Đang tải... (xem toàn văn)
WordPress for web developers WordPress for web developers WordPress for web developers WordPress for web developers WordPress for web developers WordPress for web developers WordPress for web developers WordPress for web developers Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter) Effortless e commerce with PHP and MySQL (2nd edition) (voices that matter)
Effortless E-Commerce with PHP and MySQL Second Edition Larry Ullman Effortless E-Commerce with PHP and MySQL, Second Edition Larry Ullman New Riders www.newriders.com To report errors, please send a note to: errata@peachpit.com New Riders is an imprint of Peachpit, a division of Pearson Education Copyright © 2014 by Larry Ullman Project Editor: Nancy Peterson Copyeditor: Liz Welch Proofreader: Scout Festa Technical Reviewer: Chris Cornutt Production Coordinator and Compositor: David Van Ness Cover Designer: Aren Straiger Indexer: Karin Arrigoni Notice of Rights All rights reserved No part of this book may be reproduced or transmitted in any form by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher For information on getting permission for reprints and excerpts, contact permissions@peachpit.com Notice of Liability The information in this book is distributed on an “As Is” basis, without warranty While every precaution has been taken in the preparation of the book, neither the author nor Peachpit shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the instructions contained in this book or by the computer software and hardware products described in it Trademarks MySQL is a registered trademark of MySQL AB in the United States and in other countries Macintosh, Mac OS X, and OS X are trademarks of Apple Inc., registered in the U.S and other countries Microsoft and Windows are registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries This book is not officially endorsed by nor affiliated with any of the above companies, including MySQL AB Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and Peachpit was aware of a trademark claim, the designations appear as requested by the owner of the trademark All other product names and services identified throughout this book are used in editorial fashion only and for the benefit of such companies with no intention of infringement of the trademark No such use, or the use of any trade name, is intended to convey endorsement or other affiliation with this book ISBN 13: 978-0-321-94936-3 ISBN 10: 0-321-94936-6 987654321 Printed and bound in the United States of America This book is dedicated to all the friends, family, and coworkers who have been so helpful, supportive, understanding, and generous with their time over the past few years It’s a long list, in no particular order: Roxanne, Nicole, Sarah, Meredith, Paula, Barb, Christina, Shirley, Cyndi, Sommar, Brian, Gary, Heather, Rich, Gina, Mike, Kay, Janice, David, and everyone at Peachpit Press A Bushel—That’s Four Whole Pecks—of Thanks to Nancy, for managing the project, for being great to work with, and for assembling such a top-notch team Chris, for joining in at the last minute to provide an excellent technical review David, for magically converting a handful of random materials into something that walks and talks like a book Liz and Scout, for the sharp eyes in improving my muddled words, grammar, and syntax Karin, the indexer who makes it easy for readers to find what they need to know without wading through all of my blather Aren, for the snazzy cover design All the readers who requested that I write this book and provided detailed thoughts as to what they would and would not want this book to be I hope it’s what you were looking for! To all the readers who liked the first edition and made suggestions for how I could improve this one Gary at Kona Earth coffee (www.konaearth.com) for the ton of feedback And for the truly excellent coffee! Templates.com (www.templates.com) for permission to use their template in the book’s Coffee example Jon, for permission to use his “Architecture by Hand” stencil for some of the book’s figures (www.jonathanbrown.me) Rashelle, for always entertaining the kids so that I can get some work done, even if I’d rather not Zoe and Sam, for being the kid epitome of awesomeness Jessica, for doing everything you and everything you can Contents Introduction What Is E-Commerce? About This Book Technologies Used What’s New in This Edition Getting Help What You’ll Need Some Fundamental Skills A Web Server And a Bit More PART ONE: FUNDAMENTALS Chapter 1: Getting Started Identifying Your Business Goals Researching Legal Issues National and International Laws PCI Compliance Choosing Web Technologies Selecting a Web Host Hosting Options My Hosting Recommendation Finding a Good Host Using a Payment