Currently I am busy with building my webshop. The proces for ordering a product is split up in 5 stages:
1) shopping cart
2) customer information
3) payment
4) delivery
5) confirmation
Now, I have troubles with not knowing when to proces what. Do I have to put the customer information at stage 2 in a session or to add it directly in the MySQL database? If putting it in a session, do I have to wait till stage 5 for adding it in the database? I am not sure what is the best.
An important note: the customer may choose for single order (and will never return to the shop) where he/she is not having an account or for regular consumer with an account. How to deal with this?
Does your client have a Credit Card Merchant to process credit cards?
If so, who is that merchant?
Does you client use a secure webhost (SSL account)? or will you be using
some remote processing, like PayPal? You can't accept customer credit card
account numbers, and information without a secure server.
Does your client have a Credit Card Merchant to process credit cards?
If so, who is that merchant?
Does you client use a secure webhost (SSL account)? or will you be using
some remote processing, like PayPal? You can't accept customer credit card
account numbers, and information without a secure server.
No, the client uses a Dutch variant of PayPal, calling iDEAL. The process is similar to PayPal.
And my client is indeed using a secure server (SSL) from stage 2 till stage 5. Also the login accounts for consumers will be using SSL.
But still the question for when to add consumer information in the database? At stage 2 (after submitting the information) or waiting to the end of the order at stage 5?
No, the client uses a Dutch variant of PayPal, calling iDEAL. The process is similar to PayPal.
And my client is indeed using a secure server (SSL) from stage 2 till stage 5. Also the login accounts for consumers will be using SSL.
But still the question for when to add consumer information in the database? At stage 2 (after submitting the information) or waiting to the end of the order at stage 5?
If iDEAL is similar to PayPal I wouldn't bother with customer info at all. The customer has entered their information already with iDEAL/PayPal and after payment you have access to that info.
Unless iDEAL, like PayPal, uses an API key and IPN to exchange data and feedback without
actually going into the "iDEAL" website. Then, you would be collecting your customer
information on your own secure website and only using "iDEAL" for processing credit card.
PayPal has a developer's "sandbox" to develop and play around with the PHP scripts
before you actually make it a real website. If iDEAL has the same type of thing, you should
get into that and see what example PHP scripting they have to process credit cards.
You will be looking for the AIM (Advanced Integration Method) where you process the
customer's credit card information yourself, on a secure server ... as opposed to
SIM (Simple Integration Method), where the customer leaves your site to enter their
credit card information.
It all comes down to the scripting support and PHP script examples that iDEAL has.
Since I've never used them, I don't know how easy it will be.
The answer to your question ... collect everything from the customer, including all
credit card information and put into your database, then use the API, IPN, whatever,
to process the payment with iDEAL. Once the transaction is done, iDEAL will send
back a confirmation (or failure code). You will have to deal with the outcome of it.
If iDEAL is similar to PayPal I wouldn't bother with customer info at all. The customer has entered their information already with iDEAL/PayPal and after payment you have access to that info. ---------------
Well, it is not really the same. Only the processing of the payment is similar, iDEAL uses the bank account immediately without showing information about its customer. The data I only received from iDEAL are the name and back account number, nothing more.
But my question regarding the customer information is about the delivery address of the customer, not about the credit card information. The purpose of iDEAL is to let customer pay the payment without giving a lot of information to the webshop.
Quote:
Originally Posted by mlseim
PayPal has a developer's "sandbox" to develop and play around with the PHP scripts
before you actually make it a real website.
Indeed, iDEAL has the same testing environment for developers like PayPal. I already integrated the iDEAL API in my website.
Quote:
Originally Posted by mlseim
The answer to your question ... collect everything from the customer, including all
credit card information and put into your database, then use the API, IPN, whatever,
to process the payment with iDEAL. Once the transaction is done, iDEAL will send
back a confirmation (or failure code). You will have to deal with the outcome of it.
So, you are saying, put information about customer (with delivery address, e-mailaddress, contact information etc) in the database at stage 2. Then processing the payment with iDEAL at stage 3 and then adding the order(s) from the customer in the database after payment?
Yes, get all of the customer's address, etc. before you process the payment.
That way, if something goes bad, at least you can contact the customer, as you will
have their address, phone number, etc.
Yes, get all of the customer's address, etc. before you process the payment.
