• entries
    1212
  • comments
    1738
  • views
    1141031

No carts for me

Sign in to follow this  

108 views

Well I'm in the horns of research here. I looked into shopping cart solutions for ecommerce, and it looks like too much for my needs. I figure I'll be selling just a few items, so I'll need a simpler solution than a shopping cart. What I'd ultimately like is something like these. . .

Dexterity Software's game order page

Turnkey Software's SimpleShop

Paypalhelper's example page

They're just one-page things where you enter your information and submit it to the payment system (paypal at first, probably a credit card processor later). Then the system will email you a download link when your payment is verified.

The turnkey one looks like the solution, but it doesn't do anything on the back-end. It just sends you the paypal transaction or the credit card number the person entered. You've gotta actually send the download link yourself. They make a much more expensive one with back-end processing, but it's a full shopping cart, which I don't want.

The paypalhelper one is pretty close to what I need. What I was actually thinking of doing was a Flash-based form that'd collect the data and send it to a piece of PHP code on my site. That code would collect the form-data, put it in a form that paypal likes (much like that guy's javascript does), and send the whole mess along to paypal. I'd then have an IPN (paypal-speak for a post-payment CGI) that'd verify the transaction and email the user a download link and registration code.

Actually, I could probably leave it as javascript, but I'd rather like the ability to add coupon codes for stuff like 10% off discounts. Doing that in javascript wouldn't work too well because the code's right there for everyone with the ability to choose "view source" from their menubar. At least in Flash I can hide any sneaky coupon codes or have a button that'll retrieve 'em from a database on the site when you click the "enter coupon code" button.

Or I could do something even more silly like have a "click the yellow rhombus 20 times in 60 seconds for 10% off" box in the form :)

Of course, I might be talking outta my ass here. What I'm talking about is. . .


1. User plays "baby" version of the game on my web site (remember, it's in Flash).

2. User says "zounds, this is fun" and clicks the "buy the full version" button.

3. Flash-based form on buy-page collects user and product data

4. Which is passed to a piece of PHP code on my site

5. Which verifies and massages that passed data into something Paypal will like

6. And then passes the data along to paypal and redirects the user to the paypal page where he verifies his ID and password

7. And then paypal puts the money in my account and runs my IPN

8. Which creates an ID in my database and generates a registration code

9. And then emails the user a www.thecodezone.com/download.php?ID=122349335 link and a registration code.

10. Which the user then clicks.

11. Thus causing download.php to look up the passed ID to see what product the user's downloading, sending the file to the user if it's there.

12. Then the user runs the install and enters the magical code sent in his email, thus unlocking the game.

13. User plays game and sends all of his friends to play the online version.

14. Return to step 1.


That's a lot of steps. The only one I don't completely understand how to do is step six. If I massage the data from thecodezone.com and send it paypal, it stands to reason that paypal will return the results to thecodezone.com, and I don't want that. What might happen instead would be to have my Flash form massage the data internally and pass it to some javascript on the page (yeah, you can do that in Flash, cool eh?) that will then pass it along to paypal which will pop up a paypal "verify yourself" window just like the paypalhelper example.

The possibility of fakery is strong, as it is with any Paypal IPN-based stuff. Since Paypal doesn't know about products and just passes on what it's given, it's not difficult to fake a post to paypal with whatever dollar-values you want for a product. That's also where the IPN comes in. In addition to verifying the transaction, Paypal sends you along everything that was passed to it, including part numbers and prices and taxes and such. It's then the job of your IPN to verify that these values are kosher before accepting 'em. So if it sees someone buying Duck Tiles for three cents, it's gotta be smart enough to notify me that something odd just happened rather than sending the user a download link.



Yes, I'm organizing my thoughts here. If anyone's got advice on this, please please please lemme know.

And "hey, paypal suxxorz" is not advice. I'll hook up with a real credit-card processor eventually so people can choose paypal or credit card. Paypal's actually setting that up now, but they're charging $20 a month for that, which is a touch steep for a pissant company like mine.
Sign in to follow this  


1 Comment


Recommended Comments

Actually, PayPal *IS* a credit card solution. You can allow payments from customers to be "PayPal Account Optional", so that they can just use credit cards.

I liked using IPN when I used it a few years ago for a subscription based website. I downloaded the more recent documents for it, and in my brief look at them, it looks like it has gotten even better.

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now