11-17-2003, 06:15 PM
I'm stuck on the form processing part.
If someone can help me, that would be great.
I have a payment form, (customerinfo.asp), and once the user submits the page, I'd like to do two things:
1. record that info to my website database, (database.asp)
2. send that info to the credit card company's payment form to complete the transaction (e.g. http://www.creditcardcompany.com/payment.asp).
Is there anyway to put 2 actions on one form?
Without <form> tag, how can I send that info to another asp page?
Thank you for your time,
11-17-2003, 07:36 PM
Yes and No...
My first question would be do you need client side credit card processing (server redirects to CC site)? It is cleaner and more professional looking to handle all the credit card processing server-to-server but usually, you would need a real merchant account to do this and not a "third party" person-to-person solution (like Paypal). If you are using a real merchant account, I would research doing a server-to-server interface.
Anyway, back to your question. To perform two actions, you will need to have the initial FORM post the data to your action page. Your page will act on the data and then create a new page with a FORM and HIDDEN fields prepopulated with the original data. Then have and onload event in the BODY tag call document.forms['your_form_name'].submit();
Now there is a slight security risk in doing this because this new temporary page gets written to the clients HTML cache and it contains the payment information in the clear so I again would seriously consider a cleaner and more secure server-to-server solution...
11-17-2003, 10:00 PM
Thank you very much for your reply.
I'm sorry, I'm not familiar with these terminologies, (client-side, server-to-server).
I collect the customer's data except credit card info on my website, (due to record the customer's data on our database),
then submit these data to the credit card company. Once the customer gets in the credit card company's site, it's using SSL, so they can enter the credit card information there.
As you suggested, I added another form and used <onLoad=" "> in the body tag, and it's working perfectly!
Do you think I should have used SSL when I collect the customer's data (no payment info) on my site?
11-17-2003, 10:10 PM
If you are keeping addys, phone numbers, etc I would do it esp. if you are planning on this becoming very popular.
You should at least encrypt certain items for basic security..
My 2 Cents
11-17-2003, 10:42 PM
Originally posted by speece
I'm sorry, I'm not familiar with these terminologies, (client-side, server-to-server)...Do you think I should have used SSL when I collect the customer's data (no payment info) on my site? By server-side vs. client-side I am referring to what side initiates the credit card authorization request. Based on your description you are using client-side redirects -- the client's browser is being sent to the credit card processors site and hopefully will be sent back upon success. With server-side, the client POSTs to your side (using SSL) and then your site communicates to the credit card processor directly -- the client's browser never leaves your site.
Client side can be cheaper initially because you don't need your own SSL certificate and most person-to-person credit card solutions do not have setup or fixed monthly fees BUT this cheapness comes at the expense of your company image and discount rate.