Textpattern CMS support forum

You are not logged in. Register | Login | Help

#21 2008-03-01 10:15:51

Gocom
Plugin Author
Registered: 2006-07-14
Posts: 4,524
Website

Re: yab_shop (simple textpattern shop with paypal support)

Can you add there nonce support as it takes out easy remote form submitting? We don’t want to get 10 000 orders in five minutes, or do we?

By nonce I just mean simple random md5 string check. The same string is on hidden input and also as variable. If they are same, then the form is submitted. Simple but powerful. Also textpattern uses that on comment system, and also it’s a one step on login validating.

Last edited by Gocom (2008-03-01 10:16:52)

Offline

#22 2008-03-01 11:09:31

trenc
Plugin Author
From: Cologne
Registered: 2008-02-27
Posts: 547
Website

Re: yab_shop (simple textpattern shop with paypal support)

@sthmtc:
Products are handled like normal articles. Only assigned to a specific section that you have to create and then named in the config. So all related plugins for articles, categories etc. should work, i hope so. :)
One custom field is required for price. Naming and custom field number are on your own. Variant, color, size are custom fields too (naming on your own, too), but these are not required. So there must be one custom field available at least (for price) or up to four available custom fields if you want all three additional product properties and the price field.

@Gocom:
Remote form submitting should not work, i think. The order form will showed only if the cart is not empty and after a successfully form submit the cart will be depleted.
But maybe i have errors in reasoning in this issue, ‘cause i’m not really skilled in this.

Offline

#23 2008-03-01 12:20:29

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 7,682
Website

Re: yab_shop (simple textpattern shop with paypal support)

This sounds awesome trenc, many thanks in advance for your hard work. On my record label site I think I’ll be able to use “Variant” as either “CD” or “mp3 download” for the music tracks/albums. The shopping cart I originally put together from various JavaScript solutions I found on the web is a little awkward for management of inventory.

A few things:

  1. Can discount rules be applied for bulk purchases / buy one get one free, etc?
  2. Where are the shipping costs calculated/set up? Can it do shipping costs per type/variant?
  3. Is there a way of handing off control to another article/script on successful payment (e.g. after successfully buying an mp3 I’d need to deliver the correct file to the buyer)
  4. PayPal integration: I’ve done this before and it’s not very tricky. As long as you tell PayPal your product codes and configure it to allow the other stuff (size, colour, shipping, etc) to be sent via form fields you can add a PayPal button to your site that takes the person to a customised portal on PayPal’s own site for secure payment processing, then redirect back to your site for a “thanks” message/subsequent processing. Not sure how it fits in with the plugin, but if you want any help with this, or to to see how I’ve done it in the past so it can be improved, just let me know
  5. I kind of agree with Gocom about the nonce checking. It might be a useful safeguard to build in as this plugin progresses. With an integrated payment system it’s probably not much of a worry because if a bot makes 10 000 requests for 3 Circles and a Pentagon, they’ve still got to pay for them before the order completes and 3rd party sites shouldn’t permit that. I’m not expert enough in XSS attacks to assess whether this is a problem or not.

Looking forward to trying this out when I get a chance. It looks very slick, thanks again.

Last edited by Bloke (2008-03-01 12:21:54)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#24 2008-03-01 18:46:26

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 447
Website

Re: yab_shop (simple textpattern shop with paypal support)

Yep, looks pretty good.

Offline

#25 2008-03-02 17:59:02

trenc
Plugin Author
From: Cologne
Registered: 2008-02-27
Posts: 547
Website

Re: yab_shop (simple textpattern shop with paypal support)

I’ve released it.
See first updated thread entry.

Last edited by trenc (2008-03-02 18:07:24)

Offline

#26 2008-03-02 21:17:50

ruud
Developer emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,054
Website

Re: yab_shop (simple textpattern shop with paypal support)

Source looks very nice at first sight. Uses lots of TXP internal functions to avoid code duplication. The .phps files don’t show up as plain text in my browser (I can only save them, Firefox interprets them as binary files). Perhaps you can use the PHP highlight_string function to produce color-highlighted source (I’ve done that for the plugins on my own website).

