E-Commerce Solutions: An Apache Overview Page 2
There are a number of solutions including SHTML, a custom built engine for Perl or Python, or an embedded solution like PHP. SHTML, server-parsed HTML, allows you to embed other documents into an HTML page as it's being shared to other users. It only works on static pages, so you also need to develop your own system when using a scripting language. SHTML is also fairly limited, so when using it with a scripted solution you might also want to embed dynamic information, or even dynamically select an embedded element.
You probably think that all your sites will be script driven, but this won't always be the case. In fact, there are advantages to using some static pages and some of the less interactive facilities such as offered by Apache. If you decide to go the scrip- driven route you need to pass information between pages and know how to optimize your Apache server to prevent your users experiencing the world wide wait.
Unless you have a very simple site you'll need to interface to database to supply the information your either going to sell, or that you will use to sell your products. Actually talking to your database is probably the least of your worries; you'll also need to think about where the database resides, what software to use and how to manage your connectivity to the database. Keeping databases open improves performance, but may also tie up connections you'll need for future users. And what happens when a database process fails?
If your site is selling products or services then you need to keep track of the products your users have purchased. The real question is how--you could use hidden fields between pages, but that's prone to errors, and won't be stored if the users goes to another site but for short processes can be easier to manage. Cookies are seen by some users as a security blackhole, and sessions imply a reasonable overhead on your applications, but they all support the ability to perform sophisticated transactions.
Credit Card Authorization
For services that require instant payment you'll need to accept a credit card number and validate it before telling the user their purchase has been approved. But how do you accept the payment and authorize the card to ensure your not breaking the law? Furthermore, how do you avoid giving away products without getting any payment?
Security and Secure Communications
Very few people are going to be happy about giving away their name and address to a site that doesn't use secure communication. Apache supports secure HTTP communication but you still need to provide a conduit between the insecure and secure side of your site. Once you've got the information you also need to ensure that the information is safe on your site--taking secure details is great, but pointless if you leave the machine wide open to attacks.
Returning Non-Standard Data
Internet-based software delivery is probably one of the future hot topics for the next generation of E-Commerce service. The ability to visit a site and purchase and download the software package is nothing new, but with broadband services coming on line it may become the normal method of software delivery. Making the software downloadable from an FTP or HTTP site is not secure; once the URL is known anybody could download.
By using some scripting tricks and other techniques to verify the user you can supply the software dynamically, only when the correct payment has been received. Other solutions can use the same basic process--dynamically selected or created graphics, audio files, even customized software can be transmitted using the same principle.
Creating Graphics on the Fly