ich suche eine/n fleißigen Coder der mir bei einem kleinen Projekt hilft.
Es gut um einen Client von mir der für ein Event eine Registrations Seite bereit stellen möchte.
Wir sprechen über eine simple page die Name, Adresse, Email und Bankdaten in eine Datenbank schreibt.
Zusätzlich soll für den Admin im Panel eine Info Seite eingerichtet werden wo die registrierten Nutzer in einer einfachen Liste/Tabelle aufgelistet werden sollen.
thanks for your replys so far! @Svnt Thank you for your Idea! I havent worked with structure fields yet. So this might be a s solution for my project.
How do i handle the bank details the clients have to fill in? Is it a save way to save them in a structure field?
I think for this project i really need a help to get a better understanding
This question i’m asking myself since some days… haven’t found a solution yet.
There are PHP-crypt functions/classes but store the decrypt key on the server
is’nt a good idea IMHO.
And to force the admin/user to copy/paste a private key and a password to decode stuff
is also not that convenient.
When you say bank details do you mean credit card details? I would NOT store that in Kirby. It’s actually illegal to store this in a highly secure manner which is not PCI compliant. Use a system like Stripe.com, you’ll thank yourself later.
While PCI only applies to payment cards, I’d be very careful with bank account data. You should at least store them encrypted, presumably better in a hardened database if you are not using a payment service.
Keep in mind. Anything that is stored “encrypted” which can be automatically decrypted by PHP (without entering a keyset to decrypt) is hackable if someone gains access to your server.
Don’t use security through obscurity. Encrypting files and putting the key somewhere on the same server is not encryption. The files are de facto unencrypted.
I’d be careful with storing payment information, especially if your client is offering his site to German customers (German privacy laws are very strict). Better talk to an IT/Internet lawyer about this or build the site without asking for payment information via the form.
about structure field. that is not a good idea imho. editing the content will override any registrations happening in between. there is also the slight change for almost concurrent registrations blocking each other.
is there no option you could process a payment right away?
i mean you collect payment information to get a payment.
several provider have recurring payment options so you could basically process a user registration with a payment in one shot … if you are willing to work with a payment provider that is.
in this case you won’t be saving those critical data for datenschutz concerns.
I think we can close that post cause I’m in contact with someone whos gonna help me and my client out
@carstengrimm Im working for a non-profit organisation (Laufen und Gutes tun e.V.) which is donating all the money we get from our yearly running event so various institutions. (The Way Home - This project of the Children and Youth Center Bielefeld will enable terminally ill children to spend their last weeks of their lives not in the hospice, but at home. In addition, a part of the donation sum goes to Rheda-Wiedenbrück families who are in need of care and to the german bone marrow donation (DKMS)). Thats why we dont want to use a provider cause we want to donate every single “Cent” we get from our running event.
Thank you guys so much for ur help
For Those who wanna get more informations about what we do or maybe register for our event?! Just kidding! https://laufenundgutestun.de