great tips. thanks guys. After thinking more about IPN, I think it could work for the site. I could lock the items for ten-fifteen minutes.
I would have to check to see if I should unlock items every minute or so. Our host only lets you run scheduled tasks every hour at the most. I was thinking about running the unlocking check in Application.cfm, which would run it instantly pretty much. I would have to keep the first query quick for performance, nest the other required steps in a cfif based upon the first query recordcount. Definitely use a stored procedure for performance. Of course, the other issue is handling a paypal purchase that is completed after the lockout has expired. At that point, we have charged the customer, and the item may have been sold to someone else. I would have to verify the items from the order are still available. Is it possible to automatically refund a purchase via ipn? I could do that and send the customer an email telling them the order they placed is void. Any thoughts? On Mon, Mar 8, 2010 at 12:30 PM, Justin Scott <[email protected]>wrote: > > > What would be the best way to establish/build trust? > > If you're taking credit cards directly you should be getting a regular > security scan of your web site through an authorized vulnerability scanning > service such as McAfee Secure or Security Metrics. These services usually > offer a "secure logo" which shows that your site has passed their security > scan which can help with customer confidence as well. > > > -Justin > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:313062 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-community/unsubscribe.cfm
