...

View Full Version : Processing webshop orders



lau87
02-14-2010, 04:46 PM
Currently I am busy with building my webshop. The proces for ordering a product is split up in 5 stages:
1) shopping cart
2) customer information
3) payment
4) delivery
5) confirmation

Now, I have troubles with not knowing when to proces what. Do I have to put the customer information at stage 2 in a session or to add it directly in the MySQL database? If putting it in a session, do I have to wait till stage 5 for adding it in the database? I am not sure what is the best.
An important note: the customer may choose for single order (and will never return to the shop) where he/she is not having an account or for regular consumer with an account. How to deal with this?

I hope you can help me with this.

mlseim
02-14-2010, 10:52 PM
Does your client have a Credit Card Merchant to process credit cards?
If so, who is that merchant?

Does you client use a secure webhost (SSL account)? or will you be using
some remote processing, like PayPal? You can't accept customer credit card
account numbers, and information without a secure server.

lau87
02-15-2010, 01:19 AM
Does your client have a Credit Card Merchant to process credit cards?
If so, who is that merchant?

Does you client use a secure webhost (SSL account)? or will you be using
some remote processing, like PayPal? You can't accept customer credit card
account numbers, and information without a secure server.

No, the client uses a Dutch variant of PayPal, calling iDEAL. The process is similar to PayPal.
And my client is indeed using a secure server (SSL) from stage 2 till stage 5. Also the login accounts for consumers will be using SSL.

But still the question for when to add consumer information in the database? At stage 2 (after submitting the information) or waiting to the end of the order at stage 5?

Len Whistler
02-15-2010, 01:45 AM
No, the client uses a Dutch variant of PayPal, calling iDEAL. The process is similar to PayPal.
And my client is indeed using a secure server (SSL) from stage 2 till stage 5. Also the login accounts for consumers will be using SSL.

But still the question for when to add consumer information in the database? At stage 2 (after submitting the information) or waiting to the end of the order at stage 5?

If iDEAL is similar to PayPal I wouldn't bother with customer info at all. The customer has entered their information already with iDEAL/PayPal and after payment you have access to that info.



---------------

mlseim
02-15-2010, 01:44 PM
Unless iDEAL, like PayPal, uses an API key and IPN to exchange data and feedback without
actually going into the "iDEAL" website. Then, you would be collecting your customer
information on your own secure website and only using "iDEAL" for processing credit card.

PayPal has a developer's "sandbox" to develop and play around with the PHP scripts
before you actually make it a real website. If iDEAL has the same type of thing, you should
get into that and see what example PHP scripting they have to process credit cards.

You will be looking for the AIM (Advanced Integration Method) where you process the
customer's credit card information yourself, on a secure server ... as opposed to
SIM (Simple Integration Method), where the customer leaves your site to enter their
credit card information.

It all comes down to the scripting support and PHP script examples that iDEAL has.
Since I've never used them, I don't know how easy it will be.

The answer to your question ... collect everything from the customer, including all
credit card information and put into your database, then use the API, IPN, whatever,
to process the payment with iDEAL. Once the transaction is done, iDEAL will send
back a confirmation (or failure code). You will have to deal with the outcome of it.

lau87
02-15-2010, 05:16 PM
If iDEAL is similar to PayPal I wouldn't bother with customer info at all. The customer has entered their information already with iDEAL/PayPal and after payment you have access to that info. ---------------

Well, it is not really the same. Only the processing of the payment is similar, iDEAL uses the bank account immediately without showing information about its customer. The data I only received from iDEAL are the name and back account number, nothing more.

But my question regarding the customer information is about the delivery address of the customer, not about the credit card information. The purpose of iDEAL is to let customer pay the payment without giving a lot of information to the webshop.


PayPal has a developer's "sandbox" to develop and play around with the PHP scripts
before you actually make it a real website.
Indeed, iDEAL has the same testing environment for developers like PayPal. I already integrated the iDEAL API in my website.


The answer to your question ... collect everything from the customer, including all
credit card information and put into your database, then use the API, IPN, whatever,
to process the payment with iDEAL. Once the transaction is done, iDEAL will send
back a confirmation (or failure code). You will have to deal with the outcome of it.
So, you are saying, put information about customer (with delivery address, e-mailaddress, contact information etc) in the database at stage 2. Then processing the payment with iDEAL at stage 3 and then adding the order(s) from the customer in the database after payment?

mlseim
02-15-2010, 06:07 PM
Yes, get all of the customer's address, etc. before you process the payment.
That way, if something goes bad, at least you can contact the customer, as you will
have their address, phone number, etc.

lau87
02-15-2010, 09:50 PM
Yes, get all of the customer's address, etc. before you process the payment.
That way, if something goes bad, at least you can contact the customer, as you will
have their address, phone number, etc.

