Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 22
  1. #1
    New Coder
    Join Date
    Jul 2009
    Posts
    20
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Question Processing webshop orders

    Currently I am busy with building my webshop. The proces for ordering a product is split up in 5 stages:
    1) shopping cart
    2) customer information
    3) payment
    4) delivery
    5) confirmation

    Now, I have troubles with not knowing when to proces what. Do I have to put the customer information at stage 2 in a session or to add it directly in the MySQL database? If putting it in a session, do I have to wait till stage 5 for adding it in the database? I am not sure what is the best.
    An important note: the customer may choose for single order (and will never return to the shop) where he/she is not having an account or for regular consumer with an account. How to deal with this?

    I hope you can help me with this.

  • #2
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,511
    Thanks
    8
    Thanked 1,090 Times in 1,081 Posts
    Does your client have a Credit Card Merchant to process credit cards?
    If so, who is that merchant?

    Does you client use a secure webhost (SSL account)? or will you be using
    some remote processing, like PayPal? You can't accept customer credit card
    account numbers, and information without a secure server.

  • #3
    New Coder
    Join Date
    Jul 2009
    Posts
    20
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mlseim View Post
    Does your client have a Credit Card Merchant to process credit cards?
    If so, who is that merchant?

    Does you client use a secure webhost (SSL account)? or will you be using
    some remote processing, like PayPal? You can't accept customer credit card
    account numbers, and information without a secure server.
    No, the client uses a Dutch variant of PayPal, calling iDEAL. The process is similar to PayPal.
    And my client is indeed using a secure server (SSL) from stage 2 till stage 5. Also the login accounts for consumers will be using SSL.

    But still the question for when to add consumer information in the database? At stage 2 (after submitting the information) or waiting to the end of the order at stage 5?

  • #4
    Senior Coder Len Whistler's Avatar
    Join Date
    Jul 2002
    Location
    Vancouver, BC Canada
    Posts
    1,323
    Thanks
    26
    Thanked 100 Times in 100 Posts
    Quote Originally Posted by lau87 View Post
    No, the client uses a Dutch variant of PayPal, calling iDEAL. The process is similar to PayPal.
    And my client is indeed using a secure server (SSL) from stage 2 till stage 5. Also the login accounts for consumers will be using SSL.

    But still the question for when to add consumer information in the database? At stage 2 (after submitting the information) or waiting to the end of the order at stage 5?
    If iDEAL is similar to PayPal I wouldn't bother with customer info at all. The customer has entered their information already with iDEAL/PayPal and after payment you have access to that info.



    ---------------
    Leonard Whistler

  • #5
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,511
    Thanks
    8
    Thanked 1,090 Times in 1,081 Posts
    Unless iDEAL, like PayPal, uses an API key and IPN to exchange data and feedback without
    actually going into the "iDEAL" website. Then, you would be collecting your customer
    information on your own secure website and only using "iDEAL" for processing credit card.

    PayPal has a developer's "sandbox" to develop and play around with the PHP scripts
    before you actually make it a real website. If iDEAL has the same type of thing, you should
    get into that and see what example PHP scripting they have to process credit cards.

    You will be looking for the AIM (Advanced Integration Method) where you process the
    customer's credit card information yourself, on a secure server ... as opposed to
    SIM (Simple Integration Method), where the customer leaves your site to enter their
    credit card information.

    It all comes down to the scripting support and PHP script examples that iDEAL has.
    Since I've never used them, I don't know how easy it will be.

    The answer to your question ... collect everything from the customer, including all
    credit card information and put into your database, then use the API, IPN, whatever,
    to process the payment with iDEAL. Once the transaction is done, iDEAL will send
    back a confirmation (or failure code). You will have to deal with the outcome of it.

  • #6
    New Coder
    Join Date
    Jul 2009
    Posts
    20
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Len Whistler View Post
    If iDEAL is similar to PayPal I wouldn't bother with customer info at all. The customer has entered their information already with iDEAL/PayPal and after payment you have access to that info. ---------------
    Well, it is not really the same. Only the processing of the payment is similar, iDEAL uses the bank account immediately without showing information about its customer. The data I only received from iDEAL are the name and back account number, nothing more.

    But my question regarding the customer information is about the delivery address of the customer, not about the credit card information. The purpose of iDEAL is to let customer pay the payment without giving a lot of information to the webshop.

    Quote Originally Posted by mlseim View Post
    PayPal has a developer's "sandbox" to develop and play around with the PHP scripts
    before you actually make it a real website.
    Indeed, iDEAL has the same testing environment for developers like PayPal. I already integrated the iDEAL API in my website.

    Quote Originally Posted by mlseim View Post
    The answer to your question ... collect everything from the customer, including all
    credit card information and put into your database, then use the API, IPN, whatever,
    to process the payment with iDEAL. Once the transaction is done, iDEAL will send
    back a confirmation (or failure code). You will have to deal with the outcome of it.
    So, you are saying, put information about customer (with delivery address, e-mailaddress, contact information etc) in the database at stage 2. Then processing the payment with iDEAL at stage 3 and then adding the order(s) from the customer in the database after payment?

  • #7
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,511
    Thanks
    8
    Thanked 1,090 Times in 1,081 Posts
    Yes, get all of the customer's address, etc. before you process the payment.
    That way, if something goes bad, at least you can contact the customer, as you will
    have their address, phone number, etc.

