[lug] Letting folks pay from the web.

[Lee Woodworth]

On 01/31/10 17:30, Jeffrey Haemer wrote:
> Folks,
> 
> The Colorado Moon Festival would like to start letting folks sign up and pay
> via PayPal (or Google Checkout, or ...).
> 
> Have any of you, in BLUG, had experience setting this up?  If so, can you
> offer advice?

You will need a merchant account. Depending on the card processor, the way your
site interacts with them will vary. You will of course need a server certificate,
a static IP for the site, and the ability to host https: web pages on port 443.
For the SSL enabled pages, a dedicated IP address that is not shared with other
SSL sites will be the easiest for this - virtual hosting for SSL is problematic.

Is this for the spring Moonfest and how soon do you need to have it up? Getting
the account and the cert might be a week _if_ things go well. Creating custom pages
for the event that are actually secure (SSL != secure, it takes more than that)
could take time. For instance making sure that you don't double charge when when
somebody does a browser refresh is important.

You need a durable data store to track your records -- what happens if the hardware
goes down? How do you know what charges were approved, etc? This is not something
where a hobby-level setup is OK. Unless Google Checkout tracks order/payments for you,
your site still has to have a reliable recovery mechanism so you don't lose
orders/payments due to a hardware failure.

FYI I recently did _not_ do purchase with a company because they only
had paypal available. Since I don't already have a paypal account, setting one
up just to make a small purchase is to just not worth it. Besides, I do not need
another account to manage and keep secure. Same issues with Google Checkout and
amazon. Something to consider as you decide how to go.