Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 167
  • Last Modified:

Order Form in my webpage

Hi

I want to sell my software through my website. i have created an order form but don't know how to make it secure for the buyer to send the credit information.

I have also got a suggustion page where a suggestion form can be filled out. the field values will be posted to me by e-mail through my web-server. can  i use this technique for the order form?

what are the other options that i have got?

Regards
Keith
0
keithcsl
Asked:
keithcsl
  • 3
1 Solution
 
LSILesCommented:
To make it almost absolutely secure, I would suggest getting a certificate from Verisign or another similar company.  Verisign's go for around $250 for the sign-up and then I believe $150 annual renewal.  My brother, who is also a web developing professional, told me about a company that you can get them for around $150 sign-up and then lower than that for the renewal.  If you're interested, let me know, and I'll get the name of the company for you.  However, this is the most reliable way of securing your order form.

As for sending the order information via e-mail...  don't do it!  When I first started designing our companies web site, I was considering the same thing.  It's very unreliable, and even more so UNSECURE.  There are ways to secure e-mail transactions, but the easiest way is to get a certificate.  Also, depending on your service provider, you may be able to use ASP (Active Server Pages) to post everything to a database, which is how I designed our web site.  I would suggest visiting http://www.activeserverpages.com to learn about ASP.  It's an invaluable tool in e-commerce development!

If you have any other questions, please ask!

---Les
les@livingscriptures.com
http://www.livingscriptures.com
Web Programmer

p.s.  If you accept this as an answer, please post and say so.  Thank you!
0
 
jack_p50Commented:
if you don't want to think much, go to any site with such a form, press ctrl-u (netscape) to see page's source, then cut'n'paste what you need
0
 
LSILesCommented:
Come on now Jack...  most commerce sites are using ASP, CGI, or Perl...  you know you can't get that information by viewing the source code of a page.
0
 
keithcslAuthor Commented:
jack

as a beginner in webpage designing, you are hitting me a bit hard here. i have seen the source for the pages before i have posted this question, and the only thing i could make out from it is that they are NOT using the order form via e-mail.

But after LSILes has explained to me ASP, i realised that many of the sites do use them.

LSILes i am happy to accept your answer but i have a few other queries?

How does a certificate make the form secure?

I have seen the website taht you have recommended and got to know little about ASP. Question: does that mean i need to find out if my ISP supports ASP? where is the database stored?

i have to admit i am not a webpage programmer, but just an ordinary software programmer.

it would be of tremendous help if you could list down the steps i should take for my order form using both the certificate and ASP options, so that i can weigh the costs/time/difficulty of both...

Regards
Keith

0
 
LSILesCommented:
You can visit http://www.verisign.com/server/whitepaper/index.html to learn about certificate security.  I still don't understand it completely, but it uses a private and public key to encrypt/decrypt transactions.

You do need to find out if your ISP supports ASP.  If they don't, but are using IIS (vs. Apache), then I would contact them about setting it up as an option.  The database would actually be stored on their server.  Which also brings up the point of how much server disk space you have available.  Our database started at about 2mb I believe, and hasn't gone up much, so that is one thing to consider.

Also, if your ISP already has a SSL certificate (from Verisign or another company), you most likely will be able to use theirs.

Actually, the ASP and certificate go hand-in-hand.  You should use both.  The ASP would be for obtaining the information and putting it in a database, while the certificate is actually the security part of it.

If you would like me to, I would be delighted to help you set it all up (if your ISP supports ASP).  I'm looking to develop a nice portfolio right now, and this could be just the thing.  =)  

Please let me know what you think.  You can e-mail me directly at les@livingscriptures.com

---Les
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now