laziness, impatience, and hubris | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I agree with shotgunfx, validate the charge versus the price. i.e. use Digest::MD5 to create a hash with the price, the product description, and, if you can, a "secret" string known only to you/your server. Then, when you receive the token from your credit card processor, create the hash from their data and compare. If they don't match, then someone may have tampered with the charge amount, trying to get something for nothing.
Also, check out PerlShop, which is a Perl shopping cart, and take a look at their features and code for more ideas to add to your list. --
In reply to Re: shopping cart implementation
by hiseldl
|
|