Quickie: You can use .htaccess to prevent direct linking to your movie by using the RewriteCond to check the referrer. If it's not in your domain, you can use a RewriteRule to send them somewhere else.
This works for apache, but keep in mind that the referrer is not always dependable. -- B At 04:26 PM 1/27/2002 +0000, you wrote: >Sorry, further note, if you're not happy with your server having to do that >for every payment >make the process asynchronous, have another batch process read your database >and then do the http stuff for you. Setup a scheduled template or write a >'lil perl script to do it. Then say once there payment has been done >they'll get an email. >little perl daemon's nice for that, or tcl for that matter (insert fav >scripting language here ;-) > > >At 18:15 27/01/2002 +1100, you wrote: > >I'm writing a small CF application for a customer. The concept > >is quite simple. A visitor comes to the website and pays $10 > >via an internet CC payments company. The payment of $10 allows > >the customer to view a movie. > > > >The implementation seems to have a flaw. The internet CC payment > >company provides a CGI which receives information via hidden > >input fields. The hidden fields contains details identifying > >who the payment is to be credited to, the amount and the > >URL to call if the transaction is completed succesfully. > > > >I've been wondering how to clever people from simply calling > >the sucessful transaction URL to view the movie, thereby > >bypassing the CC payment transaction. > > > >All of the ways I've though of for preventing people directly > >calling the succussful transaction URL have the problem that > >they are easy to work around. > > > >I'd appreciate peoples input on the best approaches to > >overcoming the problem using CF. > > > >Regards. Paul > > > > > ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
