Sorry, further note, if you're not happy with your server having to do that for every payment make the process asynchronous, have another batch process read your database and then do the http stuff for you. Setup a scheduled template or write a 'lil perl script to do it. Then say once there payment has been done they'll get an email. little perl daemon's nice for that, or tcl for that matter (insert fav scripting language here ;-)
At 18:15 27/01/2002 +1100, you wrote: >I'm writing a small CF application for a customer. The concept >is quite simple. A visitor comes to the website and pays $10 >via an internet CC payments company. The payment of $10 allows >the customer to view a movie. > >The implementation seems to have a flaw. The internet CC payment >company provides a CGI which receives information via hidden >input fields. The hidden fields contains details identifying >who the payment is to be credited to, the amount and the >URL to call if the transaction is completed succesfully. > >I've been wondering how to clever people from simply calling >the sucessful transaction URL to view the movie, thereby >bypassing the CC payment transaction. > >All of the ways I've though of for preventing people directly >calling the succussful transaction URL have the problem that >they are easy to work around. > >I'd appreciate peoples input on the best approaches to >overcoming the problem using CF. > >Regards. Paul > > ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
