On Tue, 19 Jun 2001, Tobias Talltorp wrote:
> I have a few questions regarding credit cards and the Payflo Pro function in
> PHP.
> Currently I only need to check that the creditcard is valid, no actual
> payment is needed right now.
>
> 1)
> How do I perform this check against Payflo Pro?
>
This should be covered in the PDF document which should come with your
developer's kit. But the quick answer is you run an authorization instead of a
sale, for a small amount (<=$1.00).
> 2)
> How and where should I save the credit card numbers? In a file outside the
> webroot that I can crypt, in a database that I can crypt (can MySQL do
> this)?
>
That's an implementation issue that depends on a lot of things. Two-way
encryption is nice, but it's more important to prevent the data, even
encrypted, from ever getting stolen. If you can afford it, I'd look into
storing them on a private database server which runs a minimal set of services
and is only accessible from specific machines. How you do the encryption is up
to you..mysql has some built in crypto functionality, but my guess is the
mcrypt extension in PHP will offer you far more flexibility.
> Thanks in advance,
> // Tobias Talltorp
>
>
>
--
John Donagher
Application Engineer
Intacct Corp. - Powerful Accounting on the Web
408-395-0989
720 University Ave.
Los Gatos CA 95032
www.intacct.com
Public key available off http://www.keyserver.net
Key fingerprint = 4024 DF50 56EE 19A3 258A D628 22DE AD56 EEBE 8DDD
