Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Information to file?


arbitar

Recommended Posts

I have a need to store the entire order information to a file.

Credit Card information, shipping and billing information, order comments, subtotal, shipping, tax, and total, and the date and time ordered.

Is this at all possible?

How hard would this be to accomplish. It seems pretty simple, but after about four days of digging around and trying things, it seems a bit harder than I thought. Is there something I'm missing?

I would love to know, and possibly get a push in the right direction.

Thanks,

--Arbitar

Link to comment
Share on other sites

Are you aware of the consequences should the file fall into the wrong hands? Storing credit card info in this way is...... not smart and possibly illegal depending on where you are :-"

 

 

Matti

Link to comment
Share on other sites

Are you aware of the consequences should the file fall into the wrong hands? Storing credit card info in this way is...... not smart and possibly illegal depending on where you are ':-

 

 

Matti

 

Indeed, before you make any decision to store complete cardholder information in a computer file, you should read through the rules, regulations and tips at Visa and MasterCard at least. If accepting American Express or Discover, you should also review their security policies for merchants.

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

Yes, I am quite aware of the security implications, but that part has already been taken care of. It's not the security of it that I need help on, but rather the implimentation of it itself.

I can guarentee that I am the only person who will ever have access to that file, unless someone seriously wants in, and regardless of what you do, that is always a possibility. There are problems with everything.

Plus, this isn't as simply set up as it sounds. The file will be more split into many (8) different files, and each one will be secured in a different and unique way. I was just curious how it would be possible, and where to get the information in a whole from within OSCommerce.

Link to comment
Share on other sites

Why don't you download the tables to your computer and then burn them to re-writable cd's, then delete what's on your computer. Unless your online database is on a secured server, I'd advise against keep that type of info there too for more than 24 hours.

 

Kevin

"What I didn't know yesterday, I know today & will remember tomorrow"

(By Kwalker)

 

What do you see when you open up the tep_database-pr2.2-CVS.pdf file that came with your osCommerce download?

Link to comment
Share on other sites

Sounds like you have given thought as to how to secure the information once you have it into the files. But, that still leaves the issue of storing the full cardholder information into the database in the first place. Unless your database is on a separate server that is not Internet accessible, then that in itself is a violation and if compromised could subject you to severe fines (up to $100,000). This is why the card informatin is split and part of it emailed to you and only part of it stored in the database.

 

All that said, the simplest way to harvest the data without having to code a solution will be to use phpMyAdmin to export the tables to csv files. The problem you are going to run into is that order and customer data is stored in several tables. To see the database structure you can download this contribution that has a pdf file with the database layout and relationships.

 

Another way you could approach the project would be to hack /admin/invoice.php to harvest the data and output it to the file format you want instead of the screen. I am not a coder so I can't give you advice on the code to do that but for someone well experienced in php it wouldn't be a problem.

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...