perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Michel Hiver <jhi...@mkdoc.com>
Subject Re: HTTP headers - what is wrong
Date Fri, 30 Jul 2004 09:56:31 GMT
Chris Faust wrote:

>What would you suggest for a situation where a user is entering in their
>credit card information, using their back button and submitting again and
>then complaining about a double charge?
>
I would suggest that you need to create some kind of transaction ticket. 
For example, (timestamp + 50 bytes random string so that it's hard to 
guess). When the user does the transaction, the transaction ticket 
changes from state 'pending' to state 'accepted' or something.

Then when the user clicks 'submit' again you know that you must not 
process the credit card again since the state has become 'accepted'. 
This way you don't need to break standard browser functionality...

Does this make sense?

Cheers,
Jean-Michel.


-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html


Mime
View raw message