Chapter 13 of the book teaches most of the concepts behind doing e-commerce. It also shows you how to create a sample database, write most of the PHP scripts, and use the application from both the administrative and public sides. As I said in the book, the e-commerce application itself could not be completed because of two primary issues:
- how the purchased product is delivered to the purchaser
- how the money is processed
This first issue is critical for two reasons. One, there are laws regulating when people can be charged if a product is being shipped to them. Two, an administrative section still needs to be created for showing unshipped orders, marking them as shipped, and formally charging the purchaser.
The second issue is critical because there are hundreds of ways to process the money, from using something like Pay-Pal to a processing company to having your own bank handle the transaction. Each operation has its own protocol and methodology.
On this page I’ll try to fill in some of the blanks in terms of theory. Some of the actual code can be had by downloading the extra scripts (ZIP format, 4KB).
Third-Party Money Processing
If you use a third-party to handle the money in an e-commerce application, it normally works like this:
- You create a form with all the relevant details as hidden inputs: your account number, the amount, description, etc.
- The form also takes the user’s information: credit card info, name, address, etc.
- The form data is posted to a URL at the third-party’s server (by setting the ACTION attribute accordingly).
- The user fills out the form, submits it to the third-party. The third-party processes the request and sends the user back to a page on your server.
- Your page receives a bunch of information, like the session number, whether the order was approved or not, and so forth.
Again, this is just one way the money can be handled. With that in mind, here are the files you’ll find in the download:
checkout.php (public side)
After the user selects all of their purchases, this is the first step in the checkout process. It re-confirms their order and gives them the opportunity to login. There’s also a link to the registration page.
The theory with this e-commerce application is that people must be logged in to finish the purchase. The files DO NOT include login or registration pages, but there are plenty of those in the book (you can use those in Chapter 12 for starters).
confirm.php (public side)
This is the last page before the order would be final. The page would confirm that the user is logged in and would then take whatever information is necessary to process the order. Those particulars differ based how your particular site is handling the money.
final.php (public side)
This is the last page in the entire process. If you are using an outside service to handle the money, that service should redirect the user to this page. The page stores the information in the database, destroys the session, sends an email, prints a message or whatever.
view_order.php (admin side)
This is a very basic script that demonstrates how you can view an individual order on the administrative side. It expects an order ID to be passed to it as $_GET['oid'] (in other words, the page should be accessed as view_order.php?oid=X, where X is a valid order ID number). It then unserializes the shopping cart and prints this along with the entire row record. It’s not fancy but it does demonstrate the concept.
Logically, the admin side would also have a view_orders.php page that shows a synopsis of all the orders. These would be linked to the view_order.php script.