Credit Card Gateway Setup
the customer chooses to use the insecure credit option, they are
routed to the credit card order page (defined by the COgateway
variable in the settings file) so they can enter their credit card
information and finalize/submit their order. For credit gateway
orders, it is assumed that you have a merchant account that either
has a web portal for card validation and transaction capture, or
a script based component you can run on your account for card validation.
If you do not have a merchant account, then you will not need to
use this form of order submission.
In the NC_settings file, there are several variables
geared specifically towards gateway posting. The following info
should help you get your form order working quickly.
Set the unsecureGatewayAction variable to a valid URL
of your card processing component or portal. For example, merchants
that use Verisign's PayFlow Link portal would set their unsecureGatewayAction
variable like so:
variable is an array that can hold any fields that may be required
by your credit processing portal to operate. For instance, Verisign's
PayFlow Link requires the fields LOGIN, PARTNER, TYPE, and
other fields in order to function properly. Since the NC_buildform.js
script is built to create generalized forms, it's better to leave
specialized, non cart related form fields out of the script and
add them when the time comes.
When the buildform.js file is executed, it creates the form tag
with the action equal to the value of unsecurePostAction,
then immediately writes all the tags in the extraFormTags
array. After that, it creates all the form tags relavent to the
NebuCart system. An example of a PayFlow Link specific extraFromTags
array is below:
= new Array(
' <input type="hidden" name="LOGIN" value="your_login">',
'<input type="hidden" name="PARTNER" value="VeriSign">',
'<input type="hidden" name="TYPE" value="S">',
'<input type="hidden" name="METHOD" value="CC">',
'<input type="hidden" name="EMAILCUSTOMER" value="False">',
'<input type="hidden" name="EMAILMERCHANT" value="False">'
If your gateway doesn't require any special tags, then you can leave
this array empty and no extra tags will get rendered.
NOTE (if you read only one thing on this page...)
You should really, really, really read your
card processor's documentation so that you understand how much data,
if any, is captured and retained when processing credit card orders.
Most processing systems take a set number of fields with proprietary
field names, with little or no support for extra fields. If your
card processor doesn't capture all the fields passed to it, then
you will most likely loose critical order information.
It's a good idea to perform some pre-processing data capture by
posting the data to a script that can write the order to a file
or database on your account, then repost the data to your gateway.
This method is being used with most of the sites that are currently
using NebuCart, so believe us when we say it works.
guarantee that when properly configured, NebuCart will post all
the form information to your gateway processor. Once it leaves your
site, however, it is up to you or your card processor to maintain
that data. We DO NOT provide technical support for your gateway
(unless you've $ contracted $ us to do so), so if something is not
performing as it should, check your documentation first!
Once you've configured your settings for posting to your particular
gateway, the gateway order page will handle passing the order information
to your card processor. Below is the basic code for a gateway order
<!-- include the NebuCart Settings -->
<!-- include the NebuCart Engine -->
<!-- include the NebuCart Formatting Functions-->
include the Form Builder script-->
include the Customer Information script-->
include the Cart View script-->
include the Credit Card Entry script-->
The NC_buildform script, as mentioned before, handles the
creation of all the hiden form fields that will be used to send
all the order information - ordered items, options, quantities,
etc, customer shipping/billing info, and of course the credit card
data, to your credit card processor, or pre-validation data capture
The scripts NC_buildcustomer
and NC_viewcart are simply used to display
all the final information and cart totals to the customer for verifictaion.
NC_buildcredit actually handles creating the Card Type radio
button set as defined by cardOption variable, as well as
the input fields for Name on Card, Card Number, and Expiration Date.
It also renders the button for submitting the order to your gateway
should the card info be entered correctly.
Due to the widely varried field naming conventions used by all
the gateway processors, the default NC_buildform and NC_buildcredit
scripts may not send the correct fields to your particular gateway.
These two are teh most highly customized scripts in the NebuCart
system. We already have customized scripts for Verisign, Authorize.net,
and WorldPay Jr., so check our Back-Ends page to see what is available.
If we don't have it, we can write it!
We can't stress enough the sensitivity that people have over giving
their credit information over the web, even when the connection
is secure. You really should think about that full version...