Re: Anyone using Verisign's Payflow Link for payment processing?
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 35842
interpreted = N
texte = > John Butler wrote:> sure you can so this , no problem (if I understand right.) I am doing this> w/ another 3rd party service simmilar to what you just described. On the> other side of the transaction you can change the name of the var from 'cart'> to 'OrderID' or whatever you want.I may not have described what I wanted to do quite right. I want to pass[cart] to verisign as [user1] then on the return, past [user1] back into[cart]? Can I set the value of [cart] or is it always generated randomly?I'm going to want some information out of the cart, such as customer name,address, and email, plus info on the product that they bought. Can I get tothat info without having a [cart] value? Or will I need to park it in adifferent database then get it back based on the cart-based variable I getback from Verisign?Now that I think about what I just wrote, I guess those are two differentways of accomplishing the same results, aren't they?I'm still curious about whether I can put a value into [cart], though... > Only thing that may be a problem (I dont' know how well I appreciate your> situation) is that users can manipulate the URL both going and coming... I> mean a user could stop the processing, change the 'total' var to '1' dollar> and then hit return so the order goes on to verisign's cgi with that new> total the user just hacked. And on the return the user could change the> 'approved' value to success instead of failed in the URL even if the card> was invalid and verisign knew it.Verisign offers a Silent POST return in addtion to the URL POST. I assumethat could be used to get around that very problem (though I'm not exactlysure what a Silent POST is). The vague description I read as I skimmed theirdocs seemed to indicate that it would work that way.Thanks!Steve------------------------------------------------Steven JarvisWeb Developersjarvis@nwaonline.netMorning News of Northwest Arkansashttp://www.nwaonline.net-------------------------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
> John Butler wrote:> sure you can so this , no problem (if I understand right.) I am doing this> w/ another 3rd party service simmilar to what you just described. On the> other side of the transaction you can change the name of the var from 'cart'> to 'OrderID' or whatever you want.I may not have described what I wanted to do quite right. I want to pass[cart] to verisign as [user1] then on the return, past [user1] back into[cart]? Can I set the value of [cart] or is it always generated randomly?I'm going to want some information out of the cart, such as customer name,address, and email, plus info on the product that they bought. Can I get tothat info without having a [cart] value? Or will I need to park it in adifferent database then get it back based on the cart-based variable I getback from Verisign?Now that I think about what I just wrote, I guess those are two differentways of accomplishing the same results, aren't they?I'm still curious about whether I can put a value into [cart], though... > Only thing that may be a problem (I dont' know how well I appreciate your> situation) is that users can manipulate the URL both going and coming... I> mean a user could stop the processing, change the 'total' var to '1' dollar> and then hit return so the order goes on to verisign's cgi with that new> total the user just hacked. And on the return the user could change the> 'approved' value to success instead of failed in the URL even if the card> was invalid and verisign knew it.Verisign offers a Silent POST return in addtion to the URL POST. I assumethat could be used to get around that very problem (though I'm not exactlysure what a Silent POST is). The vague description I read as I skimmed theirdocs seemed to indicate that it would work that way.Thanks!Steve------------------------------------------------Steven JarvisWeb Developersjarvis@nwaonline.netMorning News of Northwest Arkansashttp://www.nwaonline.net-------------------------------------------------------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Steven Jarvis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Sendmail and textarea (1998)
[WebDNA] I got v7 running on 64-bit Ubuntu 11.04 ... (2012)
Error -108 (1997)
WC 2.0 frames feature (1997)
Customer - again (1998)
User that WebCatalog/Unix runs as (2000)
Looking for 24x7 ISP for WebCatalog (1998)
WC2b15 File Corruption (1997)
[WebDNA] Latest Windows Version (2010)
carriage returns in data (1997)
Extended [ConvertChars] (1997)
WebCatalog [FoundItems] Problem - AGAIN - (1997)
protect acting looney?? (2003)
[protect admin] (1997)
Tip for making barcharts (1997)
RAM variables (1997)
[shownext max=?] armed (1997)
Transferring [cart] to Database (1997)
Stinkin' [Referrer] (1998)
WebCat2b13MacPlugin - [math][date][/math] problem (1997)