[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: [mv] Keepin it on the server.
****** message to minivend-users from "Christopher P. Lindsey" <lindsey@mallorn.com> ******
> > Is it possible for me to set it up so that orders are not emailed
> > whatsoever, but instead put into a database or something to be picked up
> > on the secure server by the owner of the store? I really do not like the
> > E-mailing of any part of the order.
> >
> > I know that you can pgp encode the email, but I would rather have the
> > store owner come pick up their orders from the SSL server.
>
> We write ou orders into the database on the report page, you could then
> redirect the mail program to /dev/null if you wanted. Though I would suggest
> You have it instead write a simple message stating that and order was received
> at time X, and to check your order database.
This is what I do as well... Clients are given two passwords -- one is
a basic Kerberos password used for FTP and as an authentication scheme
for Web-based administration of their database, and the other is a
pass phrase used to unencrypt locally stored passwords.
So when an order is placed, an email is sent to our client telling them to
go to a certain Web page. The order is also placed into an SQL database
with encrypted credit card information.
Once our client visits the page, they must authenticate via their regular
password to see the order, or also type in their pass phrase to un-PGP
the credit card number. This is, of course, running on a secure server.
Even though I try to stay abreast of security issues, I know that anyone
who really wants to get into a server can. I refuse to store unencrypted
passwords or credit card information anywhere in the ordering process --
it's just not responsible.
Chris
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
