Re: [PHP] secure form handling
I think you mean that you want to display the total as text but have the total on the form hidden so they can't edit it (and give themselves a discount), you can use a hidden form field, sessions or cookies. input type=hidden value= name=total Paul Roberts [EMAIL PROTECTED] - Original Message - From: wm [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, February 07, 2002 1:36 AM Subject: [PHP] secure form handling hi, i'm fairly new to this. what i want to do is use a form so the user can specify a few different choices of things they want to buy. maybe a few radio buttons with dollar amounts and then possibly a couple of quantity fields for items. this can then be passed to a script and total added up etc. and the user can input their billing data. what i don't want is for the user to be able to see the amount of the transaction in the source code in a hidden field. how do i hide this data while still passing it to the credit card script along with all the other info? thanks. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] secure form handling
On Wed, 2002-02-06 at 17:36, wm wrote: hi, i'm fairly new to this. what i want to do is use a form so the user can specify a few different choices of things they want to buy. maybe a few radio buttons with dollar amounts and then possibly a couple of quantity fields for items. this can then be passed to a script and total added up etc. and the user can input their billing data. what i don't want is for the user to be able to see the amount of the transaction in the source code in a hidden field. how do i hide this data while still passing it to the credit card script along with all the other info? thanks. Sorry, perhaps I've misunderstood. You would like to charge a customer's card without the customer knowing how much you're charging them? -- Torben Wilson [EMAIL PROTECTED] http://www.thebuttlesschaps.com http://www.hybrid17.com http://www.inflatableeye.com +1.604.709.0506 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] secure form handling
sorry lars. i accidentally just emailed you back instead of posting this. i want the user to be able to see the amount being charged on the screen, but not to be able to view it in a hidden field in the source code. most shopping cart applications are like this. ?? Lars Torben Wilson wrote: On Wed, 2002-02-06 at 17:36, wm wrote: hi, i'm fairly new to this. what i want to do is use a form so the user can specify a few different choices of things they want to buy. maybe a few radio buttons with dollar amounts and then possibly a couple of quantity fields for items. this can then be passed to a script and total added up etc. and the user can input their billing data. what i don't want is for the user to be able to see the amount of the transaction in the source code in a hidden field. how do i hide this data while still passing it to the credit card script along with all the other info? thanks. Sorry, perhaps I've misunderstood. You would like to charge a customer's card without the customer knowing how much you're charging them? -- Torben Wilson [EMAIL PROTECTED] http://www.thebuttlesschaps.com http://www.hybrid17.com http://www.inflatableeye.com +1.604.709.0506 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] secure form handling
In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Obo) wrote: Sorry, perhaps I've misunderstood. You would like to charge a customer's card without the customer knowing how much you're charging them? i want the user to be able to see the amount being charged on the screen, but not to be able to view it in a hidden field in the source code. most shopping cart applications are like this. What would be the point of that? If they can see it onscreen anyway (as they should), why hide it in the source? Could you point out some URLs where there are shopping carts like this? -- CC -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] secure form handling
amazon.com vitaminworld Cc Zona wrote: In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Obo) wrote: Sorry, perhaps I've misunderstood. You would like to charge a customer's card without the customer knowing how much you're charging them? i want the user to be able to see the amount being charged on the screen, but not to be able to view it in a hidden field in the source code. most shopping cart applications are like this. What would be the point of that? If they can see it onscreen anyway (as they should), why hide it in the source? Could you point out some URLs where there are shopping carts like this? -- CC -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] secure form handling
On Wed, 2002-02-06 at 19:35, obo wrote: sorry lars. i accidentally just emailed you back instead of posting this. i want the user to be able to see the amount being charged on the screen, but not to be able to view it in a hidden field in the source code. most shopping cart applications are like this. ?? I cannot think of why this would be useful--in fact, if you're having to chase the same value around in two or more places, you could have a problem keeping them synced--but hey. :) You could always just store it in a session variable, which I believe is the way it's normally done. Torben Lars Torben Wilson wrote: On Wed, 2002-02-06 at 17:36, wm wrote: hi, i'm fairly new to this. what i want to do is use a form so the user can specify a few different choices of things they want to buy. maybe a few radio buttons with dollar amounts and then possibly a couple of quantity fields for items. this can then be passed to a script and total added up etc. and the user can input their billing data. what i don't want is for the user to be able to see the amount of the transaction in the source code in a hidden field. how do i hide this data while still passing it to the credit card script along with all the other info? thanks. Sorry, perhaps I've misunderstood. You would like to charge a customer's card without the customer knowing how much you're charging them? -- Torben Wilson [EMAIL PROTECTED] http://www.thebuttlesschaps.com http://www.hybrid17.com http://www.inflatableeye.com +1.604.709.0506 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Torben Wilson [EMAIL PROTECTED] http://www.thebuttlesschaps.com http://www.hybrid17.com http://www.inflatableeye.com +1.604.709.0506 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] secure form handling
In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Wm) wrote: Cc Zona wrote: In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Obo) wrote: Sorry, perhaps I've misunderstood. You would like to charge a customer's card without the customer knowing how much you're charging them? i want the user to be able to see the amount being charged on the screen, but not to be able to view it in a hidden field in the source code. most shopping cart applications are like this. What would be the point of that? If they can see it onscreen anyway (as they should), why hide it in the source? Could you point out some URLs where there are shopping carts like this? amazon.com vitaminworld Many shopping carts track persistent data (including running totals) via cookies. If you just want to know *how* to do what they do, the short answer is cookies http://php.net/sessions http://php.net/set-cookie. But I doubt any of them are doing so with the *intent* to prevent onscreen data from being viewable in the source. -- CC -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php