--- Rory Browne <rory.browne@xxxxxxxxx> wrote: > It's better if, when it comes to time > to checkout, you redirect your client > to your Payment Service Providers (PSP's) > website, your PSP processes the payment, > and redirects the client back to your > site. The PSP would then contact you > directly to confirm the payment. > That way there is no CC info on your > server for you to protect. I really appreciate all the advice people have given. So the following questions are designed to try to fully understand the scenario and what the customer sees from their viewpoint. The site that I am trying to fix is absolutely awful right now. It is certainly not a high volume site, although I do think if properly designed it could do a lot more business than it does. It is the site of a self-published author and I think most people who buy his books go to Amazon to buy them because the shopping cart is so bad (he did it himself years ago, and he is not any kind of web designer or programmer). The site uses the Hassan Shopping Cart which is a Perl script. Looking at the script it appears that it can support some sort of credit card authorization. But the way he has it set up now it just writes each order to a plain text file in a "secure" subdirectory (obviously a very bad idea) and sends him an email that tells him he has an order on the site to process. His hosting site is discontinuing support for the Hassan Shopping Cart, but does support Cardservice International. So let's say that I want to integrate a shopping cart with a PSP, right up to the moment they get to the checkout, they see my client's URL. They hit the "Checkout" button and then they will see the URL of the PSP? Then once they place the order then they are redirected back to my client's site and see that URL again? Is that an accurate description of how it works? Do you normally have control over the "look and feel" of how the checkout looks on the PSP site? Excuse me if these are really basic questions, but I haven't done this before. :) Thanks again, Lawrence Kennon __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
