There are a number of solutions including SHTML, a custom built engine for
Perl or Python, or an embedded solution like PHP. SHTML, server-parsed HTML,
allows you to embed other documents into an HTML page as it’s being shared to
other users. It only works on static pages, so you also need to develop your
own system when using a scripting language. SHTML is also fairly limited, so
when using it with a scripted solution you might also want to embed dynamic
information, or even dynamically select an embedded element.
You probably think that all your sites will be script driven, but this won’t
always be the case. In fact, there are advantages to using some static pages
and some of the less interactive facilities such as offered by Apache. If you
decide to go the scrip- driven route you need to pass information between pages
and know how to optimize your Apache server to prevent your users experiencing
the world wide wait.
Unless you have a very simple site you’ll need to interface to database to
supply the information your either going to sell, or that you will use to sell
your products. Actually talking to your database is probably the least of your
worries; you’ll also need to think about where the database resides, what
software to use and how to manage your connectivity to the database. Keeping
databases open improves performance, but may also tie up connections you’ll
need for future users. And what happens when a database process fails?
If your site is selling products or services then you need to keep track of the
products your users have purchased. The real question is how–you could use
hidden fields between pages, but that’s prone to errors, and won’t be stored if
the users goes to another site but for short processes can be easier to manage.
Cookies are seen by some users as a security blackhole, and sessions imply a
reasonable overhead on your applications, but they all support the ability to
perform sophisticated transactions.
Credit Card Authorization
For services that require instant payment you’ll need to accept a credit card
number and validate it before telling the user their purchase has been
approved. But how do you accept the payment and authorize the card to ensure
your not breaking the law? Furthermore, how do you avoid giving away products
without getting any payment?
Security and Secure Communications
Very few people are going to be happy about giving away their name and address
to a site that doesn’t use secure communication. Apache supports secure HTTP
communication but you still need to provide a conduit between the insecure and
secure side of your site. Once you’ve got the information you also need to
ensure that the information is safe on your site–taking secure details is
great, but pointless if you leave the machine wide open to attacks.
Returning Non-Standard Data
Internet-based software delivery is probably one of the future hot topics for
the next generation of E-Commerce service. The ability to visit a site and
purchase and download the software package is nothing new, but with broadband
services coming on line it may become the normal method of software delivery.
Making the software downloadable from an FTP or HTTP site is not secure; once
the URL is known anybody could download.
By using some scripting tricks and other techniques to verify the user you
can supply the software dynamically, only when the correct payment has been
received. Other solutions can use the same basic process–dynamically selected
or created graphics, audio files, even customized software can be transmitted
using the same principle.
Creating Graphics on the Fly