guamrider Posted October 18, 2003 Posted October 18, 2003 I dont have a clue as to whether or not I'm putting this post in the right place, but there seems to be quite a few that respond so I'm hoping I get lucky. Best case scenerio: I want to have some way of having others who use our travel services simple enter their credit card info, number, expiration date, etc. WTHOUT having the card processed through an e-commerce system. All I want to see on our end is the card info and we will process it here. Problem: We have no idea how to do this. I'm sure we have to get an ssl certificte for our site, but beyond that we are lost. Thumbs Up Any ideas or tutorials that you know of would gladly be accepted and a day of free diving if you ever get to Guam. Quote
TCH-Dick Posted October 18, 2003 Posted October 18, 2003 Once you get your SSL certificate you could just have the users submit the info via a form. The easiest way would be to have them submit it to a form that then e-mails you the information, not sure how secure that would be though. Or you could have the form save the information to a database. Quote
Guest schussat Posted October 18, 2003 Posted October 18, 2003 Problem: We have no idea how to do this. I'm sure we have to get an ssl certificte for our site, but beyond that we are lost. Thumbs Up Any ideas or tutorials that you know of would gladly be accepted and a day of free diving if you ever get to Guam. Using the SSL service provided by an old host, I implemented a pretty easy-to-use payment system that sounds like what you're describing. The web host of an organization I used to work for provided SSL services to all its clients, via an https://host.com/~user address -- if TCH's free shared SSL works in a similar fashion, then you don't even need your own SSL certificate (though that's a detail I'll leave to them to clarify). Given that backend infrastructure, it's really simple to put together a form that collects that information, presents it back to the user for confirmation, and then saves it to a local file and sends email to a particular address notifying them of the pending payment. The recipient then loads a designated address, which is itself secured via https, and retrieves the info. To the extent that you're storing the information on the server for a relatively short time (and perhaps via a standard encryption routine, too), it's nice and secure. And, since you retrieve it via https (just another script that reads and parses the file, essentially), the retrieval is secure, as well. That's exactly what I did for the organization I used to work -- they didn't really need e-commerce, but a straightforward way to occasionally collect credit card information and run it through their own processing system. Following up on MikeH's reply, since all the information is stored at the host, it's probably more secure than emailing it, since all transmissions of the user's credit info are done via a secure web connection. Quote
Guest schussat Posted October 18, 2003 Posted October 18, 2003 Addendum: this page answers my previous question about shared SSL. Just use https://serverNN.totalchoicehosting.com/~username, and your connection will be setup to use secure http. So, you're all set -- with no need for an independent security certificate. Quote
guamrider Posted October 18, 2003 Author Posted October 18, 2003 Wow, never expected a replies so fast. More and more I'm seeing the great "cast and crew" of TCH. Very much appreciated. So, if you ever get to Guam you have a frfee day of diving on me. www.mdaguam.com. Pete Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.