> (Though, it's always seemed to me that it might be a decent > design to have *one* vhost dedicated to accepting payments
> > for the other vhosts... so when the user is ready to close > the deal they get kicked to "payment.super_secure.com" where > they're asked for the credit card info to finish > processing). i have seen it done this way before. just got to make sure you can identify the client since you will not get back a cookie for your vhost. you will probably have to reset the cookie for the domain of your isp, or pass as hidden data, or in the url. http://www.mydomain.com/buystuffnow.html https://www.isp.com/~mydomain.com/paymenow.html?sessionID=xyz987123456 -- ___cliff [EMAIL PROTECTED]http://www.genwax.com/