So, putting it in de database is better than to store it in a temporary session?
I was thinking differently. What if a customer is not finishing his/her order. In other words, customer is ordering a product (stage 1), filling his address, phone number, e-mailaddress and password (for an account) (stage 2), going to payment (stage 3) and closing the webpage. In that case I already stored the customer information in the database without a completed order of even worse, the order is not adding in the database yet, because the payment is not finished. Then I will have data in my database without orders.
This is what I am thinking of. Is it bad to have customer information without orders? But on the other hand, the customer has made his account already for the next order.

2009old
02-15-2010, 11:00 PM
lots of theory here ..

I will go with osCommerce :) if I have somthing like that what other says ?

PappaJohn
02-15-2010, 11:01 PM
collect everything from the customer, including all
credit card information and put into your database
I have to disagree with this. You should NOT be storing the CC info in your database.

This is a huge security risk to your customers, and an even bigger risk to you once your database gets hacked.

At the very least, this may well be in violation of the Terms of Service with your payment processor. The payment processor is setup to SECURELY store CC info - let them do their job.

Len Whistler
02-16-2010, 12:00 AM
Well, it is not really the same. Only the processing of the payment is similar, iDEAL uses the bank account immediately without showing information about its customer. The data I only received from iDEAL are the name and back account number, nothing more.

Do you not receive a mailing address? My point is if they are paying with iDeal or PayPal why require them to fill out any personal information at all?

When I buy from Ebay and pay with PayPal I do not expect to have to fill out my name and shipping address. PayPal has that info and the seller has access to it.


-----------------------

lau87
02-16-2010, 12:44 AM
I have to disagree with this. You should NOT be storing the CC info in your database.
Don't worry about that, the CC info will not be stored, because iDEAL is not providing CC information.

Quote definition of iDEAL (http://www.ideal.nl/consument/?s=wat&lang=eng-GB):

iDEAL allows you to make online purchases in a familiar, secure and simple way. iDEAL is the system that links you directly to your online banking application when you buy online. To start using iDEAL, you don’t need to register, download any files or open an account. If you already have online banking with ABN AMRO, ASN Bank, Fortis, Friesland Bank, ING, Rabobank, SNS Bank or SNS Regio Bank, you can make payments using iDEAL right away. The transaction is completed swiftly and simply in the familiar online banking environment of your own bank – paying in a way you are already familiar with.


When I buy from Ebay and pay with PayPal I do not expect to have to fill out my name and shipping address. PayPal has that info and the seller has access to it.
In that case that is the only difference between PayPal and iDEAL. iDEAL is not that extended like PayPal. When customers pay through iDEAL, the webshop will not receive their e-mail address or shipping address or anything else, only the bankaccountnumber and the bank account name from the customer. In short, iDEAL is only for the transaction between customer bank account and seller bank account without providing information from both sides.

mlseim
02-16-2010, 12:52 AM
As post #3 states ... they ARE using a secure server (SSL/ HTTPS).

The CC information is the last thing to get ...
And if you're using iDEAL as an AIM (Advanced Integration Method), you'll
be providing them with the CC information plus the amount (that's it).
Your database will have the invoice (items, qty, shipping, etc), plus all of
the customer's data .. name, address, shipping address, etc.

I agree with post #9 that you should be using a "true and tried" script that
comes with a gateway for iDEAL. Not sure if OSCommerce has it, but you
can easy check it out. You will still be using your own secure server and your
own database, as even with OSCommerce or Magento, the method will be AIM.

lau87
02-16-2010, 01:04 AM
The CC information is the last thing to get ...
And if you're using iDEAL as an AIM (Advanced Integration Method), you'll
be providing them with the CC information plus the amount (that's it).
Your database will have the invoice (items, qty, shipping, etc), plus all of
the customer's data .. name, address, shipping address, etc.
Well, the seller don't need the CC information, because after payment the seller can check the payment by the Custom Purchase ID in combination with the unique entrance code provided by iDEAL itself. The payment is not my concern in this phase of programming. That is already done and tested in a developing environment.

