|
|
Posted by Paul Furman on 03/01/07 23:43
C. wrote:
>> Paul Furman wrote:
>>
>>>I'm setting up credit card payment through authorize.net and they have
>>>the option to send a POST string back to my site once complete. I'm not
>>>sure how to proceed. They don't have much to read about this, their tech
>>>support seemed to think I've got the general idea though & said I might
>>>have have my hosting server set up permissions to recieve POST data that
>>>way.
>
> I can't imagine why a hosting company would not allow POST by default.
> Why not test it for yourself - just write a form with a POST method
> and fire it at your PHP script.
>
>>>So best I figure I'm going to get a redirect to my server And I'm
>>>guessing I'd use something like this:
>>
>>>if (isset($_REQUEST['x_response_code'])) {
>>>//then finalize the order, subtract from inventory
>>>// and generate a reciept
>
> No, you need to validate the origin of the request. How do you know
> this came from the CC handler? You should also be checking that its
> '1' and not anything else. Also you might avoid some CSRF by checking
> $_POST instead of $_REQUEST.
Yep, that was just the first step.
>>>And I'm not so comfortable with the idea of setting up a page on my site
>>>that lets any external server send POST data & retrieve customer's order
>>>details.
>
> That's exactly right - you don't want to let ANY server see an order.
> You valid the remote host as the CC handler and tie the request back
> to a session that the customer initiated. You make hard to predict the
> token used to identify the order.
I got it working (test mode so far) and really all it does is gather the
response code. The user & shopping cart info is already stored in
cookies so the script knows who's cart to confirm. I think I'm alright,
that's why I'm letting the CC server handle all the sensitive info. If
someone could hack into my system's login, they could get names &
addresses but not credit card numbers. Worst case is maybe they screw up
our inventory numbers but there's no money to be had on our server.
Well, I need to look at the fingerprint hash script, theoretically that
stuff could be used to hack the CC server. They suggest setting
permissions on the password data file to only respond to my script
though I'm not sure how to do that.
[Back to original message]
|