Payment processing is the part of this tutorial that I can't really write code to explain. The reason is that each transaction clearing / payment processing company is different. The basic idea is this:

1. Your PHP script sends billing information to the transaction clearing company. This basically includes the customer's name, address, credit card information, and the amount to charge.
   
2. The transaction clearing company will verify (1) that the credit card information is valid and (2) there are sufficient funds for the purchase. If all goes well, the customer's credit card is billed for the purchase amount and a result is sent back to your script.
   
3. Your script takes the result of the transaction and determine what should be done. If it was successful, do whatever else is necessary to fulfill the order. If payment did not go through, have the customer re-enter their payment information.

That is the process when you use a processing company that does real-time payment authorization. The other option is to do batch processing where you gather up all the orders and process a together at some later time -- something for you to think about.

Anyhow, there are lots of payment processing companies. You can search the web for a list of them, for example, you can look at a Yahoo directory of these places:

http://dir.yahoo.com/Business_and_Economy/Business_to_Business/ Financial_Services/Transaction_Clearing/

There's lots of them, so you will have to pick one that meets your needs and follow their documentation to get your scripts working properly.

Some tips:

• PHP4 has Cybercash support (can anyone share their experience with this?)
• PHP cannot natively make outgoing HTTPS requests, so if you need to be able to do that, you will have to call another program to do it (like CURL or maybe write a Perl script)

The sample script (shopping/complete_order.php) included here will by default assume that the transaction was authorized (see the authorize_payment() function). You will have to modify this function according to how your payment processing company works. Basically it should return true or false, depending on if the transaction was approved or not. You will have to extend it to meet your needs.

Once you've accepted payment for the products that were ordered, you have to get them to the customer. If you are selling physical goods, this means getting the products from your warehouse shipped to the customer. If you are selling something software, you have to let the customer download what they ordered, or supply them with the serial number. Whatever, is relevant in your case.

Again this is a topic we won't dicuss too much because it depends on how your operation is setup.

That's enough theory for now, you must be bored :) So let's get on to the database changes and then we will look at the new scripts. On with the show!