> -----Original Message-----
> From: Ken M. Mevand [mailto:[EMAIL PROTECTED]]
> Subject: Re: Storing Credit Card info in Session variable
>
[snip]
>
> so is it true that even with SSL, its no guarantee that someone else may
hit
> upon the same CFID and CFTOKEN and the web server will not be able to tell
> that it is a different person?
While it's not 100% (2 people on your site accessing the net through the
same proxy),
you could use their IP address (which should remain constant for the
session) as a way of
helping to keep people straight.
Lon Lentz
Applications Developer - GetLists.Com
DataWarehousing and List Sales - Market your lists on the Net!
[EMAIL PROTECTED]
941-541-9000 Ext. 210
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
