Payment Handling Code Question
Posted 28 September 2006 - 05:44 PM
Add Listing p.1 - Customer enters listing type (to determine how much to charge customer). Form action sends control to Add Listing p.2.
Add Listing p.2 - Customer enters payment info on a form on our site. The action of the form sends the information to the merchant account payment gateway. The return value of this determines whether or not the payment went through.
If payment goes through, we send control to:
Add Listing p.3. - Customer enters in listing info. The action of the form sends control to Add Listing p.4, which basically is a confirmation that the info was added to the db and that the payment went through.
Basically, I want to know is how can I prevent anyone from accessing Add Listing p.3 without getting a 'yes' confirmation from the payment gateway? Like I don't want someone to try and access Add Listing p.3 by directly entering the URL, thus bypassing the payment part. Any thoughts?
Posted 28 September 2006 - 06:32 PM
Nether of those are fool proof but they should do what you want..
Posted 29 September 2006 - 04:45 AM
Posted 29 September 2006 - 06:09 AM
i would suggest requiring BOTH the listing information and payment info in one place. they submit, and if the payment fails don't store the information. if it does, store it and they're done. that way there is no third form to hard link to. not sure how feasible this is with your merchant gateway, but it's worth a shot.
finally, another option is to enter the listing info first and store it as inactive. let the user then pay for it to be shown, and it is active. while people could theoretically enter info and not pay for it, it will not be displayed until they've paid for it.
regardless of your choice of solution, i think it's silly to have them enter their listing info AFTER they've paid. there are too many possibilities for errors and unhappy clients. what if they pay, get to the listing addition page, and their connection craps out or they close the page, etc.? unhappy customer demanding a refund; while they may have been willing to list their property with you before, good luck retaining their business after. just a thought.
Posted 29 September 2006 - 03:20 PM
Also, I was thinking about doing the payment info first because there seems like there could be more issues with paying than just entering form info. Because once the listing form info is sent, I send myself an email saying that the following listing info was submitted. I then send myself an email once the info actually gets added to the db. That way I know that for a successful addition, I'll get 2 emails. Doesn't this seem like it will handle the situations you talk about? If I did it the other way, what do I do with the listing information while I'm waiting to find out whether the payment went through successfully? Thanks!
Posted 30 September 2006 - 07:39 AM
i just think that the way you are doing it leads to a lot more admin work on your end than necessary, given the number of fully automated options. that being said, don't neglect to add a manual system in just in case the automation fails, but you shouldn't need to rely on it.
Posted 30 September 2006 - 03:24 PM
Posted 30 September 2006 - 04:16 PM
Posted 30 September 2006 - 06:01 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users