Ups, I did not want to imply to store the cc information or such in a cookie. I thought about storing it in the database so it could be pulled out from there. The cookie I meant is just the normal OpenACS user-is-permanently-logged-in cookie. To make sure that not someone else can accidently use your credit card to make a donation, you can always ask for the security number on the back of your credit card for verification before executing the transaction.