  • #8
    New Coder
    Join Date
    Jul 2009
    Posts
    20
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mlseim View Post
    Yes, get all of the customer's address, etc. before you process the payment.
    That way, if something goes bad, at least you can contact the customer, as you will
    have their address, phone number, etc.
    So, putting it in de database is better than to store it in a temporary session?
    I was thinking differently. What if a customer is not finishing his/her order. In other words, customer is ordering a product (stage 1), filling his address, phone number, e-mailaddress and password (for an account) (stage 2), going to payment (stage 3) and closing the webpage. In that case I already stored the customer information in the database without a completed order of even worse, the order is not adding in the database yet, because the payment is not finished. Then I will have data in my database without orders.
    This is what I am thinking of. Is it bad to have customer information without orders? But on the other hand, the customer has made his account already for the next order.

  • #9
    New Coder
    Join Date
    Dec 2009
    Posts
    39
    Thanks
    4
    Thanked 0 Times in 0 Posts
    lots of theory here ..

    I will go with osCommerce if I have somthing like that what other says ?

  • #10
    Senior Coder
    Join Date
    Apr 2007
    Location
    Quakertown PA USA
    Posts
    1,028
    Thanks
    1
    Thanked 125 Times in 123 Posts
    Quote Originally Posted by mlseim View Post
    collect everything from the customer, including all
    credit card information and put into your database
    I have to disagree with this. You should NOT be storing the CC info in your database.

    This is a huge security risk to your customers, and an even bigger risk to you once your database gets hacked.

    At the very least, this may well be in violation of the Terms of Service with your payment processor. The payment processor is setup to SECURELY store CC info - let them do their job.
    John

  • #11
    Senior Coder Len Whistler's Avatar
    Join Date
    Jul 2002
    Location
    Vancouver, BC Canada
    Posts
    1,323
    Thanks
    26
    Thanked 100 Times in 100 Posts
    Quote Originally Posted by lau87 View Post
    Well, it is not really the same. Only the processing of the payment is similar, iDEAL uses the bank account immediately without showing information about its customer. The data I only received from iDEAL are the name and back account number, nothing more.
    Do you not receive a mailing address? My point is if they are paying with iDeal or PayPal why require them to fill out any personal information at all?

    When I buy from Ebay and pay with PayPal I do not expect to have to fill out my name and shipping address. PayPal has that info and the seller has access to it.


    -----------------------
    Leonard Whistler

  • #12
    New Coder
    Join Date
    Jul 2009
    Posts
    20
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by PappaJohn View Post
    I have to disagree with this. You should NOT be storing the CC info in your database.
    Don't worry about that, the CC info will not be stored, because iDEAL is not providing CC information.

    Quote definition of iDEAL:
    iDEAL allows you to make online purchases in a familiar, secure and simple way. iDEAL is the system that links you directly to your online banking application when you buy online. To start using iDEAL, you don’t need to register, download any files or open an account. If you already have online banking with ABN AMRO, ASN Bank, Fortis, Friesland Bank, ING, Rabobank, SNS Bank or SNS Regio Bank, you can make payments using iDEAL right away. The transaction is completed swiftly and simply in the familiar online banking environment of your own bank – paying in a way you are already familiar with.
    Quote Originally Posted by Len Whistler View Post
    When I buy from Ebay and pay with PayPal I do not expect to have to fill out my name and shipping address. PayPal has that info and the seller has access to it.
    In that case that is the only difference between PayPal and iDEAL. iDEAL is not that extended like PayPal. When customers pay through iDEAL, the webshop will not receive their e-mail address or shipping address or anything else, only the bankaccountnumber and the bank account name from the customer. In short, iDEAL is only for the transaction between customer bank account and seller bank account without providing information from both sides.
    Last edited by lau87; 02-16-2010 at 12:47 AM.

  • #13
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,511
    Thanks
    8
    Thanked 1,090 Times in 1,081 Posts
    As post #3 states ... they ARE using a secure server (SSL/ HTTPS).

    The CC information is the last thing to get ...
    And if you're using iDEAL as an AIM (Advanced Integration Method), you'll
    be providing them with the CC information plus the amount (that's it).
    Your database will have the invoice (items, qty, shipping, etc), plus all of
    the customer's data .. name, address, shipping address, etc.

    I agree with post #9 that you should be using a "true and tried" script that
    comes with a gateway for iDEAL. Not sure if OSCommerce has it, but you
    can easy check it out. You will still be using your own secure server and your
    own database, as even with OSCommerce or Magento, the method will be AIM.

  • #14
    New Coder
    Join Date
    Jul 2009
    Posts
    20
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by mlseim View Post
    The CC information is the last thing to get ...
    And if you're using iDEAL as an AIM (Advanced Integration Method), you'll
    be providing them with the CC information plus the amount (that's it).
    Your database will have the invoice (items, qty, shipping, etc), plus all of
    the customer's data .. name, address, shipping address, etc.
    Well, the seller don't need the CC information, because after payment the seller can check the payment by the Custom Purchase ID in combination with the unique entrance code provided by iDEAL itself. The payment is not my concern in this phase of programming. That is already done and tested in a developing environment.

    But still my question is, when to add the customer's data (by data I mean name, address, shipping, phone fax number and NOT the CC information) in the database, at stage 2 or at the very last stage when payment is finished? In other words, is it better to add those information after submitting the form or store the information in a temporary session and add it to the database after the whole odering is finished, to avoid non-completed payments.
    See post #8 for my detailed question
    Last edited by lau87; 02-16-2010 at 01:09 AM.

  • #15
    Master Coder
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    9,511
    Thanks
    8
    Thanked 1,090 Times in 1,081 Posts
    I would still add a new record and save it at stage 2.
    There would need be a table variable for "status". Make that status "pending".

    If they close their browser, you'll lose the session, but you won't lose the stored data in your MySQL table.

    After the confirmation code comes back from iDEAL, update that status to either "paid" or the "fail" code that gets returned.
    If it's failed, you'll have the code that explains what the problem was.

    After you ship it, change the status to "shipped".


  •  
    Page 1 of 2 12 LastLast

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •