[thelist] Basic e-commerce

[Jack Timmons]

On Sun, Apr 5, 2009 at 5:27 PM, Kevin Timmins <kipper_timmins at live.co.uk>wrote:
>
> How does the validating part work? i think that the bit that i am most
> interested in.


There's a lot of ways you can pre-validate. Mind you, we can't really
prevent illegal use of credit cards on pre-validation, but we can require
enough info to ensure authorize.net can:
1) Ensure the credit card number is valid [1] is perhaps the biggest one
2) Make sure either a valid security code or postal code was been passed
(the former being what I use, since I can handle those better than
international postal codes). You could just ensure one was passed and leave
it to authorize.net to handle it.
3) Don't forget name, etc.

Really it's just common sense stuff (at least to me), and someone else may
have a better idea. I -try- to do it both in the Javascript and PHP, the
first to make it so they don't have to leave the page in order to correct
data, and the second for obvious reasons of forgery.

I actually just printed out Authorize.net's API (I'm a guy who needs a
document in paper form), and I plan on going through it and writing a class
that quickly does all of that. It'll be mainly for the framework we're
setting up, but once I'm sure it tests right I'll share the download with
whomever wants it.

[1] -  http://www.beachnet.com/~hstiles/cardtype.html
-- 
-Jack Timmons
http://www.trotlc.com
Twitter: @codeacula