Data Handling with a Shopping Cart/PayPal System - Payment
(Page 4 of 4 )
There are many methods for receiving payment with an ecommerce solution. Here are a few:
- The online shop is actually more of an online catalog, and customers have to telephone you to place orders.
- Similar to the above, except you travel to the customer to complete the transaction. This might make sense if it's for some building work such as a patio or a kitchen, and you need to give them a quote on the spot after viewing the location.
- A built-in secure payment section in which the customers can enter their card details, and the transaction is automatically processed by the system.
- An external payment method such as PayPal, Worldpay or DebiTech.
The demo shop uses one of the old style methods of receiving payments with PayPal. It should work with the other external payment systems such as WorldPay with some minor modifications. The reason it's termed "old-style" is because PayPal now provides their own .net kit that implements their own system of connecting to their site here.
The entire system of collecting the basket data and transferring it to PayPal is handled inside the shopBasketCheckout_OnServerClick() function:
protected void shopBasketCheckout_OnServerClick(object source,
EventArgs e)
{
string postData = "";
postData += "currency_code=GBP";
postData += "&cmd=_cart";
postData += "&business=youremailaddress@yourdomain.net";
postData += "&upload=1";
postData += "&cancel_return=www.davidmillington.net";
DataTable dtBasket = getBasketDt();
double total = 0.00;
for(int i = 0; i < dtBasket.Rows.Count; i++)
{
postData += "&item_name_" + (i + 1) + "=" +
dtBasket.Rows[i]["name"];
postData += "&quantity_" + (i + 1) + "=" +
dtBasket.Rows[i]["quantity"];
postData += "&amount_" + (i + 1) + "=" +
Convert.ToDouble(dtBasket.Rows[i]["price"]);
total += (Convert.ToDouble(dtBasket.Rows[i]
["price"]) * Convert.ToInt32(dtBasket.Rows[i]["quantity"]));
if(i == dtBasket.Rows.Count - 1)
{
postData += "&shipping_" + (i + 1) + "=" +
calcDeliveryCost(total);
}
else
{
postData += "&shipping_" + (i + 1) + "=0.00";
}
postData += "&shipping2_" + (i + 1) + "=0.00";
postData += "&handling_" + (i + 1) +
"=0.00";
}
postData += "&handling=" + calcDeliveryCost(total);
byte[] data = Encoding.ASCII.GetBytes(postData);
HttpWebRequest ppRequest = (HttpWebRequest)
WebRequest.Create("https://www.paypal.com/cgi-bin/webscr");;
ppRequest.Method = "POST";
ppRequest.ContentType = "application/x-www-form-
urlencoded";
ppRequest.ContentLength = data.Length;
// Send
Stream ppStream = ppRequest.GetRequestStream
();
ppStream.Write(data, 0, data.Length);
ppStream.Close();
// Receive :¬(
HttpWebResponse ppResponse = (HttpWebResponse)
ppRequest.GetResponse();
StreamReader sr = new StreamReader
(ppResponse.GetResponseStream());
string strResult = sr.ReadToEnd();
sr.Close();
// Write to screen
Response.Clear();
Response.Write(strResult);
Response.End();
}
Because there doesn't seem to be a way to make a C# application post and redirect to another site as you would normally do with a <forms> action attribute, we have to take a slightly different approach. We build a long string which contains multiple name/value pairs and then use the HttpWebRequest and HttpWebResponse objects to send and receive the data to and from the payment service.
The first section in the function specifies the PayPal account details such as the currency to use, the account name and the page PayPal should return the customer to should they decide to cancel the transaction.
The next step is to loop through the basket and retrieve all the product information that we want to pass to PayPal. This includes the product name, quantity and price. Due to the nature of the demonstration, we cheat a little bit with the delivery costs and add the entire delivery cost to the last product in the basket instead of adding each individually. This is because we only work out the delivery based on the total price of the basket and not on any sort of per product basis.
Now comes the interesting part. First though, let me point out that I have not invented this method myself; it's the result of some hard Googling over the problem. First we create a Request object which will be used when we contact PayPal via a Stream. We receive the response with a Response object and simply Response.Write() that to the screen. This gets the basket information to the PayPal site and directs it to the correct account.
The problem is that the first page the customer lands on will still have your shop's address in the address bar. If they click any of the links on the PayPal site, such as to view the basket contents or to login, then the address will change to reflect that it's really PayPal. As you may be aware, some people may be put off by the fact that they can still see your shop's address in the address bar and may even believe you're going to try scamming their PayPal or bank account details off them. If you are planning on implementing payments via an external system such as PayPal or WorldPay, you should check their developer sites to see what their recommended .net solution is.
Conclusion
In this installment we started by looking at one method of generating the GridView's DataSource and then proceeded to use that data to create a fully functional shopping interface. Although the DataSource in the demonstration was created on the fly you should really think about using a database for storing your product information if you either have a large number of products or just carry a frequently changing product line. Of course adding a database into the equation opens its own barrel of worms, so it's not a step to be taken lightly.
The other area that needs special attention is the payment system. The demo shop uses a very simple method to collect the required basket information and send it to an external payment system. You may want more control over payment handling, such as taking the customer's payment details and storing them in a database, or writing your own Electronic Point Of Sale functionality. Regardless of the method you choose, you should always be aware of the legalities involved with receiving and making payments in your country.
The next installment in this series will guide you through some of the methods you can use to alter the appearance of the GridView. This will then leave you with the knowledge of how to use the GridView to produce a fully functional and pretty nice looking shop.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
/ 5 