But still my question is, when to add the customer's data (by data I mean name, address, shipping, phone fax number and NOT the CC information) in the database, at stage 2 or at the very last stage when payment is finished? In other words, is it better to add those information after submitting the form or store the information in a temporary session and add it to the database after the whole odering is finished, to avoid non-completed payments.
See post #8 for my detailed question

mlseim
02-16-2010, 01:15 AM
I would still add a new record and save it at stage 2.
There would need be a table variable for "status". Make that status "pending".

If they close their browser, you'll lose the session, but you won't lose the stored data in your MySQL table.

After the confirmation code comes back from iDEAL, update that status to either "paid" or the "fail" code that gets returned.
If it's failed, you'll have the code that explains what the problem was.

After you ship it, change the status to "shipped".

lau87
02-16-2010, 01:24 AM
I would still add a new record and save it at stage 2.

Ok, that is very helpful. You advice me to add the data directly after submitting. The status field is required from iDEAL, because iDEAL is providing the status of the payment and will updating it automatically.

If you look at my webshop ordering proces in 5 stages:
1) shopping cart
2) customer information
3) payment
4) delivery
5) confirmation

Now I have stored the products from the customer in a session at stage 1. Should I also insert the products from the shopping cart directly in the database after stage 1 or should I wait for the payment proces at stage 3?

The reason I am asking this is because people can add products to the shopping cart before the payment proces. A scenario: customer has 3 items in shopping cart (stored in session) and go through the customer information at stage 2. At stage 3 before the payment, he is thinking I need another item and go back to the webshop. The item will be add to the session with in totaal 4 items. And proceed it at stage 3.

mlseim
02-16-2010, 01:47 AM
My "status field" is about a field in your MySQL database.
You are talking about a status field you are giving iDEAL. Not the same thing.

I keep mentioning MySQL because once they pay, how will you know what
they ordered, who they are, and where they live? And without a database, how
will you know what the status is?

I'm thinking along these lines ...

You don't require a customer (person) to log in. So, when someone adds 1 item to
a shopping cart, a "customer ID" is created (a PHP SESSION variable contains the ID).
The 1 item is added to the database associated with that ID. Every other item they
add gets added as a new row in the database.

If the user checks out, you query all rows with the ID ... that's their cart contents.
You also go to step 2, so you update every one of their rows (ID) with their info.
(name, address, phone, etc).

If the user closes their browser before step 2, you lose the session ID. If they come back, you have
no idea who they are, but their previous items remain in the database. As an admin
function, if a session ID is lost, you simply delete all of those shopping cart items, and
return those items to inventory. You have to, because you never got to step 2, so you
don't know who they are.

By not having anyone log-in, you will have the same problem with any system you use,
because any session variables are lost when the user leaves and closes their browser.

When they are ready to check out and pay, you query the database and build the
variables you need for sending to iDEAL ...

If the customer comes back in 2 days, they can enter their email address or some ID
code you give them and they can check their order status ... remember you will have
all of their items still in the database.

This whole thing affects the inventory for everyone else, because you might have
50 people shopping at the same time ... and 10 of those people might be adding
T-shirts to their shopping cart. What if you have 3 shirts in inventory, and 5 people
want to add them to their cart? You need to adjust inventory in REAL TIME. If 2
of the people decide to bail-out before paying, you need to purge their carts and
return the shirts to inventory.

That's the point of using OSCommerce, Magento, or some other script.
They have the programming already done for you.

You have a big project ahead of you.
You have to think about the whole operation ... what if 50 people are shopping at the same time?

Also ... you have to control the database of items (inventory) in REAL TIME.
Your "session" shopping cart idea is going to be a problem without a database, unless you only have 1 customer at a time.


Good luck.

lau87
02-17-2010, 12:28 AM
I keep mentioning MySQL because once they pay, how will you know what
they ordered, who they are, and where they live? And without a database, how
will you know what the status is?
I will use a MySQL database to store the items of the shopping cart and customer information. But I am wondering at which stage I add those data to the database.

Your explaination for storing the items directly in the database is great. But I was thinking to a different approach.

A customer adds 1 item to a shopping cart. The item will be stored in a PHP SESSION with the ID of the item. So, this part differs from yours, because you add the item directly in the database and I am storing it in a temporary SESSION. Every item they add will be added to another SESSION with the ID of the item.
Still the customer don't need to log in. If user checks out, the total amount of price will be calculated by the SESSIONS.
User go to step 2, fill in his information. The information will be added to the database when submitting the form. Still, the shopping cart will be remembered by the SESSIONS

If the user closes the browser before step 2, the SESSION will be destroyed, simple as that. And when the user checks out and pays, I can add the items from the SESSION to the database after stage 3 (after payment). The variables will be build from the SESSIONS for iDEAL.

