[thelist] Inexpensive E-Commerce

Norman Beresford n.beresford at anansi.co.uk
Fri Jun 22 03:09:57 CDT 2001 

Hi Beau

I've been in a similar position to you (although using different
technologies).  The advice I received was keep nothing on a public server
that you don't have to.  So what happens in our system is that all of the
shoppers details, bar the CC information, is kept in an SQL Server db.  The
shopper can return to the site later to complete the shopping etc.  She goes
to a secure server to enter her CC details, which are then sent in an
encrypted email (using aspEncrypt - we're a M$ shop) to the fulfilment
house/shop keeper.  Who can then do what they like with them.

So my suggetion is go for 5a.

HTH

Norman


----- Original Message -----
From: "Beau Hartshorne" <beau at pair.com>
To: "thelist" <thelist at lists.evolt.org>
Sent: Friday, June 22, 2001 4:23 AM
Subject: [thelist] Inexpensive E-Commerce


> Hi,
>
> I have a client who wants me to make him an e-commerce site. He doesn't
> have much money, so I'm trying to do build it inexpensively. I've never
put
> an e-commerce site together, but I have an idea of how it might work:
>
> 1. Find an inexpensive host that supports php, mysql and ssl. (I'm using
> http://www.cedant.com/).
> 2. Create HTML pages with all the products listed.
> 3. Create a simple PHP shopping cart.
> 4. Set up a secure area (shared ssl).
> 5. Create a PHP checkout app (which resides in the secure server) that
adds
> taxes and shipping, calculates the total, collects the address, and credit
> card number. This information is either (which is best!?):
>
> a) PGP emailed to my client.
> b) Stored in a mySQL database that is accessed via a php script that
> resides on the shared secure server, in a secret directory behind
.htaccess
> protection.
> c) Stored in a flatfile database that is accessed via a php script that
> resides on the shared secure server, in a secret directory behind
.htaccess
> protection.
>
> 6. My client gets an email sent with the order information (and credit
card
> information if it was sent via PHP email). If 5b or 5c, then my client
goes
> to his secure area and gets the credit card information, then deletes the
> information from that area.
> 7. My client prepares the order to be shipped.
> 8. My client enters his card information to his bricks & mortar store, the
> transaction is approved, and he ships the product.
>
> How am I doing?
>
> Thanks,
>
> Beau
>
>
> ---------------------------------------
> For unsubscribe and other options, including
> the Tip Harvester and archive of TheList go to:
> http://lists.evolt.org Workers of the Web, evolt !
>

More information about the thelist mailing list