Design for ArsDigita Shoppe

Fundamental Design Precepts

• we don't store credit card numbers in the database; we don't want to have to worry about Unix box security to that extent. We send them directly to Cybercash and use the blinded number that we get back from them. One nasty consequence of this design is that if Cybercash is unreachable, our shoppe is closed. But if we wanted to batch up orders against the hour when Cybercash became reachable again, we'd have to keep credit card numbers.
• we encode everything via a product ID that references a products table (i.e., the price is not somehow magically part of the HTML and each color or size variation gets a unique product_id)
• we name all the tables so that they can live in someone else's RDBMS (i.e., we prefix them all with "sh_" so that they won't conflict)
• we make no attempt to achieve portability; this code works with AOLserver and Oracle 8. It should be easy to port but we want it to be easy to understand so we don't add layers of abstraction

Directories

• /shoppe is for user-accessible pages
• /shoppe/admin is for the shop owner
• /shoppe/doc is for this kind of stuff (plus the data-model.sql file)

Finite-State Machine

confirmed
  | | |_______________________
  | |                        |
  | failed_authorization     |
  |                          |
authorized_plus_avs     authorized_minus_avs
  |
  |
shipped
  |
  |
returned
  |
  |
refunded

Note that the order can also be put into the state "void" by the shoppe administrator at any point before the state "shipped" has been reached.

Installation

1. untar into /shoppe
2. add Web server permissions to restrict access to /shoppe/admin and /shoppe/doc
3. feed /shoppe/doc/data-model.sql to Oracle (you can just grab it in AOLserver and the Web server will offer to feed it to Oracle). Make sure that the AOLserver Oracle user has the authority to create sequences.