At stage 2 they will create an account by entering their e-mailaddress and a password. For the next order they can use their account.

What do you think of my approach by using the SESSIONS till stage 3 and add it in the database if I am sure the user is paying for the items?

I know I can use existing webshop, but they are too heavy for a small webshop that I am building.

mlseim
02-17-2010, 12:35 AM
Your way will work fine if there isn't an inventory issue.
Perhaps your shop only has a small amount of items, or it doesn't matter
if several people are shopping at the same time. Maybe you won't even
have a need for a database for your items?

So, if that's the case, you can go with your sessions idea (or cookies if want).

The harder part will be to save your shopping cart into a database, or perhaps you
won't use a database ... email the shopping cart to the store admin person for
shipping purposes? You really don't need a database? Something to think about.

lau87
02-17-2010, 01:29 AM
Your way will work fine if there isn't an inventory issue.
Perhaps your shop only has a small amount of items, or it doesn't matter
if several people are shopping at the same time.
Indeed, there is no inventory issue, since the concern of the webshop has a large amount of each product. And the webshop has small amount of items. That is also the reason not to point real-time indication of the amount of items for each product, since this will be always in stock.


The harder part will be to save your shopping cart into a database, or perhaps you
won't use a database ... email the shopping cart to the store admin person for
shipping purposes? You really don't need a database? Something to think about.
Why is saving the shopping cart to the database the harder part?

No, I must work with database, because the service of the webshop is to give customer (with an account) a list of orders they can find it back for bookkeeping or taxes for example.
Also, when the payment with iDEAL failed for the first time, they can proceed the payment a second time without going through all the stages. They can log in on their account and pay it directly with iDEAL in a single stage.
Furthermore, the admin of the webshop is receiving an e-mail with the shopping cart of the customers. Also the customer itself will receive one.

DaiWelsh
02-17-2010, 11:47 AM
Every owner of an online shop I have ever worked for would want to capture customer information associated with an order and most would want to capture it associated with an attempted or incomplete order, i.e. as early as possible.

You need to seperate the idea of creating a customer account for future use (optional) with storing information required for fulfillment of the order. Unless there are no goods associated with the transaction you should record all customer information regardless of if it is a one-off order or not and if they have a problem with payment wouldn't it be better to still have a record of their details and the order details so that the shop owner can choose to email or phone them to say e.g. "I am sorry you had a problem purchasing this item, is there anything I can do to help?".

Also consider whether the shop owner may want some form of customer relationship management functionality e.g. the chance to email previous customers with special offers? In this scenario it is better to record as many details as possible.

Of course a particular shop owner may choose not to do anything with user info if they view it as spam/anti-privacy etc. but if this is code to beused in multiple scenarios then some will almost certainly see it differently?

Next consider bugs - in an ideal scenario of course there are none, but if there are and orders are not completing (maybe a problem with payment API) then it is helpful to see them and be able to try to see a pattern?

Lastly consider statistics - it is useful to a webshop owner to see where in the order process people are abandoning. You could record this just as a set of numbers for how many people got to each stage, but for the purposes of tracking down why they abandoned it can be helpful to have order and customer info (e.g. Mr M Mouse of Disneylanf probably isn't worth worrying about abandoning).

In summary form a technical POV either will work, but for me more data is better (unless you have load issues) so I would record order info and customer info early, if you find you need it you will be grateful and if it is never actually used, well no great loss?

HTH,

Dai

lau87
02-18-2010, 12:07 AM
Every owner of an online shop I have ever worked for would want to capture customer information associated with an order and most would want to capture it associated with an attempted or incomplete order, i.e. as early as possible.
So, you recommended me to add the info as soon as possible in the stages? In other words, add the items for the shopping cart at stage 1 to the database instead of at stage 3 (after payment)?


Also consider whether the shop owner may want some form of customer relationship management functionality e.g. the chance to email previous customers with special offers? In this scenario it is better to record as many details as possible.
I had thinking about that, during customer information form (stage 2), they may choose to subscribe for the newsletter with special offers.


You could record this just as a set of numbers for how many people got to each stage, but for the purposes of tracking down why they abandoned it can be helpful to have order and customer info (e.g. Mr M Mouse of Disneylanf probably isn't worth worrying about abandoning).
I agree that this is good for the statistics of the webshop to find out where something is not going well for sales. But it is a quite small webshop and the webshop owner isn't that interested to know what item will not be sold and what is a topsell-item. However, I will keep this in mind for future improvement.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum