Credit card payments
Can someone please give me some advice? I need to set up an online registration system that will not add details to the database until payment is confirmed.
Is this difficult to do? What is the best way to do it?
There are no stupid questions, only stupid people!
slickfish
web site design, production and maintenance for small business
www.justapickle.com
Blogging for the socially conscious
Greg K posted this at 15:21 — 13th December 2004.
He has: 2,145 posts
Joined: Nov 2003
Should be easy, just wiat till you get result back from whoever does your processing before you do an insert.
1. User fills out form
2. Your script gets the info, does all the data validating
3. Your script calls a program [that takes the payment info and contacts authorize.net] and gets a responce back
4. If the responce indicates the payment went through, call the sql with the INSERT to place the data in the database.
-- or --
If the responce indicates it didn't go through, take them back to the form to reenter data with notice that the current info didn't work.
-Greg
syawilim posted this at 04:36 — 14th December 2004.
He has: 93 posts
Joined: Jun 2004
Thanks heaps!
Didn't think it would be all that hard just haven't done anything with online transactions before.
Greg K posted this at 06:05 — 14th December 2004.
He has: 2,145 posts
Joined: Nov 2003
I'm in the middle of setting this up myself. We are setting up a signup for a service that will automatically rebill each month until cancelled. Not that hard, just making sure all bases are covered.
Tonight I'm focussing on the best method of encrypting the card info to store into the database.
-Greg
dbanners posted this at 22:45 — 13th February 2005.
He has: 13 posts
Joined: Jan 2005
most payment gateways - e.g. 2checkout.com can be configured to call a page on your website when the processing is complete. the payment gateway will pass in all the required information regarding the sale and your page can then be used to send an email to yourself and save the information into a database.
The Ultimate BMW Blog | Colic Facts | Pregnancy Site | Bird Flu Information
EGS posted this at 19:46 — 16th February 2005.
They have: 161 posts
Joined: Jan 2005
PayPal - It's fast, free, and secure! Upgrade your account to a Premiere or Business Account.
Good luck.
Greg K posted this at 23:34 — 17th February 2005.
He has: 2,145 posts
Joined: Nov 2003
Well, we finally got our payment system online. We use Authorize.Net to process our payments, and got a script from http://www.authnetscripts.com which takes data from our web page and passes it on to authorize.net, gets their responce back, and gives us the info we need to either save the transaction, or tell them it failed.
Using this method lets us completely customize our signup system, as it all stays on our site. We are also able to use this to process recurring monthly fees by having a cron run a script each night that automatically rebills the card on file if it is time to do so.
-Greg
Greg K posted this at 21:56 — 23rd February 2005.
He has: 2,145 posts
Joined: Nov 2003
Update. Well we got the script, and it's sample form works, however BEWARE, their script cannot be used inside of a function. I narrowed the problem we were having down to this (took their working "sample" script and put that code in a function, now it don't work either). Upon contacting them (never did fget responce back via e-mail, caught them on their "Online help system after two days of trying), I sent them the question "how do use include ('./scriptname.php'); inside of a function?" I received the following simple message "That type of support is not available on this product".
So now, i'm going off of the info at authorize.net to write my own system. (see
Advanced Integration Method (AIM) Implementation Guide at http://authorize.net/support/guides.php for details on how to do this).
-Greg
Greg K posted this at 00:23 — 2nd March 2005.
He has: 2,145 posts
Joined: Nov 2003
Update: Well the credit card script I wrote seems to be working fine. I wrote a module that has an array listed out so you set the elements to values from your script (all the order info), it then calls Authorize.net, gets a result back and places it into another array , with the elements properly named.
If anyone needs help writing their own, or would like a copy of mine, let me know. I may just post it here. It will come with disclaimers from me saying I'm not responsible though LOL.
-Greg
Serra posted this at 19:27 — 12th March 2005.
They have: 1 posts
Joined: Mar 2005
I tried Authnetscript.com's Authorize.net AIM PHP script and it is fairly nice, but I am totally afraid to use it. The script requires that you put your Authorize.net username and password in the script. Normally, you would use a transaction ID, which allows the script to communicate with Authorize.net, but not to log into the account and get access to your records and the virtual terminal. However, Authnet's script doesn't use the terminal ID. It uses the password. That means that everyone at your hosting company, any hacker that gets access to your PHP files or anyone who has access to your source code (on your PC or a backup disk) can access your Authorize.net account and get EVERYTHING about you and your customers.
That just doesn't work for me. Seems like it is a $45.00 security risk waiting to happen.
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.