Hello all,
This is my first post on the forum so I apologise if this is in the wrong section, it seemed to be the most "on-topic"...
I am in the process of coding a discount code system for my website and the payment process is relatively long... It consists of 6 pages in total, 3 of which the user will actually visit (the others run) without you knowing.
However, on the Shopping Cart I set my first session. $_SESSION['grand_total'] = $grand_total and then on the next page set a POST.
$_POST['grand_total'] = $_SESSION['grand_total'];
I have done this a couple times in order to get through the 6 pages to eventually pass the $_POST value to SagePay.
Is this poor practice?
Is this safe?
Thank you.