TreasureChest : the security aspect

Hi,

I’m looking for ideas and scripts to increase the security level of TreasureChest.

Firstly, as the seller email address is not encrypted and can be read from the basket source code, I’m looking for some Javascript code to encrypt a string and decrypt it on the fly. This is to limit spam.

At least the decryption code should be under GPL, LGPL or equivalent license so that it can be distributed together with TreasureChest’s next releases.

The encryption task could be done in batch mode or dynamically in PHP since the treasurechest.class.php outputs the seller email.

EDIT:
Concerning the email encoding question, I found some script working fine and with a license that allows redistribution.
This will come together with the next version of TreasureChest that I plan to release soon.
// --- End of edition ---

(...)

Julien

P.S: This concerns certificates and could maybe help, but the code is not under the GPL:
http://www.stellarwebsolutions.com/en/articles/paypal_button_encryption_php.php

I’m still interested by all techniques and scripts that could increase TreasureChest’s security level.

The tools used to increase security should be open source and come with a license permitting distribution together with TreasureChest.

I found several techniques and I’m working on this.
I’m still interested to share experience with other developpers making this kind of work for other cart systems.

hey, cool.

let the world know your progress if any as it’s very important issue

cheers!