The details of creating a secure online store
I would assume this has been asked before, but I just don't know what to search for to find the answer.
I am a fairly accomplished computer engineer. I know C++ pretty well, I also know Java at a novice level (never really got into it). I know a fair bit about hardware, networking, etc. On the web side, I know HTML and have plenty of experience using it. I also know javascript and perl fairly well and have used a few other scripting (or whatever you want to call them) languages. I am also aware of XML, though I'm just beginning to use it.
I would like to make a wemcommerce-type website. It will allow users to log in, have settings, etc. I would also like to make it secure. That's where the problem comes in.
Let's say I want to make a bulletin board on my website (that's not really what I want to do. I am aware of free tools that allow me to do that, I am just using it as an example since it has requirments similar to what I would like to do). My basic approach would be to start up a database server (with SQL or something. I'm not too experienced with databases) and access it through cgi or asp to make everything work (Each user has a database record, each post has one as well, etc.). My problem is that I don't know if this is at all right.
Is this how such sites are made? Is there a good book/website/anything that shows how to make such a site? Or at least gives a basic overview and provides resources for further learning?
Searching the net (google/amazon/this site) takes me to books that teach SOAP, WS-Security, etc. I don't know much about those things (I may have seen them in a presentation or two). It would be really great if someone could give me some basic info so I can avoid reading books I don't need to (I still have a day job ).
Thanks in advance,
Hawk