One thing I noticed in the sending of email is that you use the sitename in the header of the email. You may want to mime-encode that, in case the site name contains non-us-ascii characters (headers are always 7-bit. Specifying 8-bit in the header is only relevant for the body of the email).

Have you considered making this plugin MLP-compatible?

Btw. I noticed you’ve added it on TXP.org. Up till now there were no shopping cart plugins. You may want to ask Alicson (who maintains TXP.org) for a separate category: e-commerce or something like that.

Offline

#27 2008-03-03 16:02:44

trenc
Plugin Author
From: Cologne
Registered: 2008-02-27
Posts: 547
Website

Re: yab_shop (simple textpattern shop with paypal support)

@bloke:
There are no discount rules implemented. But this could be a future implementation, when i have a clue how to handle it. Shipping costs are flatrate shipping. Could be diffcult to implenent both (discount rules and shipping cost per variant), but i’am always open for suggestions.
For delivering ordered files i could imagine to create a new session object or array with relevant datas after an successfull transaction, on which you can access by your own script.
If i understand it correctly so your paypal solution is like the »by now«-button?

@ruud:
I hope the frequent use of internal txp functions is not a bommerang :), but it seems the right way for me.
It was my intention that the source can be easily downloaded. So everyone is able to open it in his/her favorite editor.
Your are right with that email header, i will change it next release, many thanks.
I’ve only heard of the MLP, but not yet used. So i will first have look at the MLP code, but i fear MLP-compatibility is not easy. Will see.

Offline

#28 2008-03-03 16:24:27

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 7,682
Website

Re: yab_shop (simple textpattern shop with paypal support)

trenc wrote:

There are no discount rules implemented. But this could be a future implementation, when i have a clue how to handle it.

Cool.

Shipping costs are flatrate shipping.

Fair enough.

For delivering ordered files i could imagine to create a new session object or array with relevant datas after an successfull transaction, on which you can access by your own script.

Excellent. If you need a beta tester or some input, let me know.

If i understand it correctly so your paypal solution is like the »by now«-button?

Yes, exactly that. If using encrypted buttons it’s a bit of an overhead to generate each time because you have to visit the PayPal site to tell it your product IDs. Plus it renders the basket a bit useless because I think you have to edit quantities directly on the PayPal portal :-(

The non-encrypted route is fairly easy to integrate because I seem to remember you can make a form and plug the values into it from custom fields/form fields and the Submit button then simply redirects to paypal. Not really sure if the encryption is much use anyway.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#29 2008-03-03 17:29:30

ruud
Developer emeritus
From: a galaxy far far away
Registered: 2006-06-04
Posts: 5,054
Website

Re: yab_shop (simple textpattern shop with paypal support)

I hope the frequent use of internal txp functions is not a bommerang :), but it seems the right way for me.

Yes, definitely the right way. Better than re-inventing the wheel :)

Offline

#30 2008-03-03 18:11:49

TheEric
Plugin Author
From: Wyoming
Registered: 2004-09-17
Posts: 564

Re: yab_shop (simple textpattern shop with paypal support)

Bloke wrote:

Yes, exactly that. If using encrypted buttons it’s a bit of an overhead to generate each time because you have to visit the PayPal site to tell it your product IDs. Plus it renders the basket a bit useless because I think you have to edit quantities directly on the PayPal portal :-( The non-encrypted route is fairly easy to integrate because I seem to remember you can make a form and plug the values into it from custom fields/form fields and the Submit button then simply redirects to paypal. Not really sure if the encryption is much use anyway.

No interaction is needed to generate the encrypted buttons The encryption is generated using a unique key that you generate through paypal, once (see here ) Also, if you use Website Payments Standard (even Pro or Gateway) you don’t need to use the express checkout cart for quantities. You simply use Paypal as something similiar to a payment gateway (see here ) Ooops. Sorry, this only applies to Paypay Website Payments Pro, but the checkout feature of the standard version is just a confirmation of what they entered on your website shopping cart. Here they can change quantities and remove items. Think of it like a checkout screen.

Last edited by TheEric (2008-03-03 18:18:23)

Offline

Board footer

Powered by FluxBB