- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Reply to: Any web designers?
Collapse
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
- You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
- You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
- If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Logging in...
Previously on "Any web designers?"
Collapse
-
Cowboy Bob/realityhack/Sysman
Appreciate the comments. I'm from an infrastructure background so the development arena is outside my field of knowledge.
I'll take up your points with my developer.
Final point, any suggestions on the best way to secure users email addresses?
Leave a comment:
-
Originally posted by SysmanOne of my pals is running a PHP site for technical support, and making some wonga from advertising - i.e. not collecting payments via the site.
His observations:
New PHP attacks are coming all the time. Keep up to date with the security patches - this is a must.
Watch out for bots trying to fill discussion sections with spam. He now insists on folks creating an account to avoid this.
Lock up any customer data as tightly as you can. Don't let email addresses be harvested as you can be accused of selling them to "they who should be shot at dawn" (spammers).
Make sure passwords are stored in the DB as a one-way hash, then compare hashes when the user enters their password.
Go through the code with a fine-tooth comb and change any straight DB calls to parameterised queries to avoid SQL injection - PHP tends to be wide open to this kind of attack since it's DB handling facilities are pretty primitive by default. You may need a 3rd party library such as Pear DB in order to do this, not sure.
Turn off "register globals" in the PHP config file. If the application breaks, go to the person who supplied it to you and demand your money back, with menaces if necessary.
Leave a comment:
-
Originally posted by ClippyAnd the same would go for collecting user data using PHP, right?
e.g. Creating a user account for your website.
His observations:
New PHP attacks are coming all the time. Keep up to date with the security patches - this is a must.
Watch out for bots trying to fill discussion sections with spam. He now insists on folks creating an account to avoid this.
Lock up any customer data as tightly as you can. Don't let email addresses be harvested as you can be accused of selling them to "they who should be shot at dawn" (spammers).
Leave a comment:
-
Originally posted by RRHthe site is currently free to use, I generate money through advertsing-does anyone have any ideas/suggestions as to what features I should add when I revamp the site?
Tips on male grooming.
A section about coping with a lithp.
Leave a comment:
-
the site is currently free to use, I generate money through advertsing-does anyone have any ideas/suggestions as to what features I should add when I revamp the site?
Leave a comment:
-
Originally posted by Cowboy BobIf you're redirecting out to a service like Worldpay or PayPal you're fine because no payment details are taken on your site. I'd severely worry if your site is actually collecting any payment information through your PHP pages though. I personally wouldn't use it and I wouldn't recommend anyone else do so.
e.g. Creating a user account for your website.
Is the alternative to go for an ASP/SQL solution?
Leave a comment:
-
Ditto - I'm currently using JSP to achieve the same result - but not capturing any data other than the quantity and amount - and sending those values through to a secure site verified by visa for the customer to do the rest. I wouldn't touch PHP for data capture.
Leave a comment:
-
Originally posted by RRHAlso any suggestions on how to improve the site much appreciated.
You obviously are useleth.
Leave a comment:
-
Originally posted by ClippyCB - Presumably, if you are going to use a third party to take payment and capture the users order details, this is not so much of an issue?
Reason I ask, is Plan B (which I have inherited and due to go live in the coming weeks) is built using PHP and MySQL.
Leave a comment:
-
Originally posted by Cowboy BobYou're also using PHP, which while fine for more modest things doesn't really scale well (you can't cluster it) and is not really secure enough if you're going to take money on the site - http://www.php-security.org/
Reason I ask, is Plan B (which I have inherited and due to go live in the coming weeks) is built using PHP and MySQL.
Leave a comment:
-
You're also using PHP, which while fine for more modest things doesn't really scale well (you can't cluster it) and is not really secure enough if you're going to take money on the site - http://www.php-security.org/
Leave a comment:
-
Yikes.
Your images are too heavy - the site is very slow because of this:
http://www.websiteoptimization.com/s...k/db/index.php
I'd redo most of the graphics, align them properly along with your navigation, and use a more neutral background colour. My eyes hurt.
As for the markup - use css layout instead of tables please.
Leave a comment:
-
Originally posted by RRHAre there any web designers on here who want to help with some modifications on my website? www.datemymates.co.uk
Im looking at making the site a bit more 'datey' and less on the social netwoking side. I think the idea of group dating is a good one as it improves safety, has less of a stigma and less nerve wrecking!
anyone interested?
Also any suggestions on how to improve the site much appreciated.
Leave a comment:
-
Any web designers?
Are there any web designers on here who want to help with some modifications on my website? www.datemymates.co.uk
Im looking at making the site a bit more 'datey' and less on the social netwoking side. I think the idea of group dating is a good one as it improves safety, has less of a stigma and less nerve wrecking!
anyone interested?
Also any suggestions on how to improve the site much appreciated.Tags: None
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Leave a comment: