Hmmmm.... Apologies for the long email. I have experienced a very strange CFmail problem, and I'm not entirely sure if it's not someone messing with me.
Basically, I have some code that sends an email to a box office, with the details of a ticket request, the individuals name and address and a UUID. The credit card details are stored in a db along with the UUID, and then downloaded and deleted by the box office. Yesterday, they claim to have received an email with credit card details in. This shouldn't happen. There are NO cc details in the cfmail code, and the details they say were added to the mail were in the format only found when they are downloaded securly. Maybe it would help if I showed some code. This is the CFMAIL tag: <!--- send a mail ---> <cfmail from="********@******.com" to="********@*******.com" subject="A request for tickets"> Hello, The following request for tickets has been received: <cfif Form.event1 IS NOT "default"> 1st Preference -------------- Performance: #DateFormat(getperf1.ticket_date, "dd mmmm")# - #getperf1.production# No. of Tickets: #Form.no_of_tickets1# Preferred Seating Area: #Form.pref_seating1# Alternative Seating Area: #Form.alt_seating1# Preferred Price: #Form.pref_price1# Alternative Price: #Form.alt_price1# </cfif> <cfif Form.event2 IS NOT "default"> 2nd Preference -------------- Performance: #DateFormat(getperf2.ticket_date, "dd mmmm")# - #getperf2.production# No. of Tickets: #Form.no_of_tickets2# Preferred Seating Area: #Form.pref_seating2# Alternative Seating Area: #Form.alt_seating2# Preferred Price: #Form.pref_price2# Alternative Price: #Form.alt_price2# </cfif> <cfif Form.event3 IS NOT "default"> 3rd Preference -------------- Performance: #DateFormat(getperf3.ticket_date, "dd mmmm")# - #getperf3.production# No. of Tickets: #Form.no_of_tickets3# Preferred Seating Area: #Form.pref_seating3# Alternative Seating Area: #Form.alt_seating3# Preferred Price: #Form.pref_price3# Alternative Price: #Form.alt_price3# </cfif> Order Received From ------------------- Card Holder's Name: #Form.Card_holder_name# Card Holder's Address: #Form.Delivery_street1#, #Form.Delivery_street2# Card Holder's Town: #Form.Delivery_town# Card Holder's County: #Form.Delivery_county# Card Holder's Country: #Form.Delivery_country# Card Holder's Postcode: #Form.Delivery_postcode# Card Holder's Tel. No.: #Form.Delivery_telno# Card Holder's Fax No.: #Form.Delivery_faxno# Card Holder's Email: #Form.Delivery_email# This Transaction has been given the unique transaction ID: #id# You can find the cards details for this transaction in the secure database at: https://**********.***/****** The unique transaction ID above will be stored along with the credit card details. Thank you </cfmail> Simple right? Wrong. This is the email they say they recieved. Note that the cc number does not refer to this order, but another one: Transaction No: 607 Unique ID: 003DFCCB-0CF1-4A9E-AF814B69C7004489 Card Number: ***************** Card Type: Visa Expiry Date Month: 01/03 Amount: �100.00 ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
