Anyone got GOOD web programming skills?

[Shooter Grrl]

I'm waaay out of my league on this one! I've gone through every "free" thing I can find for the last 3 months and I still can not get my pea brain wrapped around this...

Anybody willing to take a side job and get this done for me quickly? PM me for details! The basic premise is creating a payment gateway for authorize.net!

[R/T Performance]

Pm boynty77 he is a big it guy he will get you straight

[Greg Bell]

I know that Eric the owner of GlockTalk has experience with Authorize.net

[Rob Boudrie]

www.americart.com includes an Authorize.net payment gateway.

If you want to build your own payment gateway to Authorize.net from scratch you'll need someone with at least basic programming skills since even their Simple Interface Method (SIM) uses techniques such as a timestamp MD5 hash composed of various bits and pieces including a secret key. The Americart.com interface takes care of all of this nicely - which means that your only problem is configuring your Americart store and generating (manually or under program control) the HTML for your products.

I've done an Authorize.net implementation from scratch (for the USPSA membership system) and Americart based Authorize.net system (for the USPSA store).

I'm fully occupied with other projects, so I'm not able to take this on as a job. I am, however, willing to answer specific questions if you find someone to take on the project.

Rob

[Shooter Grrl]

www.americart.com includes an Authorize.net payment gateway.

If you want to build your own payment gateway to Authorize.net from scratch you'll need someone with at least basic programming skills since even their Simple Interface Method (SIM) uses techniques such as a timestamp MD5 hash composed of various bits and pieces including a secret key. The Americart.com interface takes care of all of this nicely - which means that your only problem is configuring your Americart store and generating (manually or under program control) the HTML for your products.

I've done an Authorize.net implementation from scratch (for the USPSA membership system) and Americart based Authorize.net system (for the USPSA store).

I'm fully occupied with other projects, so I'm not able to take this on as a job. I am, however, willing to answer specific questions if you find someone to take on the project.

Rob

The commercial shopping carts are not cost effective for this project. I just need to sell 3 items via credit card - that's it, nothing more. I'm soooo frustrated. The merchant account holders are no help either (ARGH!)

[LdyGunner]

Hi ShooterGrrl,

I've done some work with OSCommerce and you can set it up to use whichever payment gateway you'd like. There are mods for just about all of them. It's pretty easy to work with and it's open source so at least the cart part is free. Drop me a PM if you want. I'm sure I can probably walk you through getting the basics set up, and you do web-design so you'd likely be fine from there.

The commercial shopping carts are not cost effective for this project. I just need to sell 3 items via credit card - that's it, nothing more. I'm soooo frustrated. The merchant account holders are no help either (ARGH!)

[Rob Boudrie]

Just be careful about the security of a system with OS Commerce. If you're on a system where unencrypted FTP is available, multiple ports are opened, and patches are not regularly applied you could find the system, and the credit card numbers compromised as the OS Commerce interfaces I have seen pass the CC# to the service, they don't have the service handle all aspects of the security.

There are a log more people who *think* they are secure than actually are. For example, how many of the OS Commerce based sites sent each subscribe a notice that a PHP bug that could compromise security was found and they could offer no assurance they have never been hacked? My guess is few to none.

[LdyGunner]

If you keep subscribed to the updates to patch for any bugs, and make sure that your server side configurations don't allow for unencrypted FTP and connection via multiple ports it is as secure as the commercial options.

Just be careful about the security of a system with OS Commerce. If you're on a system where unencrypted FTP is available, multiple ports are opened, and patches are not regularly applied you could find the system, and the credit card numbers compromised as the OS Commerce interfaces I have seen pass the CC# to the service, they don't have the service handle all aspects of the security.

There are a log more people who *think* they are secure than actually are. For example, how many of the OS Commerce based sites sent each subscribe a notice that a PHP bug that could compromise security was found and they could offer no assurance they have never been hacked? My guess is few to none.

[Rob Boudrie]

If you keep subscribed to the updates to patch for any bugs, and make sure that your server side configurations don't allow for unencrypted FTP and connection via multiple ports it is as secure as the commercial options.

Just wondering - what background in computer security do you have in computer security that qualifies you to make that statement?

And by patches, it obviously means OS Commerce, the operating system and all other components.

[LdyGunner]

Fortune 30 IT background, but whatever; I wasn't trying to get into a conflict over computer stuff, and I was just trying to provide her a non-commercial option since that's what she asked for, and she's a fellow shooter. I come here because I like the reloading forum, and enjoy shooting USPSA. Since you're the expert, please help her out.

If you keep subscribed to the updates to patch for any bugs, and make sure that your server side configurations don't allow for unencrypted FTP and connection via multiple ports it is as secure as the commercial options.

Just wondering - what background in computer security do you have in computer security that qualifies you to make that statement?

And by patches, it obviously means OS Commerce, the operating system and all other components.

[Rob Boudrie]

Since you're the expert, please help her out.

I did, by pointing out the security issue

But then, TJ Max had specialists in this area, so even that is not always enough.

The simple fact is that ANY system can have security vulnerabilities, and that maintaining a "hardened" system is considerably more difficult that it initially appear. It takes an expert to *know* you have a secure system rather than *thknk* you have one. This is one reason why credit card numbers never pass through the USPSA server.