Hello there. I am completely a newb let me say first off and this is the first time I have ever dealt with a shopping cart while building a website. I stumbled across some source code that gave me pretty easy instructions that I followed. I set everything up, and the way it shows me that this works goes like this.....

A customer adds an item to the cart, then checks out and enters the credit card information and everything. It then instructs me to go to my cgi file where I will find a list of all my orders along with the credit card information that each customer has entered and everything.

This is where my question comes in. Loading the cgi file in a new window can be done by anyone in the world on any computer. Of course it requires admin username and password, but IF someone managed to get ahold of the username and password they would then be able to just log in and steal all of that information. Is this the normal way to go about receiving credit card payments?? It just seems so insecure to me. In my mind I was thinking that when someone pays with a credit card, the transaction automatically goes to a third party site and I (the site owner) don't even have to see the credit card information at all.

Any information would be a great help. Is there a much more secure way of going about this? Is it normal that I will take all of these credit card numbers and then process them myself manually?

Thanks in advance!

Recommended Answers

All 2 Replies

I know that you can process shopping cart by subscribing to Amazon payments and Paypal. For the Amazon one, you may need a developer to incorporate on your site - but check their different models and options.

What you may look into is to find a shopping cart which is secure and coded well, you may be interested in OSCommerce, ZenCart and a few others, secondly but also very important, find a payment gateway who will provide you with an API in order to process credit card payments.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.