Dagra Software Internet Shopping Cart Overview
*We work with and understand the feature set and account structure of Lightlink.com. This system might run on another server but for this outline that will not be addressed. This system is designed so that it does not require a dedicated server.
The Internet part of the system is a number of CGI programs that are written in C/C++ and compiled. These programs are accessed with buttons or text links that are designed into the HTML pages that comprise the online store. Client identification is accomplished by a single ID cookie containing a unique client number. Note: If the client has cookies disabled he can order a single item. A cookie is assigned the first time it is needed, and will become permanent whenever the client registers. Registration is at the time the order is placed. Once a person registers with a purchase the info is written to the client database for future use and the system will automatically complete the name and address fields in the future. Credit card info is not stored in this database and will be requested with each order. We can support the concept of open account that is pre-arranged with the storekeeper where the account number can be stored in the client database and the storekeeper collects funds through some arrangement that has been made between the storekeeper and client.
Our environment is easy for the client to use yet safe for both the client and storekeeper. With that goal in mind the system will not support drop shipments, but will provide an opportunity for the client to indicate that he will call to discuss special arrangements. Note: One of the greatest uses of stolen credit cards is to purchase goods and have them shipped to a destination where the thief can retrieve them without alerting the cardholder. Supporting only shipments to the address of the cardholder greatly increases the security of the system. Allowing special arrangements by phone gives the storekeeper a chance to evaluate the client and the situation before agreeing to a drop ship.
The designer of the web site has total flexibility. The only requirement is that an [Add To Cart] button or text link with HTML code containing the item number and return point is associated with each item that is offered for sale. This HTML code will call the CGI program that manages the shopping cart. A [View Cart] button or text link can be placed anywhere on the page that the designer wishes, including with each item. The return point which we call an anchor brings the user back to exactly the point in your web page where they clicked into the cart from.
The view cart button displays the contents of the cart and allows the client to alter quantities, remove items and place the order. An update button on the cart registers changes and recalculates costs and totals. The client clicks a button on the displayed cart to initiate the checkout process. If the client is already registered the form will be filled in with name and address automatically. The user will review and change name and address data, if it is already there, or type it in as part of the check out process.
A [Pop-Up Help] button with an associated HTML file is part of the system with a different call at each stage of the process. We supply HTML help files that are ready to use. The designer can re-work the text and redesign the buttons if so desired. The help button code will display help and explanation files in a pop-up window.
Server side CGI programs and shell HTML files make up the majority of the system. The client, inventory and cart database files are all housed along with the programs in a special directory within the account that contains the on-line store. Note that the products are stored separately from the cart and ordering system. Only the CGI programs read and write to these special files. The on-line inventory is a snapshot of a database kept on the storekeepers PC.
On the Windows computer in the office of the storekeeper resides the master inventory and backup files from the system. We provide a Windows program to manage the inventory on the desktop of the storekeeper or a database like Microsoft Access can be used. Updates to the server side inventory file use FTP and the normal dialup access that is used for any home page maintenance.
Orders are sent to the storekeeper via email. We have Windows software that can be used to read the orders that are received and interface with the software supplied by the bank for credit card authorization.
One size fits most, we have designed this system to be flexible enough to support a small business selling a few simple products and also a large company with an inventory of thousands of items with options such as size, color, etc. There may still be a need for some special programming however and since each merchant runs a private copy of the system customization is possible.
Sequence of Shopping Cart Events
When the client clicks the [Add To Cart] button that triggers a chain of events with some if branches along the way. Note: All of the steps below use a standard non-secure (http) connection until the step that asks for credit card info which is a secure socket layer (https) connection.
The Cart Database
The program dscart1.cgi keeps a record for each item in every cart that is in use along with a time stamp and the ID of the client. When an order is completed all of the records for that order are deleted from the cart database and written to an order database that serves as a backup to the email system. If a record ages to 12 hours old without the order being placed it is deleted. Old records are automatically deleted whenever there is cart activity. There is no need for any maintenance on this database.
The Inventory Database
Each item offered for sale in the store must have a matching record in the inventory database. The SKU is a compound key that consists of the base item number and an option code. Options are separated from main item by a hyphen. That is if we sold a shirt item 123 and it came in red, green and blue we would have three inventory records. Now if each color came in small, medium, large and extra large there would be 12 total records, (4 sizes in each of 3 colors). The SKU might look like 123-RM.
When dscart1.cgi looks at the inventory it does a select against the base item number. If only one record is returned then there are no choices for the client to make so the option screen only asks for quantity. If dscart1.cgi returns more than one record then a list of radio buttons is created, one for each option set, with only those choices that match what was found in inventory. A generated form is displayed for the client to choose options from. At this point the form shows all option combinations that are not disabled. Note: It will be the administrators responsibility to disable or remove an option or item from the on-line store if it is out of stock.
The on-line inventory has no concept of number on hand. All items that are listed can be ordered. It is the responsibility of the administrator to maintain the web site so that only items that can be delivered are shown. Note: You could comment an item in the HTML file to temporarily hide it from view effectively suspending it even though inventory still lists it.
A special ASCII file from the computer of the storekeeper is sent to the web server via FTP. The ASCII file that is sent via FTP can be an extraction from a database such as Microsoft Access, Sybase or Oracle. If the inventory is not large or complex it can be maintained with a text editor on the Windows computer of the storekeeper. We can supply a Windows program that maintains this ASCII file and can help in the creation of the button links that are placed into the HTML of the web site.
We will collect the name, address and email for each client who purchases from the storekeepers on-line store. This data is stored within the account of the storekeeper and is not available to any other users of our system. This database can and should be retrieved from the web site from time to time. A good way to advertise is to send an email newsletter to customers who have purchased from you. It is also important to have a stated policy on the web site explaining how captured information will be used.
Orders that have been sent to the storekeeper for fulfillment are also written to an order database that serves only as a back-up or verification copy. Unless there is need to prove something this file will never be accessed. Order database does not contain credit card numbers as these are not stored on the web site.
Database Files Are Private
It cannot be over emphasized that the data files are stored within the account of the storekeeper and are never available to anyone else. Credit card numbers are not stored in any database on the web site. If a person runs two on-line stores in two separate accounts the data from one will not be visible to the other. Each account will have a complete and unique setup.