• Webmaster
  Professional
      Webmaster
  Development
      Process
  Small Website
      Fixed Price
      Offer
  Website
      Clients
  
  FREEBIES:
  Webmaster Security
      (see Security)
  Search For a
      New Host
      Checklist
  Search Engine
      Optimization
      w/mod_rewrite
  mod_rewrite
      Code Generator
  E-Mail
      Encrypter
• Web Hosting
  Web Hosting
      Info & Checklist
  Web Hosting
      Offer
• Security
  Online
      Security
  SuperScan v2
      Attack
      Detection
      & Reporting Hack Recovery
• Professional Services
  Professional
      Documents
  Digital
      Imaging
  Screensavers
  
• Computers
    Hardware
    Software
• Contact
    Contact
    Terms &
      Conditions
    Sitemap

Server Side Scripting

I utilise "server side scripting" on my websites. "Server side scripting" is similar to the JavaScript that's in common use on virtually every web page to provide dynamic (changing) content to your pages' visitors. However, whereas the entire JavaScript and the data it acts upon must be downloaded to the visitor's computer, "server side scripting" is acted upon by the server with only the results sent to the visitor. This is not only much faster but protects the decision making process from being compromised by malicious visitors.

"Server side scripting" becomes far more powerful when coupled with databases which do not have to be downloaded. When used on a secure server, this also protects the data in transmission.

Secure Server Scripts

There are a total of four pages involved in my scripts to process your orders:

• Check for errors
• Check for proper "hashing" (mathematical encoding)
  of the credit card number
• E-mail you with the order details
• E-mail confirmation to your client
• Store an encrypted portion of the credit card number on the server and
• and provide it ONLY to you and ONLY via secure server!

Order Page — This is the page which would be on your site but located on the secure server. This page obtains information from your visitor (name, e-mail, etc), allows them to select or input their order (e.g., number, colour and size of your "widgets," booking confirmations, donations, etc.) and collects credit card details. A preliminary check is performed before sending the "order" to the Process Page.

Process Page — This page analyzes the date collected on the Order page for completeness (required information), format (e-mail address) and mathematically validates the credit card (potential problems are identified only to you). Then the credit card number is stripped of its center digits which are encrypted and saved to the database. An e-mail is dispatched to you with all the order's information (except the middle numbers of the credit card) and a confirmation e-mail is sent to the visitor before a link is offered back to your Contact Page.

Retrieval Link Page — This page is on your site but in a password protected directory — I'll need to know the username and password you'd like to use (unless you want to set that up yourself). It only contains a link to take you to the Retrieval Page on the secure server which will confirm that the link originates at YOUR Retrieval Link Page.

Retrieval Page — This page on the secure server is designed to silently stop providing ANY information unless stringent safeguards are met (the acceptable responses are NOT evident in the page's code as they would be with JavaScript). After all the requirements are successfully met, ONLY the middle digits are decrypted and displayed and the encrypted data isdeleted from the database.

It would take at least a half hour to complete the coding for your site on these pages (and the database) so I must fix the one-time fee at $20. I will have to know the username and password combinations you prefer to use as well as the text and contents you require on the Order Page (name, e-mail, credit card details, more?) to link this into your site's navigation. After that, it's a simple matter to obtain your clients' credit card details from the secure server.

Security First

My primary concern with the Internet has always been security. I believe that I have met my own stringent requirements as I cannot recreate the Process Page's order e-mail to you (with the order and half of the credit card details) and NO third party intercepting your e-mail would be able to read the middle digits without your username(s) and password(s). The fact that a secure server is used for encrypted transmission of the credit card from the visitor and to you complete this secure scenario.

Note: The secure server operates on a "shared certificate" in the name of the company which provides the site control software. A site-unique certificate would be prohibitively expensive.