Form postingThis is a discussion on Form posting within the Inetserver forums in Microsoft Tools category; Jezza wrote on Fri, 09 May 2008 10:20:45 +0100: > Captain Paralytic wrote: >> On 28 Apr, 23:35, Jezza <jezza @ s_p_a_m.jonoo.demon.co.uk> wrote: >>> roger wrote: >>>> "Jezza" <jezza @ s_p_a_m.jonoo.demon.co.uk> wrote in message >>>> news:fv4olt$h2o$1$8300dec7 @ news.demon.co.uk... >>>>> Hi >>>>> I am new to ASP and would like to know whether this is the right >>>>> forum to post to. If not please advise what would the best group >>>>> to post to. >>>>> My problem is a mailing asp file when it loads up in the browser >>>>> the page is blank. There are no error messages. >>>>> ... | ||||||||
| | ||||||||
| ||||||||
| Register | FAQ | Calendar | Search | Today's Posts | Mark Forums Read |
|
#11
05-09-2008, 09:42 AM
| |||
| |||
 Re: Form posting Jezza wrote on Fri, 09 May 2008 10:20:45 +0100: > Captain Paralytic wrote: >> On 28 Apr, 23:35, Jezza <jezza@s_p_a_m.jonoo.demon.co.uk> wrote: >>> roger wrote: >>>> "Jezza" <jezza@s_p_a_m.jonoo.demon.co.uk> wrote in message >>>> news:fv4olt$h2o$1$8300dec7@news.demon.co.uk... >>>>> Hi >>>>> I am new to ASP and would like to know whether this is the right >>>>> forum to post to. If not please advise what would the best group >>>>> to post to. >>>>> My problem is a mailing asp file when it loads up in the browser >>>>> the page is blank. There are no error messages. >>>>> 1) I fill in a form with my details - OK >>>>> 2) This then passes me on to another form to fill in my payment >>>>> details on a secure server. - OK >>>>> 3) This is then supposed to pass the payment details on to an ASP >>>>> script but when this ASP script is loaded, the page is blank where >>>>> I'd be expecting a thank-you message or an error message saying >>>>> I'd not completed the form correctly...any help gratefully >>>>> received. >>>>> Regards >>>>> Jeremy script: >>>>> <% >>>>> On Error resume Next >>>> If you comment or delete the above line, perhaps you will see what >>>> the problem is. >>>> You are sending credit card details in an email? >>> Yes, but this is going through a secure server..... >> But none of the places the email will travel through will be! > Surely if the details are "emailed" via a secure server to Paypal via > their payments system (and nowhere else) then this data is safe? Or am > I just kidding myself? > Thanks for your reply! > Regards > Jeremy Why are you emailing to Paypal? Why aren't you using their API? For that matter, why are you even taking card details if you're accepting Paypal payments, why not just let Paypal do all the work? By creating an email you are opening up the details to a potential risk. By taking card details you need to be following the PCI DSS which requires you to ensure card details are secured, and by creating plain text emails you are breaking that requirement. It doesn't matter if you think it's secure because it's going from one server to another, any system along the route between the sending and receiving SMTP servers (and more if it gets routed to a backup mail server elsewhere) has the potential to get at that data. -- Dan  |
|
#12
05-20-2008, 06:03 PM
| |||
| |||
| Re: Form posting Daniel Crichton wrote: > Jezza wrote on Fri, 09 May 2008 10:20:45 +0100: > >> Captain Paralytic wrote: > >> On 28 Apr, 23:35, Jezza <jezza@s_p_a_m.jonoo.demon.co.uk> wrote: > >>> roger wrote: > >>>> "Jezza" <jezza@s_p_a_m.jonoo.demon.co.uk> wrote in message > >>>> news:fv4olt$h2o$1$8300dec7@news.demon.co.uk... > >>>>> Hi > >>>>> I am new to ASP and would like to know whether this is the right > >>>>> forum to post to. If not please advise what would the best group > >>>>> to post to. > >>>>> My problem is a mailing asp file when it loads up in the browser > >>>>> the page is blank. There are no error messages. > >>>>> 1) I fill in a form with my details - OK > >>>>> 2) This then passes me on to another form to fill in my payment > >>>>> details on a secure server. - OK > >>>>> 3) This is then supposed to pass the payment details on to an ASP > >>>>> script but when this ASP script is loaded, the page is blank where > >>>>> I'd be expecting a thank-you message or an error message saying > >>>>> I'd not completed the form correctly...any help gratefully > >>>>> received. > >>>>> Regards > >>>>> Jeremy script: > >>>>> <% > >>>>> On Error resume Next > >>>> If you comment or delete the above line, perhaps you will see what > >>>> the problem is. > >>>> You are sending credit card details in an email? > >>> Yes, but this is going through a secure server..... > > >> But none of the places the email will travel through will be! > >> Surely if the details are "emailed" via a secure server to Paypal via >> their payments system (and nowhere else) then this data is safe? Or am >> I just kidding myself? > >> Thanks for your reply! > >> Regards >> Jeremy > > Why are you emailing to Paypal? Why aren't you using their API? For that > matter, why are you even taking card details if you're accepting Paypal > payments, why not just let Paypal do all the work? > > By creating an email you are opening up the details to a potential risk. By > taking card details you need to be following the PCI DSS which requires you > to ensure card details are secured, and by creating plain text emails you > are breaking that requirement. It doesn't matter if you think it's secure > because it's going from one server to another, any system along the route > between the sending and receiving SMTP servers (and more if it gets routed > to a backup mail server elsewhere) has the potential to get at that data. > Hi....thanks for your input..appreciated!!!!!... this is a site that I'd taken over from another company and was hoping to fix the current submit form. I have taken on board what you have said & will be using the Paypal API instead as it is safer and less hassle to get working correctly.....thanks a lot Rgds Jeremy |
 |
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
All times are GMT -5. The time now is 03:37 PM.
