mail2 taking orders;

Simpler method of taking secure orders

The most secure way of taking an online order is to immediately encrypt it with a public key, and then mail it to whomever is going to process the order. When they get it (assuming their computer is secure), they can decode it and process it.

Unfortunately, that process requires running the encryption software on the order processing person's computer, and that is not always a good solution. A simpler solution is to store the order on the web server in an encrypted form, and have the order processing person connect to the webserver (via a secure connection) and enter the decryption password and retrieve the plain text order via the secure connection. This stops the order from ever being stored on the webserver or sent over the internet in plain text, which should satisfy most banks. It unfortunately means that the strength of the encryption is entirely dependent on the password.

How To

(Before I start, I should note that to use encrypted orders, you will need to get baremetal to generate a public and private key pair for you. Please let us do this, as we would far rather store encrypted orders.)

Using this "order processing" technology is pretty simple. mail2 has a new SAVE method, called ORDER ....

`<input type="hidden" name="SAVE" value="ORDER" />`

If you specify a SAVE format of ORDER, the mail2 gadget will create an "orders" directory beside the top directory of the webserver, and store any orders in there. The first order # assigned will be 100, and the next will be 101, etc... The order number is available to templates as the ORDER_NO variable.

If you want the security of encrypted orders, you must format your orders with the <PGP> tag in a template. That said, you can use the (ugly) built in formats to get started.

Retrieving the orders

You can see/retrieve/delete the order files via FTP, but if they are encrypted, you won't be able to read them. The URL for retrieving secure orders will depend on how your secure site is setup. If you order page is under a shared certificate like https://secure.baremetal.com/yourcompany/ ... then the order retrieval page would probably be https://secure.baremetal.com/yourcompany/sec-bin/retrieve

Additional Notes

The mail2 gadget is _very_ powerfull, it can be configured to send a receipt to the client, an order notification to your orders desk, and store the secure order. In fact, you will probably want to do all three!

Regarding order numbers. The system looks at the files in your orders directory to calculate the next order number. So if you delete all your orders, the system will assign order number 100 again.

Filenames. The orders are stored in files which are named by the order number and the order date.

The orders directory. The gadget will create a .htaccess file containing "deny from all". This is a security precaution. The directory is not supposed to be web accessable, but if websites are nested, or your home directory has been "customized" then the orders directory could end up inside a website, and this file will prevent the whole world from being able to view your orders (although they won't be able to decrypt any encrypted data). For your customers sake, please don't delete that file.

Examples

In this example SSLURL could be https://yourdomain/ if you have your own SSL certificate, or it could be one of the baremetal ones followed by a suffix for your account (e.g. https://secure.baremetal.com/YOU/)

Here is a simple example. It just logs a name and a credit card number.


<form method=post action=SSLURL/cgi-bin/mail2>
Who are you? <input name=name> <br>
What is your credit card number? <input name=cardno> <br>
	<input type="hidden" name="SAVE" value="ORDER" />
	<input type="hidden" name="LOGIN" value="your.ftp.userid" />
	<input type="hidden" name="FORMAT" value="/test/order.tpl" />
	<input type="hidden" name="REPLY" value="/test/reply.tpl" />
	<input type="hidden" name="TO" value="orders@yourdomain" />
	<input type="hidden" name="TEMPLATE" value="/test/notice.tpl" />
	<input type="submit">
	</form>

In this example we are using three templates. REPLY specifies the response that will be displayed on the visitors screen after the order is saved. FORMAT specifies the formatting for the order (see below), and TEMPLATE specifies the order notification that will go to the TO address (orders@yourdomain in this case).

Here is an example of a FORMAT template:


   Order #: {ORDER_NO}
   name: {name}
   the card number information is in the encrypted section below.

   <PGP>
   Order #: {ORDER_NO}
      name: {name}
    card #: {cardno}
      Time: {LOCAL_TIME}

   </PGP>

This would produce an order file that looked like:

   Order #: 100
      name: John A Smith

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.7 (GNU/Linux)

hQEOA09+9d2XNpjMEAP+MGCOAlE8Zo35QYyKiZHiKJ3D9LA5AMB+aZtoepBDirdk
g5H5TNUUu6CfwmqcDrGJ8UizUCZ3vCbNFsAt10l4i+/gPcTrveIBp+xDBr3kstlS
a4/0o6WZwUn10dBjLxhJaHxMMg5HNR+GSD1ga63mcac+Je/AxOsp7H7Vv4vyR64D
/1dOG2aLu+GAfeBGVQ8oWAlEjb4tKSWXWqprQV8R1jl+8IFrkgqjW89F6kwBmFO5
O0XAyPt0e/gSkAdLXVaACqsPIXAHOVBFd+WECw+yCPBd7tEurvffHf62P91G6ce3
t1mauEYSTtTsAtfBhsAO3HITjf0WqgzUHFwQ2e6X6Fv+0q4BjHbuLZmq3kCz5dOj
orX2zuffFQIx9bp6hk0N74YA5nzEFQ+xEAsF8nCO+98wGUDtsGqKLXIqPmXZGny2
jO7Sszaeu6OBKRV0iKluMuNqy+bfxNzIs5YhT/3ccFi0kLKvbT6lELhAlXz3RjjQ
UKyQp7RXOjsRXjcIOuvwG6dMW1dOO++FZA/qRbQ5hsi0qRpUmUFsPmu/oIHB/Cvv
kL0kioCSw5OtX/AGfU5Z0Ls=
=rL+f
-----END PGP MESSAGE-----

and which would decrypt to look like:

   Order #: 100
      name: John A Smith
    card #: 1234-5678-8901-2345
      Time: Friday, 03-Dec-04 14:16:11 PST

Home Page    Domain Registration Services    Web Services    Technical Support
About Baremetal    Privacy Statement    Billing Info    Charities
My Account    Legal Info    Search BareMetal