|
We are using Net.Data to develop an e-commerce website and have hit the
following problem:
The "buy" button on the shopping cart page links to a secure site (HTTPS)
provided by our bank that asks for credit card info, then charges the
customer and credits our account. The bank software requires that we pass
it our log on info (user and password provided by them) and their manual
shows examples of putting this into a hidden form field in HTML and then
POSTing it to the bank's site. The problem is that this info is visible to
anyone who displays the source of the shopping cart page in their browser.
The bank's manual says:
"Although our simple examples in the document show this as a method for
passing data to Virtual Merchant, we do not recommend this for your
production Website. All sensitive merchant data, including transaction
amount and your Virtual Merchant credentials, should be placed in server
side code, rather than of just hidden value fields on an HTML form"
How do I do that?
Larry Kleinman
Kleinman Associates, Inc.
212-949-6469
203-255-4100
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.