Member Avatar for anthonyjpv

Hi! Im new to php web development.

I am developing an online shopping system where theres an admin page that allows him to add, edit, delete category and products.

to cut the story short, what I want to know is, is it safe to save the table for admin username and password within the online shopping system database?

or is it safer to save it in other database and create a table there instead?

another thing, do you have any advice regarding security of the website?

if you have any good sites that talks about php security, can you give me some links that you find helpful?

Thanks in advance

  • 3 Contributors
  • 2 Replies
  • 149 Views
  • 15 Hours Discussion Span
  • Latest Post Latest Post by chrishea
Member Avatar for simplypixie

There is no reason why you can't store the admin details in the main database, just make sure you hash the password and use mysql_real_escape_string for any posted data to prevent sql injection. Also ensure your database connection information is kept outside of the public site to protect it.

Member Avatar for chrishea

What makes you want to invent your own online shopping system when there are good open source systems available? These are written by knowledgeable teams of people and the systems have gone through multiple releases fixing security holes and other issues. These systems have thousands of hours of work invested in their development so they are quite rich in features compared to what you can afford to develop on your own.

If your purpose is to learn, then download one or two of these systems and see how they have been constructed. If your objective is to have a working ecommerce system, then pick one of the open source systems and use it. If none of them provides exactly what you're looking for, then give some thought to how important your unique requirements are. In many cases, it makes more sense to adapt to what the system provides. If the differences are critical, then consider modifying the open source system rather than building from scratch.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.