First, I need to tell that I'm pretty new about Bitcoin.
I'm asked to build a Bitcoin Exchange website. I'll have a server which I plan to build with Linux and PHP.
-All the transfers will be issued manually
So we will have an online wallet and we will manually transfer Bitcoins to given addresses also receive Bitcoins to this wallet.
The problem is I'm not allowed to use any 3rd party API.
So how can I create an online wallet without any 3rd party API on my PHP server?
Should I install bitcoind to my server or is there any other way?
Is it a good idea to install bitcoind to a remote server?
Thanks.
The problem is I'm not allowed to use any 3rd party API.
It is good decision to make your system safe, but it is not enough.
Should I install bitcoind to my server or is there any other way? Is it a good idea to install bitcoind to a remote server?
With any approach, you need a bitcoin node (which bitcoind is most reliable one) which be accessible with you PHP code, so it should be remote!
I don't think it would be a security problem to install bitcoind on your PHP server, as long as it would be configured to just listen to localhost and not visible publicly, and just respond to your server PHP requests.
But don't forget that there are still many other security risks here.
For example if someone be able to hack your server and access it, he can easily use your funds. It is best practice to implement a Cold Storage solution to transfer most part of funds in your hot online exchange wallet to it, and bring it back to hot wallet manually whenever it is needed.
Related
I am creating a payment gateway using Paymill (which is comparable to Stripe). I want my website to automatically react to subscription-based billings. This is why I am considering Paymill webhooks.
I am in the testing phase and thus on localhost (XAMPP). The receiving webhook script would therefore have this URL:
localhost/paymill-example-php-subscriptions-master/src/Paymill/LlamaKisses/Controllers/WebhooksController.php.
But is it possible at all to set a localhost address as a webhook url (and how)?
(By the way, isn't WebhooksController.php missing a response code line like this:
http_response_code(200);
to let the sending webhook know it succeeded and needn't retry?)
Many thanks in advance!
Use one of these tunneling apps:
http://john-sheehan.com/blog/a-survey-of-the-localhost-proxying-landscape
You can use Webhook Relay (https://webhookrelay.com) to create webhook forwarding tunnels or bidirectional tunnels:
$ relay forward -b webhook-demo http://localhost:8090/webhook
Forwarding:
https://my.webhookrelay.com/v1/webhooks/5e722a5e-f3d2-4hqec-9e9f-79f1158e4b10 -> http://localhost:8090/webhook
starting webhook relay agent..
Endpoints are permanent (until you delete them) and it is also possible to fan-out webhooks to more than one destination.
.
I am using Azure Websites with a Free mode website. With that you can attach remote debugger to the Azure Website and if I am not mistaken you can do that with free tools from MS too. You can easily switch on tracing to Azure Table storage or file system and from within a webbrowser or tools look at logs. It may not be apt for you, but if you have a bit of time to play around it's quite easy. I am logging the whole PayMill webhook message to an Azure Table .
I'm tasked with coming up with an e-commerce solution for a small, local business. My client uses Intuit/Quickbooks point of sale software. I've just discovered that Intuit has a series of PHP 5+ classes that allow interoperability (link for anyone else that may stumble on this: https://code.intuit.com/sf/sfmain/do/viewProject/projects.php_devkit).
The website will be hosted on shared hosting, so the two systems are split quite literally. Her desktop does have internet access.
So, my questions:
Is there a way for me to connect to her desktop via curl?
If so, is there a way for me to do it securely if I can't create a VPN on my host?
Now that I think about it, is there a VPN service I could use?
Any other security things I should be aware of?
Payment processing will be handled through Stripe (http://www.stripe.com). This is really just for inventory/order synching.
Your best bet is the QuickBooks Web Connector, along with that set of PHP classes you mentioned. See my specific comments below:
I've just discovered that Intuit has a series of PHP 5+ classes that allow interoperability (link for anyone else that may stumble on this: https://code.intuit.com/sf/sfmain/do/viewProject/projects.php_devkit).
It's worth noting that that library is NOT developed by Intuit (disclaimer - I'm the developer of that library). Intuit hosts our Subversion repository, but we're a separate company, and Intuit does not contribute to the actual PHP code. Intuit provides a Windows COM-based API only, we provide the actual PHP components so you can talk to QuickBooks from a remote server via the Web Connector, without the need to muck with COM.
We have a ton of information on our QuickBooks integration wiki which might be helpful - specifically the QuickBooks integration with PHP section and this overview of the QuickBooks Web Connector.
Consider grabbing the latest nightly build from the link you posted, and taking a look at this file:
* docs/example_web_connector_point_of_sale.php
It illustrates exchanging data between PHP and QuickBooks Point of Sale.
The website will be hosted on shared hosting, so the two systems are
split quite literally. Her desktop does have internet access.
This ^^^ is just fine, and a typical scenario. It's exactly what the Web Connector was designed for. The Web Connector essentially acts as a "dumb proxy" between a PHP SOAP service, and QuickBooks itself - it relays messages from your PHP app, over HTTP(S), to QuickBooks.
