wizardsandwars Posted August 9, 2005 Share Posted August 9, 2005 Then there's the other not so small matter of the Data Protection Act ..... Absolutly correct. In the United States, any company that has over 50 employees is required by law to have SSL on any page that collects personal information about a customer, including name, date of birth, and address. It's called the Sarbanes Oxley Act. Now I realize that most companies here are small, and don't employ 50 customers, but this should still be the standard for how all companies on the web do business. ------------------------------------------------------------------------------------------------------------------------- NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit. If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help. Link to comment Share on other sites More sharing options...
Guest Posted August 9, 2005 Share Posted August 9, 2005 Or should I be using this for the cookies? define('HTTP_COOKIE_DOMAIN', ''.$HTTP_HOST); Let me know please, anyone, HELP :blush: Link to comment Share on other sites More sharing options...
burt Posted August 9, 2005 Share Posted August 9, 2005 Why not test it out, and let us all know the answer? Instead of being reactive, be proactive ;) I know that cookie domain needs just the hostname: define('HTTP_COOKIE_DOMAIN', 'www.yoursite.co.uk'); So, to be sure of getting this, I would use something like parse url [host] in conjunction with $HTTP_HOST ... Maybe that would work nicely? Link to comment Share on other sites More sharing options...
♥Vger Posted August 9, 2005 Share Posted August 9, 2005 In the UK it doesn't matter how many employees you have, if you do business on the internet and collect personal data you are obliged under law to do it in a secure environment. Even if it wasn't a requirement, no one is going to do business with a site that doesn't use an https connection for the Sign In and Checkout parts of the site. This whole thing is an exercise in futility. My view - follow Burt's advice and use two accounts, one database. If you want to keep on going down this pointless road ...fine - but I'm out of here. Vger Link to comment Share on other sites More sharing options...
Guest Posted August 9, 2005 Share Posted August 9, 2005 Why not test it out, and let us all know the answer? Instead of being reactive, be proactive ;) I know that cookie domain needs just the hostname: define('HTTP_COOKIE_DOMAIN', 'www.yoursite.co.uk'); So, to be sure of getting this, I would use something like parse url [host] in conjunction with $HTTP_HOST ... Maybe that would work nicely? <{POST_SNAPBACK}> Well I've used the define('HTTP_COOKIE_DOMAIN', ''.$HTTP_HOST); And everything seems to be running fine, did a test order, everything works.... (So FAR) Will post any problems i come accross if any. As this is the easiest way of having multiple domains that all run the same code and are cached and listed by google, (my UK domain pages were cached this morning :) ) Much much easier than running two seperate sites. So not futile at all Vger Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.