Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

XE Real Time Currency conversion - Safe?


Recommended Posts

Right now I am using a link to XE.com's Personal Currency assistant to have real-time currency conversion on my oscommerce site. I've put the link in the shopping cart box on the main pages.


The XE system seems to use a CGI to pop-up the convertor and automatically refresh the shop page behind the popup - ie. popup is controlled by cgi not any javascript in the oscommerce page.


My question is: is it safe to have this link? I am passing $cart->show_total() to the convertor in the link so that it does the conversion automatically. Are there any session/security related dangers to doing this?



Link to comment
Share on other sites

Since it's a one-way communication (ie: you're not running an applet from XE.com within OSC) it should be fine. XE shouldn't be able to get database or variable access that you haven't given it.


On a different note, how are you doing this? Would you be willing to post the code? I was going to code something similar but haven't gotten around to it yet.





Link to comment
Share on other sites

Thanks for the reply.


I can't really take any credit for coding this - it's all available on XE.com's website. The code I am using in the shopping cart box simply adds another line to the infobox:


  $info_box_contents[] = array('align' => 'center',

                                'text' => '<a href="http://www.xe.com/pca/launch.cgi?Amount='.$cart->show_total().'&From=GBP">Convert total</a>'



The total of the cart is automatically passed to XE when the user clicks the Convert Total link. I have also hard coded the shop currency to GBP, since that's what we use, but then the user can convert that amount into whatever they want.


Hope this helps

Link to comment
Share on other sites

  • 2 years later...


This topic is now archived and is closed to further replies.

  • Create New...