I'm writing a small CF application for a customer. The concept is quite simple. A visitor comes to the website and pays $10 via an internet CC payments company. The payment of $10 allows the customer to view a movie.
The implementation seems to have a flaw. The internet CC payment company provides a CGI which receives information via hidden input fields. The hidden fields contains details identifying who the payment is to be credited to, the amount and the URL to call if the transaction is completed succesfully. I've been wondering how to clever people from simply calling the sucessful transaction URL to view the movie, thereby bypassing the CC payment transaction. All of the ways I've though of for preventing people directly calling the succussful transaction URL have the problem that they are easy to work around. I'd appreciate peoples input on the best approaches to overcoming the problem using CF. Regards. Paul ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