Is there a way for me to connect to her desktop via curl?
Not with Curl, no (though you could build one... but why reinvent the wheel?). The Web Connector is SOAP based, but your PHP components will be the SOAP server half, not the SOAP client half.
If so, is there a way for me to do it securely if I can't create a VPN on my host?
The Web Connector can use SSL via HTTPS to keep the data secure while in transit across the net.
Now that I think about it, is there a VPN service I could use?
Just buy an SSL certificate, it's easier. :-)
Any other security things I should be aware of?
Not beyond the typical web application security guidelines that you could find elsewhere on Stackoverflow.
If you're going to sync to a system like Quickbooks, don't do it real-time, do it in a batch process that is resilient to things like her desktop being turned off, the crappy office internet (compared to a datacenter) being slow or down, etc.
This ^^^ is great advice, and is exactly how the Web Connector works.
If you need real-time, Quickbooks running on a desktop is NOT the way to go.
In fact, if you need real-time, QuickBooks period is not the way to go. QuickBooks is a great small to medium business accounting software... but is slow and not reliable enough for consistent real-time communication. With that said... what you're talking about does not require real-time communication, so this shouldn't bother you.
Batching the orders isn't a problem, but how would I make even a batch process resilient?
The PHP code uses a queue with a status, so you can track what got processed, what didn't, what you got back from QuickBooks as a response ("Added a customer successfully!" vs. "Ooops, failed to add a customer because ..."), what error messages QuickBooks threw, etc. and then react appropriately with your code, or manually.
You won't need cron - the Web Connector can be scheduled to run, and it'll relay all errors and a ton of other information back to you so that you can handle errors, send out warnings, build reports to show to people about what failed/succeeded, etc.
Our company currently offers free sub-domains for redirects to our customers. These are quite a popular feature, but unfortunately every time someone requests it, our staff must login to the Plesk panel and manually create this. It is only specifying the DNS name and an IP Address for the A-Record, but it would be great to be able to automate this in our Billing System for easy creation.
As I am not overly familiar with Plesk, does anyone know how I may be able to proceed with handling the creation of an A-Record in our Plesk install via PHP?
you can use the commandline interface or directly using the rpc api of plesk. see http://www.parallels.com/ptn/documentation/plesk/ for more information.
for commandline this seems simple enough:
http://download1.parallels.com/Plesk/PP10/10.1.1/Doc/en-US/online/plesk-unix-cli/37771.htm
As per my knowladge, Plesk is an interface for interacting and Managbe your web server settings. But It don't provide free api for doing stuff you have asked for.
You can use RPC API for the same. But that works using command prompt.
I am sure that would be bit complex to do.
Please forgive the novice-ness of this question if this is in fact a novice question, and maybe if it doesn't exist it could one day, but thank you for your time already. I'm just trying to learn how to access dynamic data for my website.
If these (command line accessible) services do exist, which I imagine is doubtful, I am looking for dynamic (externally stored) Finance & Economic data providers.
EDIT: Ah! Great.
- I run both mac osx lion and windows vista on separate computers. I like ruby on rails, and the startup I'm working with uses php so that's OK too. Other than that as far as verification processes go, honestly, I'm not that far yet. The data I'll be trying to access at first will likely be open source (free for academic purposes, etc) and come from Google or Bloomberg Open if that helps. Thanks already though
- Ruby on Rails runs extremely slow on Windows so I'll be using Mac for the most part.
EDIT: Are there any IDE's (or IDE plugins) which have the capability to do what Alexei is describing?
EDIT: I'll probably be trying to access Google Docs via a REST API for my starter app. But am still interested in trying to access it and any other REST source via the command line and/or an IDE!
The curl command takes a URL as its argument and issues an HTTP GET to get the resource at that address. If that HTTP request accesses a REST web service, then it displays the response from that service. You can of course build on this as your starting point.
REST/SOAP services are accessible by issueing HTTP requests. There are plenty of tools to do just that on all operating systems. Starting from telnet for barebone communication to scripting languages that provide parsed responses like Python/Ruby/JavaScript for most platforms, PowerShell scripting would be probably the best for Windows environment.
To get more specific recommendations you need to get more details in the question (OS, languages you like, authentication used by services...)
I just purchased an SSL certificate from my hosting provider, at the request of a bank I'll be doing Credit Card transactions with. As of yet, I'm not sure if I'll be sending my users to their site to do the transactions or if I'll just be sending CC information to their site to do the transactions. My confusion is in regards to coding a developing my system. I'm building a very simple photo purchasing website, so I've opted to design my own shopping cart system. At what point do I need to utilize the SSL? Is there some sort of PHP code I'll have to use to decrypt the data sent to me via POST? Do I need to utilize it at all, or is the work already done for me by simply having a certificate (as verified by the little lock that appears in Safari)?
Thanks!
You typically don't need to deal with the server certificate in the application logic. Just configure it into the web server; configure the application in the web server to use https.
How to do that is off-topic for StackOverflow (I'm still responding to confirm that you don't need to deal with it in PHP).