Robert Cummings wrote: > On Wed, 2007-03-07 at 10:39 -0500, Dan Shirah wrote: >> then return to the same screen with the credit card >> information still populated > > You should treat credit card information like a hot potato... get rid of > it as soon as possible. What happens if Johnny Forgetful forgets to log > out of his session on a public computer? Then Jenny Fastfingers jumps on > and notices the open session? Voila, Jenny Fastfingers just got Johnny > Forgetful's credit information. and don't forget the all the Bob Shitesters that'll sue you for every penny you'll ever have at the slightest opportunity regardless of what you try/do/intend, best not accept CC numbers or any of that jazz at all. > > Cheers, > Rob. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php