Danuel

Psycho, thank you for spending time providing me with a detailed and informative answer. The reasoning behind me setting the POST value the same as a SESSION was due to me not being able to POST the total of the order from the first payment process page, right through to the final confirmation page. However, with the information provided - I will work on a system to pull the Order Total from the Database after I have inserted the relevant data to the database.

Hello all, This is my first post on the forum so I apologise if this is in the wrong section, it seemed to be the most "on-topic"... I am in the process of coding a discount code system for my website and the payment process is relatively long... It consists of 6 pages in total, 3 of which the user will actually visit (the others run) without you knowing. However, on the Shopping Cart I set my first session. $_SESSION['grand_total'] = $grand_total and then on the next page set a POST. $_POST['grand_total'] = $_SESSION['grand_total']; I have done this a couple times in order to get through the 6 pages to eventually pass the $_POST value to SagePay. Is this poor practice? Is this safe? Thank you.