On 4/9/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Thanks a lot every one. These are great replies.
I guess I should have explained a bit more about what I'm doing.
first of all, this is not my site, it's for a client of mine.
second, I did suggest using a paypal API or a paid site to take
At 8:05 AM -0400 4/10/07, Eric Butera wrote:
Did you know sessions are just plain text files sitting on the
webserver in most cases? So by putting a credit card in the session
it is actually just cleartext for people to read.
Yes, all files reside somewhere.
Session files reside on the
[EMAIL PROTECTED] wrote:
Thanks a lot every one. These are great replies.
I guess I should have explained a bit more about what I'm doing.
first of all, this is not my site, it's for a client of mine.
second, I did suggest using a paypal API or a paid site to take care of this,
but my client
[EMAIL PROTECTED] wrote:
Thanks a lot every one. These are great replies.
I guess I should have explained a bit more about what I'm doing.
first of all, this is not my site, it's for a client of mine.
probably irrelevant from a legal pooint of view.
second, I did suggest using a paypal
Em Segunda 09 Abril 2007 01:12, [EMAIL PROTECTED] escreveu:
Thanks a lot every one. These are great replies.
You're welcome! ^^
I guess I should have explained a bit more about what I'm doing.
first of all, this is not my site, it's for a client of mine.
Things going to be better... =]
Em Domingo 08 Abril 2007 15:26, [EMAIL PROTECTED] escreveu:
Hi All,
I've got quite a bit or php experience, but I've never had to deal with
credit card info before. Now for a property rental site, I'm adding a way
for users to be able to fill out a form which also has some credit card
info
Check the local legislation regarding keeping such sensitive information.
Many countries do have strict requirements for handling credit card info.
Your bank might help you find what the rules are.
Satyam
- Original Message -
From: [EMAIL PROTECTED]
To: php-general@lists.php.net
Ave. S.
Nampa, ID 83651
208-498-1666 (voice)
208-498-1667 (fax)
[EMAIL PROTECTED]
-Original Message-
From: Satyam [mailto:[EMAIL PROTECTED]
Sent: Sunday, April 08, 2007 3:25 PM
To: [EMAIL PROTECTED]; php-general@lists.php.net
Subject: Re: [PHP] keeping credit card info in session
Check
unless you are a payment gateway or a bank don't touch credit card numbers.
there are plenty of threads in the archive of this list that give good reasons
not to e.g. being sued out of existence.
get a payment provider and let them handle the transaction automatically,
the site admin could be
] keeping credit card info in session
Its not the country rules to worry about, it is Visa and MasterCard who
will
come down hard on you with $$ penalties if you don't maintain cardholder
security correctly.
http://usa.visa.com/merchants/risk_management/cisp.html?ep=v_sym_cisp
Dan
--
Dan
Em Domingo 08 Abril 2007 18:37, Jochem Maas escreveu:
unless you are a payment gateway or a bank don't touch credit card numbers.
there are plenty of threads in the archive of this list that give good
reasons not to e.g. being sued out of existence.
get a payment provider and let them handle
Davi wrote:
Em Domingo 08 Abril 2007 18:37, Jochem Maas escreveu:
unless you are a payment gateway or a bank don't touch credit card numbers.
there are plenty of threads in the archive of this list that give good
reasons not to e.g. being sued out of existence.
get a payment provider and let
Em Domingo 08 Abril 2007 18:54, Jochem Maas escreveu:
So... What about PayPal or another similar service?? =]
well:
a, your not paypal or F2B.
b, they are both payment providers.
Sorry... I didn't understand! =x
[]s
--
Davi Vidal
[EMAIL PROTECTED]
[EMAIL PROTECTED]
--
Agora com
Jochem Maas wrote:
unless you are a payment gateway or a bank don't touch credit card numbers.
there are plenty of threads in the archive of this list that give good reasons
not to e.g. being sued out of existence.
100% agreed. Never touch credit card numbers. You can't just take
credit
Thanks a lot every one. These are great replies.
I guess I should have explained a bit more about what I'm doing.
first of all, this is not my site, it's for a client of mine.
second, I did suggest using a paypal API or a paid site to take care of this,
but my client said no. She has a credit
15 matches
Mail list logo