Magento 自定义付款方式
我将解释我需要的流程: 结帐过程是相同的,现在,在最后一步中,我正在对外部 URL 进行 POST,其中处理所有数据,我等待外部服务器的响应,处理后,我进行相应的步骤, 1- 将订单保存在数据库中或 2- 给出错误消息。这取决于响应,然后,为了保存订单,我需要拥有所有卡的详细信息,如果我没有,magento 会给我一个错误,出于安全原因,外部服务器不会返回卡的详细信息,并且他们说不会,所以,我需要保留所有这些信息,直到我可以保存或拒绝它,我的问题:我在这里可以做什么?将卡详细信息保存在 cookie 中?或者会话变量?或者我还有其他选择吗?
谢谢
i'm going to explain the flow of what i need:
the checkout process is the same, now, in the last step, i'm doing POST to an external URL, where all the data is processed, i wait to the response of the external server, after process it, i make the correspondient step, 1- Save the order in the db or 2- Give an error message. it depend on the response, then, to save the order i need to have all the card details, if i don't have it, magento give me an error, the external server doesn't return the card details for security reason, and they said the won't, so, i need to keep alive all this information until i can save it or refuse it, my question: What can i do here? Save the card details in a cookie? or a session variable?? or do i have another opcion??
thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您在任何地方(包括会话)保存银行卡详细信息,那么您可能会违反业务所在国家/地区的数据安全法。我不建议将其作为解决方案。
If you save card details anywhere, including the session, you will probably have run afoul of data security laws in whatever country the business is running in. I would not suggest that as a solution.
由于这是一个非常重要的主题(imo)并且答案有点复杂,因此我决定就此写一篇相当长的回复。
那么自定义支付方式(尤其是 magento)的主要方面是什么?
您很可能不被允许存储和/或传输信用卡信息。
但是,您可以存储类似的信息,这样客户就不必一直重新输入他/她的信息。我稍后会谈到这个问题。
Magento 是一个非常灵活和强大的应用程序(但是它非常慢)。你几乎可以做任何事情。但是,当涉及到结账处理时,流程必须遵守某些限制,这是有充分理由的。
结帐处理步骤应封装成单元。您试图将一个单元拆开,这几乎肯定是一个非常糟糕的主意。
所以我想说的是,信用卡信息应该在处理付款的同一提供商处输入。没有别的了。曾经。
我的意思是那太荒谬了......想想吧。 “请提供您的 Paypal 凭据,我们将为您付款...”
另一方面,如果您是经过认证的信用卡支付提供商,则您的交易是你的(这听起来绝对不安全)是在内部处理的,你作为提供者就像一个黑匣子。即使是你的商店。
如果您确实想要,您可以在内部进行验证交易等。为了让您走上正确的轨道,我有此代码 适合您,这应该会让您走上正轨。
我基本上是从 magento 论坛复制的,并对其进行了一些调整,以解决常见问题,例如几个商店、超级产品、定制价格、特价等等。
然而,我认为无论你想要实现什么目标,你都应该重新考虑你的方法。
最后但并非最不重要的一点是,正如我上面提到的,有办法在提供商处“存储”卡信息。例如,Ogone 为您提供了与客户一起发送客户令牌的可能性,并且如果相同的令牌再次出现他们只需预先填写所有信息,客户只需单击“付款”即可。
他们还为您提供定制支付页面并拥有您自己的权限,这样用户基本上不会意识到他/她甚至离开了您的商店。
他们还有稳定的 magento 模块,工作起来就像一个魅力,并且非常可定制。
也许这就是你想要的...
如果我没有回答你的问题,至少以间接的方式,我会恳请你重新写下你的问题,并更清楚地表达你到底想要什么,特别是你的意图是什么。意味着你最终想要完成的事情。也许有更好的方法!
问候,乔
As this is a really important topic (imo) and the answers are a bit complicated i decided to write a rather lenghy response about this.
So what are the main aspects with custom payment methods and especially with magento?
You are most likely not allowed to store and or transmit credit card information.
However you can store something similar so the customer doesn't have to re-enter his/her information all the time. I will come to that later.
Magento is a very flexible and powerful application (however it is damn slow). You can do almost anything. But when it comes to checkout processing the flow has to obey certain limitations, with good reasons.
Checkout processing steps should be capsulated into units. You are trying to wrap apart one unit which is almost certainly a very bad idea.
So what I want't to say is that the Credit Card information should be entered at the SAME provider that processes the payment. Nothing else. Ever.
I mean thats just absurd... Think about it. "Please provide your paypal credentials, we will then do the payment for you..."
On the other hand if you are a certified credit card payment provider you this transaction of yours (which sounds absolutely insecure) is handled internally and you as a provider are like a black box. Even for your shop.
If you really want that you can internally do your verification transaction etc. To get you on the right track with that i have this code for you which should bring you on the right track.
I essentially copied it from magento forum and tweaked it a bit to work with the usual issues like several shops, super products, custom prices, special prices and so on.
However i think you should really re consider your approach for whatever you are trying to accomplish.
Last but not least as i mentioned above, there are way to "store" the card information at the provider. For example Ogone offers you the possibility to send a customer token along with the customer, and if the same token appears again they just pre-fill out all the information and the customer just has to click "pay".
They also offer you to customzie the payment pages and have your own vohst so that the user essentially doesn't realise he/she is even leaving your shop.
They also have steady modules for magento that work like a charm and are pretty customizeable.
Maby thats what you want...
If I didn't answer your question, at least in an indirect way, I would kindly ask you to re write your question and put more clearly what you exactly wan't and expecially what your intentions are. Meaning what you are trying to accomplish in the end. Perhaps there are better approaches!
Greetings, joe