Quote:
Originally posted by jact
The API that they're talking about would be the cgi/php program that you're looking for. It's just the terminology that people who don't know shit about the web use because that's what the proper name is. Not that I'm defending them, their tech support people should know how the hell to get you setup. 
|
This is what they sent me:
"Hi p00p,
We don't employ a CGI script that would reside on your server due to security issues with this method of password managment. We do however offer a form post method for transaction notification and an API used for passing hidden variables and passing non sensitive variables to a success or failure URL.
WHAT THE FUCK? My success URL is my members area. But they cannot explain how the un/pw gets added to my .htpasswd file. It is in a directory that cannot be FTP'd into, but can be read and written to by cgi scripts.
Never, not once...even with the ccbill and ibill exploit have I had a problem with cgi scripts....
