Re: Re: shopping cart implementation

DO NOT use form fields for price.

Incidentally, this is my favorite web security bug. I am amazed by how many people have done this. I'll take two new PCs for $3.00 please.

Comment on Re: Re: shopping cart implementation

Replies are listed 'Best First'.
Re: Re: Re: shopping cart implementation by shotgunefx (Parson) on Sep 16, 2002 at 19:56 UTC
I must confess, I once HAD to do this to interface to a third party service, no other way. I did however validate it before they could finish the check out and when orders were imported. Suprisingly, no one even attempted it. (This is not downplaying the danger! It only takes a couple HDTV flat panels and your ****ED.) -Lee "To be civilized is to deny one's nature."	[reply]