security question

gl330kgl330k Member
in General edited February 2008

I'm testing out a new store so i haven't been totally through checkout process. But I'm wondering what safety measure is in place so that someone doesn't make their own html page with a form that submits a category tied to a discount? Thus someone could figure out discounts and apply to any product they wanted from a particular store. Right?

  • brettbrett FoxyCart Team
    Yes. The issue of price spoofing is definitely real. In taking this approach with a few of my own clients over the past 3 years, and in the experience of the currently live FoxyCart stores, it's not something that happens that often. (I've actually never seen a case of it.)

    That said, we do have plans to address this. We're working on a few other things (more gateways, more flexible shipping and tax) first, but it's definitely on our roadmap.
  • lukeluke FoxyCart Team
    edited February 2008
    If it becomes a real concern for you, we recommend using FoxyCart's XML datafeed to verify the integrity of your orders before you fulfill them. You can just parse the XML, do some database lookups in whatever inventory system you use and mark the order as ready for fulfillment or fire off an email to let you know something funky happened.
Sign In or Register to comment.