|
|
|
|
SalesCart Product pages have 2 different levels of security to ensure price changes are not made my maliciously or illegally. The levels are contingent on the size of your merchant application. The chances or price manipulation are extremelly limited. Why? Because a person manipulating prices, would have to give you information to take possession of any items including a credit card# and address information. And, this information can be used to track down and prosecute the person because it is theft and larceny. Therefore, no criminal would ever expose themselves to this manipulation. In addition, most merchants know the prices of their products especially in smaller applications. However, SalesCart has intituted several techniques to verify prices of items purchased.
By default the prices of all static product pages are checked to see if the price has been manipulated in some fashion off-line using the checkpost.php file. This checkpost file may be configured differently depending on your security concerns. The job of the checkpost file is to look at the posting price and compare it directly to the price saved for this productpage on the real productpage saved on disk. This requires that prices relative to particular sku# be unique on each particular product page and that a product page be configured correctly. If the prices are differently, then this page, by default, sends an email to the merchant notifying them that the price has been manipulated and the order the manipulation took place on without stopping the order. This allows you to catch and prosecute the culprit under existing theft laws. However, you may also choose to increase the security and prevent the order from going through and giving the user an error page. Simply edit the checkpost.php file as follows:
Before:
//Set variable to 1 to email error message to merchant or 0 to display error message on error page
$emailErr = 1;
After:
//Set variable to 1 to email error message to merchant or 0 to display error message on error page
$emailErr = 0;
As the number of total web pages goes up so does the need to move to a dynamic catalog implementation of SalesCart. In the dynamic catalog implementation, the checkpost.php intrinsically checks and confirms unequivocally if the price of the product has been changed because it can compare it directly to the product database. The comparison is straight forward and foolproof. Please refer to the product management documentation for more information.