- see footer for list info -<
a small sacrifice of 5 minutes for a longterm time saving.
I'd combine it with the login then, like Adrian mentioned. On 7/19/06, Damien Gallagher <[EMAIL PROTECTED]> wrote:
>- see footer for list info -< Sounds like a neat idea... The only thing they probably won't be up for is being called up with a url variable and possibly having to go through that again if it's lost. Rich Wild wrote: >> - see footer for list info -< > > or write a wee function to set a never-expiring cookie when a certain > secret > url variable is present in the string. > > Phone them up, tell them the variable and url for this cookie setting > page. > > They visit it, they get a cookie dropped on their machine. > > Now kill the cookie setting function so no one else can ever trigger > it and > get that cookie. > > Only allow the order confirmation screen to be displayed if the cookie > exists. > > If they lose the cookie, allow the page again and get them to revisit to > reset the cookie. > > On 7/19/06, Damien Gallagher <[EMAIL PROTECTED]> wrote: > >> >> >- see footer for list info -< >> Hi all, >> >> I have a shop system that sends out orders to a shipping company. The >> shipping company need to access a webpage that contains a confirmation >> note that contains all the purchaser's shipping and order details. This >> webpage will be accessed via a link from an email. >> >> They feel it will be too annoying (process-wise) to have a >> username/password for this page and so the obvious problem is how do you >> stop jo public (or jo hacker) from accessing someone else's personal >> info? >> >> I was thinking about using a hash of certain parts of the order (eg. >> purchaser's email address/order number/time of order) in the query >> string to authenticate the user. Any comments on how secure this is? >> Could a bot attack this and come across a valid query string to access >> this data? >> >> Thanks, Damien >> _______________________________________________ >> >> For details on ALL mailing lists and for joining or leaving lists, go to >> http://list.cfdeveloper.co.uk/mailman/listinfo >> >> -- >> CFDeveloper Sponsors:- >> >- Hosting provided by www.cfmxhosting.co.uk -< >> >- Forum provided by www.fusetalk.com -< >> >- DHTML Menus provided by www.APYCOM.com -< >> >- Lists hosted by www.Gradwell.com -< >> >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help >> -< >> > _______________________________________________ > > For details on ALL mailing lists and for joining or leaving lists, go > to http://list.cfdeveloper.co.uk/mailman/listinfo > > -- > CFDeveloper Sponsors:- > >> - Hosting provided by www.cfmxhosting.co.uk -< >> - Forum provided by www.fusetalk.com -< >> - DHTML Menus provided by www.APYCOM.com -< >> - Lists hosted by www.Gradwell.com -< >> - CFdeveloper is run by Russ Michaels, feel free to volunteer your >> help -< > > > _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
_______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:-
- Hosting provided by www.cfmxhosting.co.uk -< - Forum provided by www.fusetalk.com -< - DHTML Menus provided by www.APYCOM.com -< - Lists hosted by www.Gradwell.com -< - CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
