Our graphic designer has just finished redeveloping our website. On the
site, we use SSL to secure the area where a user enters their personal
information to order items from us. (we do not do many transactions - maybe
1 per day...) We are a log home mfg company so they would only order plan
books, maybe a video etc...

When the user clicks "Submit Order", we want to encrypt each data item
(because of new legislation governing customer personal info etc...) and
write a record to an access db. From here it will be imported into our
Customer DB leads database...

I do not use ASP but program in VB 6 and Access 2000. ASP looks similiar in
many ways...

Does someone have a good ASP script for encrypting data? And, if so, is it
fairly strong encryption?

Also, is there any trick to writing an "insert" SQL script in ASP or is it
exactly the same as I would do in VB or Access? Maybe someone has an
"insert" script handy they could pass along including the command to
actually execute it?

Thanks,

Brad

[ Post a follow-up to this message ]

Is it a requirement to have encrypted data in the database itself?  Where I
work, there are also many guidelines that we have to follow.  The US's OCC
(http://www.occ.gov/) has lots of rules like this that they're always
auditing our Web site security.  While we must encrypt all data that is sent
from the browser to the server when it is anything remotely customer
related, (i.e. via httpS), we are not required to store the data encrypted
in the database itself.

As far as coding things the same in VB and ASP, well, that depends on what
you're doing in VB.  I assume that you'll be using VB Script as your ASP
language, yes?  So, the code should be pretty similar.  Browse around some
of the FAQs at www.aspfaq.com for some code samples.  One specific one that
you may want to read prior to duplicating VB coding style in an ASP page is
this one.  http://www.aspfaq.com/show.asp?id=2191

Ray at work


"Brad Pears" <donotreply@notreal.com> wrote in message
news:%23nN7ZwqiEHA.1656@TK2MSFTNGP09.phx.gbl...
> Our graphic designer has just finished redeveloping our website. On the
> site, we use SSL to secure the area where a user enters their personal
> information to order items from us. (we do not do many transactions -
> maybe
> 1 per day...) We are a log home mfg company so they would only order plan
> books, maybe a video etc...
>
> When the user clicks "Submit Order", we want to encrypt each data item
> (because of new legislation governing customer personal info etc...) and
> write a record to an access db. From here it will be imported into our
> Customer DB leads database...
>
> I do not use ASP but program in VB 6 and Access 2000. ASP looks similiar
> in
> many ways...
>
> Does someone have a good ASP script for encrypting data? And, if so, is it
> fairly strong encryption?
>
> Also, is there any trick to writing an "insert" SQL script in ASP or is it
> exactly the same as I would do in VB or Access? Maybe someone has an
> "insert" script handy they could pass along including the command to
> actually execute it?
>
> Thanks,
>
> Brad
>
>

[ Post a follow-up to this message ]

I'd also suggest the following articles as well.

http://www.aspfaq.com/show.asp?id=2080
http://www.aspfaq.com/show.asp?id=2126
http://www.aspfaq.com/show.asp?id=2183

Ray Costanzo [MVP] wrote:

> Is it a requirement to have encrypted data in the database itself?  Where 
I
> work, there are also many guidelines that we have to follow.  The US's OCC
> (http://www.occ.gov/) has lots of rules like this that they're always
> auditing our Web site security.  While we must encrypt all data that is se
nt
> from the browser to the server when it is anything remotely customer
> related, (i.e. via httpS), we are not required to store the data encrypted
> in the database itself.
>
> As far as coding things the same in VB and ASP, well, that depends on what
> you're doing in VB.  I assume that you'll be using VB Script as your ASP
> language, yes?  So, the code should be pretty similar.  Browse around some
> of the FAQs at www.aspfaq.com for some code samples.  One specific one tha
t
> you may want to read prior to duplicating VB coding style in an ASP page i
s
> this one.  http://www.aspfaq.com/show.asp?id=2191
>
> Ray at work
>
>
> "Brad Pears" <donotreply@notreal.com> wrote in message
> news:%23nN7ZwqiEHA.1656@TK2MSFTNGP09.phx.gbl...
> 
>
>
>

[ Post a follow-up to this message ]

Don't forget the Windows Script documentation

http://surl.co.uk/?785

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


"joker" <no-spam@netzero.com> wrote in message
news:#n0WyAriEHA.3548@TK2MSFTNGP09.phx.gbl...
> I'd also suggest the following articles as well.
>
> http://www.aspfaq.com/show.asp?id=2080
> http://www.aspfaq.com/show.asp?id=2126
> http://www.aspfaq.com/show.asp?id=2183
>
> Ray Costanzo [MVP] wrote:
> 
Where I[vbcol=seagreen] 
OCC[vbcol=seagreen] 
sent[vbcol=seagreen] 
encrypted[vbcol=seagreen] 
what[vbcol=seagreen] 
some[vbcol=seagreen] 
that[vbcol=seagreen] 
is[vbcol=seagreen] 
plan[vbcol=seagreen] 
it[vbcol=seagreen] 
it[vbcol=seagreen] 
>

[ Post a follow-up to this message ]