× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



You can also try http://www.scottklement.com. Lots of great info there.




"Haas, Matt (CL Tech Sv)" <matt.haas@xxxxxxxxxxx>
Sent by: web400-bounces@xxxxxxxxxxxx
03/19/2008 04:29 PM
Please respond to
Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>


To
Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>
cc

Subject
Re: [WEB400] hidden form fields or server side code






Do a search in either the archives (this list or RPG-400) or Google.

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On
Behalf Of Larry Kleinman
Sent: Wednesday, March 19, 2008 5:17 PM
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] hidden form fields or server side code


where can i find this?


Larry Kleinman
Kleinman Associates, Inc.
212-949-6469
203-255-4100



"Haas, Matt (CL
Tech Sv)"
<matt.haas@cengag To
e.com> Web Enabling the AS400 / iSeries
Sent by: <web400@xxxxxxxxxxxx>
web400-bounces@mi cc
drange.com
Subject
Re: [WEB400] hidden form fields or
03/19/2008 04:22 server side code
PM


Please respond to
Web Enabling the
AS400 / iSeries
<web400@midrange.
com>






Larry,

Have a look at Scott Klement's HTTPAPI. It can take care of the POST
behind
the scenes. Basically, you will need to write a program that uses HTTPAPI
to
talk to the bank's server (there is likely an example that is close to
what
you want). Once the code is written, you'll just call that from Net.Data.

Matt

-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx] On
Behalf Of Larry Kleinman
Sent: Wednesday, March 19, 2008 3:18 PM
To: Web Enabling the AS400 / iSeries
Subject: [WEB400] hidden form fields or server side code


We are using Net.Data to develop an e-commerce website and have hit the
following problem:

The "buy" button on the shopping cart page links to a secure site (HTTPS)
provided by our bank that asks for credit card info, then charges the
customer and credits our account. The bank software requires that we pass
it our log on info (user and password provided by them) and their manual
shows examples of putting this into a hidden form field in HTML and then
POSTing it to the bank's site. The problem is that this info is visible
to
anyone who displays the source of the shopping cart page in their browser.
The bank's manual says:

"Although our simple examples in the document show this as a method for
passing data to Virtual Merchant, we do not recommend this for your
production Website. All sensitive merchant data, including transaction
amount and your Virtual Merchant credentials, should be placed in
server
side code, rather than of just hidden value fields on an HTML form"

How do I do that?

Larry Kleinman
Kleinman Associates, Inc.
212-949-6469
203-255-4100
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.


--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.