Don't ask to ask, just ask | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Could you expand on how you are storing the keys?
Is there only one key for all of the the users? If you create a new key each time a user submits a CC# then you can store the key in the final submit form in a hidden field. Now you can only decypt the CC# that is in the database when the final form is submitted. As for the database entry I would have an order AND a cancel button on the web page, so that the user can delete the CC# from the database if they want. You should also expire (delete) the CC# in the database after some (relativly short) amount of time.
-- gam3 A picture is worth a thousand words, but takes 200K. In reply to Re: Storing credit card numbers temporarily (OT)
by gam3
|
|