[thelist] Specific Ecommerce Requirements

Hershel Robinson hershel at galleryrobinson.com
Wed Jun 28 07:27:53 CDT 2006

> And they shouldn't.  You don't keep people's CC
> numbers any longer than is absolutely necessary
> (unless you want to comply with the processors'
> data security reqs [tip: you don't] and/or get
> ejected by your card company).
> At the very least make damned sure you both
> deliver the checkout form, *and* receive it, over
> SSL.

Many eshops indeed store CC details. x-cart has such a feature--it 
stores the CC details in full in the DB. Zencart also has a feature to 
store 8 digits in the DB and send 8 digits via email. Amazon.com also 
stores my credit card, in full. Multiple cards in fact.  :)

> There's code in some of the Drupal payment modules
> (you'll want to copy one and edit it for your
> own rather weird requirement) to switch protocols
> at the right moment.  My own Linkpoint_API one
> does it but isn't converted to 4.7 yet;
> Authorize_net does it too and may be worth a look.

Great. Thanks. :)


Gallery Robinson Web Services

More information about the thelist mailing list