Preventing users hopping around checkout pages

0 投票
最新提问 用户: (120 分)

I'm creating a checkout process with 4 pages, however i'm worried that a user may try to go back to previous pages of the checkout to modify and resubmit information in an attempt to manipulate information.

I heard about nonces but i cant really wrap my head around it. How would i link a nonce with a checkout? And how would this prevent a person from hopping to a random page of the checkout process using url (not using "go back" arrow on browser), wouldn't server side code create new nonce for that page when it is called and thus the person would still be able to modify information?

What i'm looking for is for a person to 1. not be able to randomly hop to any page of the checkout process (ex: at home page, then hop to the last page of checkout).And 2. not be able to go back to previous page of checkout process.

I'm looking for a very linear process that a user must start at a certain point (ex: a certain checkout button) or they will not have access to any of the checkout pages. They also must follow each checkout step in the right order. Any ideas of how this could be done?

发表于 用户: (340 分)
You users should be able to go back to previous step and then to resume the checkout process. I think you might have a "business requirements" problem there.
发表于 用户: (120 分)
My current method of verifying all the information is at the last step of the checkout i recalculate all costs based on the inputed information and if something does not add up it will result in an error and all the information regarding the current checkout is deleted in the Database so it can be started fresh. Is this a good way of doing it?
发表于 用户: (140 分)
A nonce prevents multiple submissions. So even if they do go back, it's useless. The idea is that you generate a number and store it in the session or your db. You include it as a hidden field on the form. If the number matches on submit, you accept the form and clear out the session or db value. If the user hits back, the form and that nonce value will be in the form. But, since the nonce value is not in your session or db anymore, you know that the form was resubmitted and there for invalid. There are ways to do this with dates too so you can hash a date and know how old the form bbq is etc

登录 或者 注册 后回答这个问题。

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。