在访问PSP时锁定网站电子商务篮子的最佳方式
I know this question may not have a "right" answer but any answers would be appreciated. I'm probably going to get flamed for this.
Is there a best practice for locking down a basket while the customer goes off to a payment provider to pay for an order.
For example: I want to stop customers who have 1 x $10 item in basket – goes off to PSP to pay but then changes basket qty to 10 before they have completed the transaction. In my system the order quantity is 10 but they have only paid for 1.
Many Thanks
我知道这个问题可能没有“正确”的答案,但任何答案都会受到赞赏。 我可能会因此而受到抨击。 p>
当客户去支付提供商支付订单时,是否有最佳做法可以锁定篮子。 p>
例如:我想阻止那些拥有1 x 10美元物品的顾客 - 前往PSP付款,然后在完成交易之前将篮子数量更改为10。 在我的系统中,订单数量为10但他们只支付了1。 p>
非常感谢 p> div>
the first thing to close up is making it impossible to change the order items (products) after the transaction has completed. theres a bunch of different ways to do that. personally i think the safest is to have a separate tables for
"items in a cart while shopping" VS "items that are part of a completed order".
so if possible have a separate table for the items that are part of a completed order. they are created right after the transaction has completed - and the customer does not have access to them at all. if the customer is able to change the items in their cart after the transaction -- it will not change the order.
otherwise remember its not a problem until after the transaction is approved. a customer should be able to have a failed transaction - get their second credit card - change something in their cart - and then submit again.
a related idea is to flag the shopping session when the transaction has gone through. then if for whatever reason the customer clicks on the back button and tries to change the quantities in a cart after an order - the existing session won't confirm - a new session will be created and the cart will be empty.