The following warnings occurred:
Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.27 (Linux)
File Line Function
/global.php 783 errorHandler->error
/showthread.php 26 require_once
Warning [2] Undefined array key "avatartype" - Line: 783 - File: global.php PHP 8.1.27 (Linux)
File Line Function
/global.php 783 errorHandler->error
/showthread.php 26 require_once
Warning [2] Undefined variable $newpmmsg - Line: 40 - File: global.php(841) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/global.php(841) : eval()'d code 40 errorHandler->error
/global.php 841 eval
/showthread.php 26 require_once
Warning [2] Undefined array key "style" - Line: 909 - File: global.php PHP 8.1.27 (Linux)
File Line Function
/global.php 909 errorHandler->error
/showthread.php 26 require_once
Warning [2] Undefined property: MyLanguage::$lang_select_default - Line: 5024 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 5024 errorHandler->error
/global.php 909 build_theme_select
/showthread.php 26 require_once
Warning [2] Undefined array key "additionalgroups" - Line: 7162 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 7162 errorHandler->error
/inc/functions.php 5044 is_member
/global.php 909 build_theme_select
/showthread.php 26 require_once
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1370 fetch_forum_permissions
/showthread.php 137 forum_permissions
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1380 fetch_forum_permissions
/inc/functions.php 2909 forum_permissions
/showthread.php 621 build_forum_jump
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1380 fetch_forum_permissions
/inc/functions.php 2909 forum_permissions
/showthread.php 621 build_forum_jump
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1380 fetch_forum_permissions
/inc/functions.php 2909 forum_permissions
/showthread.php 621 build_forum_jump
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1380 fetch_forum_permissions
/inc/functions.php 2909 forum_permissions
/showthread.php 621 build_forum_jump
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1380 fetch_forum_permissions
/inc/functions.php 2909 forum_permissions
/showthread.php 621 build_forum_jump
Warning [2] Undefined array key 1 - Line: 1415 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1415 errorHandler->error
/inc/functions.php 1380 fetch_forum_permissions
/inc/functions.php 2909 forum_permissions
/showthread.php 621 build_forum_jump
Warning [2] Undefined array key "mybb" - Line: 1952 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 1952 errorHandler->error
/inc/functions_indicators.php 41 my_set_array_cookie
/showthread.php 629 mark_thread_read
Warning [2] Undefined property: MyLanguage::$ratings_update_error - Line: 5 - File: showthread.php(732) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/showthread.php(732) : eval()'d code 5 errorHandler->error
/showthread.php 732 eval
Warning [2] Undefined variable $postsdone - Line: 867 - File: showthread.php PHP 8.1.27 (Linux)
File Line Function
/showthread.php 867 errorHandler->error
Warning [2] Trying to access array offset on value of type null - Line: 867 - File: showthread.php PHP 8.1.27 (Linux)
File Line Function
/showthread.php 867 errorHandler->error
Warning [2] Undefined array key 1756 - Line: 867 - File: showthread.php PHP 8.1.27 (Linux)
File Line Function
/showthread.php 867 errorHandler->error
Warning [2] Undefined array key 1756 - Line: 1576 - File: showthread.php PHP 8.1.27 (Linux)
File Line Function
/showthread.php 1576 errorHandler->error
/showthread.php 1578 buildtree
/showthread.php 879 buildtree
Warning [2] Undefined array key "additionalgroups" - Line: 7162 - File: inc/functions.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions.php 7162 errorHandler->error
/inc/functions_user.php 844 is_member
/inc/functions_post.php 406 purgespammer_show
/showthread.php 880 build_postbit
Warning [2] Undefined array key "profilefield" - Line: 6 - File: inc/functions_post.php(474) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/inc/functions_post.php(474) : eval()'d code 6 errorHandler->error
/inc/functions_post.php 474 eval
/showthread.php 880 build_postbit
Warning [2] Undefined array key "canonlyreplyownthreads" - Line: 660 - File: inc/functions_post.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions_post.php 660 errorHandler->error
/showthread.php 880 build_postbit
Warning [2] Undefined array key "showimages" - Line: 741 - File: inc/functions_post.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions_post.php 741 errorHandler->error
/showthread.php 880 build_postbit
Warning [2] Undefined array key "showvideos" - Line: 746 - File: inc/functions_post.php PHP 8.1.27 (Linux)
File Line Function
/inc/functions_post.php 746 errorHandler->error
/showthread.php 880 build_postbit
Warning [2] Undefined array key "invisible" - Line: 1506 - File: showthread.php PHP 8.1.27 (Linux)
File Line Function
/showthread.php 1506 errorHandler->error
Warning [2] Undefined variable $threadnotesbox - Line: 30 - File: showthread.php(1533) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/showthread.php(1533) : eval()'d code 30 errorHandler->error
/showthread.php 1533 eval
Warning [2] Undefined variable $multipage - Line: 33 - File: showthread.php(1533) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/showthread.php(1533) : eval()'d code 33 errorHandler->error
/showthread.php 1533 eval
Warning [2] Undefined variable $multipage - Line: 65 - File: showthread.php(1533) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/showthread.php(1533) : eval()'d code 65 errorHandler->error
/showthread.php 1533 eval
Warning [2] Undefined variable $addremovesubscription - Line: 79 - File: showthread.php(1533) : eval()'d code PHP 8.1.27 (Linux)
File Line Function
/showthread.php(1533) : eval()'d code 79 errorHandler->error
/showthread.php 1533 eval



FORUMS


The Form Tools forums are no longer active, but the old posts have been archived here. Please see the Help page on how to get help / report issues.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
PCI compliant server
#2
Hey jschnyderite,

Good question... the truth it, I don't know - but I suspect not. Not because FT is at all unsecure, but PCI has such strict requirements.

From what I understand about PCI, it's entirely about securing servers so they can safely process credit card transactions. Form Tools should NOT be used for that. The reason is, Form Tools stores form submission content unencrypted in the database. You can't have people's credit cards stored unencrypted in a DB - it's just a bad idea. If your server is running any single script with a security hole, that information could potentially be accessed - and PHP is a notoriously unsecure programming language and there are OODLES of bad PHP scripts out there.

But if you really wanted to pursue this option there are still possibilities, but they should be examined & weighed by a security specialist. First, you use the Submission Pre-Parser module to encrypt cc information prior to storing in the database. You could juggle encryption salts to minimize the likelihood of the data being unencrypted if the DB was breached. You could also use Form Tools to *initially* store the CC data, then after they've been processed, delete the sensitive information from that record. Alternatively, you could export all content to a local server, safe behind a firewall, and delete all "public" FT database content on a schedule.

But to return to your original question about PCI, I don't really know enough about their requirements. I think you may need to spend time poring over their docs or get a specialist in to help determine the route to take. There are very possibly issues I haven't thought off that would need to be addressed separately.

If you do find out anything and need to ramp up FT's security in one or other regard, please let me know.

Thanks! Smile

- Ben
Reply


Messages In This Thread
PCI compliant server - by jschnyderite - Dec 29th, 2009, 1:39 PM
RE: PCI compliant server - by Ben - Jan 1st, 2010, 1:58 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)