That way, if something goes bad, at least you can contact the customer, as you will
have their address, phone number, etc.
So, putting it in de database is better than to store it in a temporary session?
I was thinking differently. What if a customer is not finishing his/her order. In other words, customer is ordering a product (stage 1), filling his address, phone number, e-mailaddress and password (for an account) (stage 2), going to payment (stage 3) and closing the webpage. In that case I already stored the customer information in the database without a completed order of even worse, the order is not adding in the database yet, because the payment is not finished. Then I will have data in my database without orders.
This is what I am thinking of. Is it bad to have customer information without orders? But on the other hand, the customer has made his account already for the next order.
collect everything from the customer, including all
credit card information and put into your database
I have to disagree with this. You should NOT be storing the CC info in your database.
This is a huge security risk to your customers, and an even bigger risk to you once your database gets hacked.
At the very least, this may well be in violation of the Terms of Service with your payment processor. The payment processor is setup to SECURELY store CC info - let them do their job.
Well, it is not really the same. Only the processing of the payment is similar, iDEAL uses the bank account immediately without showing information about its customer. The data I only received from iDEAL are the name and back account number, nothing more.
Do you not receive a mailing address? My point is if they are paying with iDeal or PayPal why require them to fill out any personal information at all?
When I buy from Ebay and pay with PayPal I do not expect to have to fill out my name and shipping address. PayPal has that info and the seller has access to it.
iDEAL allows you to make online purchases in a familiar, secure and simple way. iDEAL is the system that links you directly to your online banking application when you buy online. To start using iDEAL, you don’t need to register, download any files or open an account. If you already have online banking with ABN AMRO, ASN Bank, Fortis, Friesland Bank, ING, Rabobank, SNS Bank or SNS Regio Bank, you can make payments using iDEAL right away. The transaction is completed swiftly and simply in the familiar online banking environment of your own bank – paying in a way you are already familiar with.
Quote:
Originally Posted by Len Whistler
When I buy from Ebay and pay with PayPal I do not expect to have to fill out my name and shipping address. PayPal has that info and the seller has access to it.
In that case that is the only difference between PayPal and iDEAL. iDEAL is not that extended like PayPal. When customers pay through iDEAL, the webshop will not receive their e-mail address or shipping address or anything else, only the bankaccountnumber and the bank account name from the customer. In short, iDEAL is only for the transaction between customer bank account and seller bank account without providing information from both sides.
As post #3 states ... they ARE using a secure server (SSL/ HTTPS).
The CC information is the last thing to get ...
And if you're using iDEAL as an AIM (Advanced Integration Method), you'll
be providing them with the CC information plus the amount (that's it).
Your database will have the invoice (items, qty, shipping, etc), plus all of
the customer's data .. name, address, shipping address, etc.
I agree with post #9 that you should be using a "true and tried" script that
comes with a gateway for iDEAL. Not sure if OSCommerce has it, but you
can easy check it out. You will still be using your own secure server and your
own database, as even with OSCommerce or Magento, the method will be AIM.
The CC information is the last thing to get ...
And if you're using iDEAL as an AIM (Advanced Integration Method), you'll
be providing them with the CC information plus the amount (that's it).
Your database will have the invoice (items, qty, shipping, etc), plus all of
the customer's data .. name, address, shipping address, etc.
Well, the seller don't need the CC information, because after payment the seller can check the payment by the Custom Purchase ID in combination with the unique entrance code provided by iDEAL itself. The payment is not my concern in this phase of programming. That is already done and tested in a developing environment.
But still my question is, when to add the customer's data (by data I mean name, address, shipping, phone fax number and NOT the CC information) in the database, at stage 2 or at the very last stage when payment is finished? In other words, is it better to add those information after submitting the form or store the information in a temporary session and add it to the database after the whole odering is finished, to avoid non-completed payments. See post #8 for my detailed question
I would still add a new record and save it at stage 2.
There would need be a table variable for "status". Make that status "pending".
If they close their browser, you'll lose the session, but you won't lose the stored data in your MySQL table.
After the confirmation code comes back from iDEAL, update that status to either "paid" or the "fail" code that gets returned.
If it's failed, you'll have the code that explains what the problem was.
After you ship it, change the status to "shipped".
Before you post, read our: 
Processing webshop orders
if I have somthing like that what other says ?
