[nycphp-talk] Two part question: Shopping carts & E-commerce

Gary Mort bz-gmort at
Tue Aug 28 07:14:41 EDT 2007

Cliff Hirsch wrote:
> On 8/27/07 10:24 PM, "Ben Sgro (ProjectSkyLine)" 
> <ben at> wrote:
>     I guess I need to read up on the e-commerce and shopping cart
>     basics. Do some carts only
>     work with certain merchants?
>     - Ben

Not so much a merchant, but a payment gateway(and I consider Google and 
Paypal gateways).

Also there is the issue of the way payment is supposed to work, and how 
most people do it.


A)Client puts 100$ worth of products in their cart
B)Client goes to checkout
C)Charging information collected from client
D) Charging information submitted to gateway for APPROVAL
E) Charge result processed
E1) Denied?  Go to step C
E2) Success?  Tell client so
F) You ship the products
G) You mark the item as shipped in the system
H) The system contacts the payment gateway and has the funds released

It's a two step process, Authorize the charge, than Release the funds 
after shipping

In the real world, most companies seem to do it in 1 step, Authorize and 
Release - which you can do but is a legal liability(what happens if a 
tornado comes through and destroys the warehouse before it shipped?  You 
HAVE to provide the product since you took the money, a refund is not 
good enough).

Payment Gateways work in one of two ways:
1) You collect all the payment information on your server and submit it 
through an SSL session to the gateway for approval.
2) You send the client to the payment gateway with some hidden fields 
for the products and pricing and they pay there, than the gateway 
returns the client to your site, as well as hitting it's own secret 
callback url to notify you a payment has been approved

A long long time ago, Paypal was strictly a remote gateway, you would 
redirect the client to paypal, they would process the payment.

Nowadays Paypal has an extremely inexpensive option for doing payment 
approvals yourself without a client redirect - the catch is that you 
must also accept paypal and must provide a process for this, so you need 
to implement 2 payment methods for Paypal(that said, a number of 
companies use the Paypal payflow method and don't advertise/allow direct 
paypal payments in violation of their agreement).

It also gets really complicated when your dealing with stores located in 
other countries.  Paypal won't provide gateway services for many 
countries, and in those countries gateways that will provide such 
service charge an arm and a leg(and considering that developers from 
those countries tend to be very cagey about saying what country they are 
in, my own feeling is those fees are justified.  I know of at least 2 
companies completely run out of India with Florida LLC's in order to use 

I generally work backwards with a cart system, first I determine what 
payment gateways(Paypal,, Worldpay, linkpoint, etc) are 
preferred, than find a cart that supports that gateway.  If they don't 
know what they want, than I recommend paypal until they decide what they 
want(a lot of merchant accounts charge hefty monthly fees, setup fees, 
and percentages - so make sure to setup the gateway first - working 6 
weeks on the project only to have the client refuse to implement because 
those "thieves" want 100$ application fee, 30$ a month, and 4% of sales 
is frustrating.  Paypal is cheap, it works, and it looks 'chintzy'.  It 
is amazing how many objections to Paypal disappear when they find out 
the costs of different system).

More information about the talk mailing list