Ok, session it is ;)
thanks From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Shuck Sent: Friday, March 30, 2007 9:45 AM To: Dallas/Fort Worth ColdFusion User Group Mailing List Subject: Re: [DFW CFUG] shopping cart security issues Where are you storing client variables? For instance, if you are storing them in the DB you can see them in plain text. I am not 100% certain, but I think the value is stored as plain text when you store them as cookies too. Is there any particular reason you can't use the session scope? If you need to use client variables, you could always encrypt/decrypt them as you need them. ~Dave On 3/30/07, Kevin <[EMAIL PROTECTED]> wrote: Are there any security issues with storing the credit card information in a client variable while moving through the order process? Thanks! Kevin _______________________________________________ Reply to DFWCFUG: [email protected] Subscribe/Unsubscribe: http://lists1.safesecureweb.com/mailman/listinfo/list List Archives: http://www.mail-archive.com/list%40list.dfwcfug.org/ http://www.mail-archive.com/list%40dfwcfug.org/ <http://www.mail-archive.com/list%40dfwcfug.org/> DFWCFUG Sponsors: www.instantspot.com/ www.teksystems.com/ <http://www.teksystems.com/> -- ~Dave Shuck [EMAIL PROTECTED] www.daveshuck.com Where's your Spot? www.instantspot.com
_______________________________________________ Reply to DFWCFUG: [email protected] Subscribe/Unsubscribe: http://lists1.safesecureweb.com/mailman/listinfo/list List Archives: http://www.mail-archive.com/list%40list.dfwcfug.org/ http://www.mail-archive.com/list%40dfwcfug.org/ DFWCFUG Sponsors: www.instantspot.com/ www.teksystems.com/