System Payment Processors Payment Gateways The Middle Way Which Should You Use? The Development Process Site Planning HTML Design Database Design Programming Testing Going Live Maintaining Improving Chapter 2: Security Fundamentals Security Theory No Website Is Secure Maximum Security Isn’t the Goal Security for Customers PCI Requirements Server Security Hosting Implications PHP and Web Security Database Security Secure Transactions Common Vulnerabilities Protecting Information Protecting the User Protecting the Site PART TWO: SELLING VIRTUAL PRODUCTS Chapter 3: First Site: Structure and Design Database Design Server Organization Connecting to the Database The Config File The HTML Template Creating the Header Adding Dynamic Functionality to the Header Creating the Footer Creating the Home Page Defining Helper Functions Redirecting the Browser Creating Form Inputs Chapter 4: User Accounts Protecting Passwords Registration Creating the Basic Shell Creating the Form Processing the Form Logging In Processing the Form Creating the Form Logging Out Managing Passwords Recovering Passwords Changing Passwords Improving the Security Chapter 5: Managing Site Content Creating an Administrator Adding Pages 10 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 Table of Contents Title Page Copyright Page Dedication Page A Bushel—That’s Four Whole Pecks—of Thanks to Contents Introduction What Is E-Commerce? About This Book What You’ll Need 19 19 20 23 Part One: Fundamentals 25 Getting Started Identifying Your Business Goals Researching Legal Issues Choosing Web Technologies Selecting a Web Host Using a Payment System The Development Process Security Fundamentals Security Theory PCI Requirements Server Security Secure Transactions Common Vulnerabilities 26 26 28 32 35 42 49 61 61 68 71 78 83 Part Two: Selling Virtual Products 93 First Site: Structure and Design Database Design Server Organization Connecting to the Database 94 95 101 105 1700 The Config File The HTML Template Defining Helper Functions User Accounts Protecting Passwords Registration Logging In Logging Out Managing Passwords Improving the Security Managing Site Content Creating an Administrator Adding Pages Displaying Page Content Adding PDFs Displaying PDF Content Using PayPal About PayPal Testing PayPal Integrating PayPal Testing the Site Using IPN Renewing Accounts Going Live 109 116 129 141 141 145 160 168 169 179 183 183 185 197 206 221 229 229 236 246 252 254 270 271 Part Three: Selling Physical Products Second Site: Structure and Design About the Site Database Design Server Setup Helper Files The HTML Template 1701 274 275 275 281 290 303 308 Making the Most of MySQL Creating a Catalog Preparing the Database Shopping by Category Listing Products Indicating Availability Showing Sale Prices Highlighting Sales Building a Shopping Cart Defining the Procedures Defining the Helper Functions Making a Shopping Cart Making a Wish List Calculating Shipping 10 Checking Out About Authorize.net Creating a Test Account Preparing the Site Taking the Shipping Information Taking the Billing Information Processing Credit Cards Completing the Order Testing the Site Going Live 11 Site Administration Setting Up the Server Adding Products Adding Inventory Creating Sales Viewing Orders Processing Payment 1702 314 324 324 344 352 362 364 374 382 382 389 391 404 409 412 412 414 416 436 460 478 490 494 495 497 497 504 527 533 539 551 Part Four: Extra Touches 558 12 Extending the First Site New Public Features Security Improvements Administrative Changes Implementing PayPal PDT 13 Extending the Second Site Public Suggestions Administrative Suggestions Structural Alterations 14 Adding JavaScript and Ajax Adding jQuery Preventing Duplicate Orders Using Superfish Adding a Calendar Pagination and Table Sorting Applying Ajax Working with Favorites Recording Notes Better Cart Management Taking Customer Feedback 15 Using Stripe Payments About Stripe Creating an Account Performing Single Charges Testing Stripe Going Live Capturing Charges Performing Recurring Charges Index 559 560 573 589 597 608 608 644 648 656 657 659 663 668 672 674 676 686 693 694 700 700 706 710 736 738 741 742 746 1703 1704 ... addresses There are two key differences between a site hoping simply to make money and one intending to take money: How comfortable the customer needs to be How secure the site needs to be A site.. .Effortless E- Commerce with PHP and MySQL Second Edition Larry Ullman Effortless E- Commerce with PHP and MySQL, Second Edition Larry Ullman New Riders www.newriders.com To report errors, please... services that can be purchased elsewhere In this book, I’m using the term e- commerce to refer to sites that directly accept money from end users I’ve limited myself to that scope, because handling