Beginning ASP.NET 2.0 e-commerce in C# 2005

Beginning ASP.NET 2.0

E-Commerce in C# 2005

From Novice to Professional

■■■

Cristian Darie and Karli Watson

Darie-Watson_4681Front.fm Page i Thursday, September 22, 2005 5:26 AM

Beginning ASP.NET 2.0 E-Commerce in C# 2005: From Novice to Professional

Copyright © 2006 by Cristian Darie and Karli Watson

All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means,

electronic or mechanical, including photocopying, recording, or by any information storage or retrieval

system, without the prior written permission of the copyright owner and the publisher.

ISBN (pbk): 1-59059-468-1

Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1

Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence

of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark

owner, with no intention of infringement of the trademark.

Lead Editor: Ewan Buckingham

Technical Reviewer: Paul Sarknas

Editorial Board: Steve Anglin, Dan Appleman, Ewan Buckingham, Gary Cornell, Tony Davis, Jason Gilmore,

Jonathan Hassell, Chris Mills, Dominic Shakeshaft, Jim Sumser

Project Manager: Kylie Johnston

Copy Edit Manager: Nicole LeClerc

Copy Editor: Julie McNamee

Assistant Production Director: Kari Brooks-Copony

Production Editor: Linda Marousek

Compositor: Susan Glinert Stevens

Proofreader: Nancy Sixsmith

Indexer: Broccoli Information Management

Artist: Kinetic Publishing Services, LLC

Cover Designer: Kurt Krames

Manufacturing Director: Tom Debolski

Distributed to the book trade worldwide by Springer-Verlag New York, Inc., 233 Spring Street, 6th Floor,

New York, NY 10013. Phone 1-800-SPRINGER, fax 201-348-4505, e-mail [email protected], or

visit http://www.springeronline.com.

For information on translations, please contact Apress directly at 2560 Ninth Street, Suite 219, Berkeley, CA

94710. Phone 510-549-5930, fax 510-549-5939, e-mail [email protected], or visit http://www.apress.com.

The information in this book is distributed on an “as is” basis, without warranty. Although every precaution

has been taken in the preparation of this work, neither the author(s) nor Apress shall have any liability to

any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly

by the information contained in this work.

The source code for this book is available to readers at http://www.apress.com in the Source Code section.

Darie-Watson_4681Front.fm Page ii Thursday, September 22, 2005 5:26 AM

iii

Contents at a Glance

About the Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

About the Technical Reviewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

■CHAPTER 1 Starting an E-Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

■CHAPTER 2 Laying Out the Foundations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

■CHAPTER 3 Creating the Product Catalog: Part I . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

■CHAPTER 4 Creating the Product Catalog: Part II . . . . . . . . . . . . . . . . . . . . . . . . . 105

■CHAPTER 5 Searching the Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

■CHAPTER 6 Improving Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

■CHAPTER 7 Receiving Payments Using PayPal . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

■CHAPTER 8 Catalog Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

■CHAPTER 9 Creating a Custom Shopping Cart . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311

■CHAPTER 10 Dealing with Customer Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353

■CHAPTER 11 Making Product Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . 401

■CHAPTER 12 Adding Customer Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

■CHAPTER 13 Advanced Customer Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485

■CHAPTER 14 Order Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

■CHAPTER 15 Implementing the Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541

■CHAPTER 16 Credit Card Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593

■CHAPTER 17 Integrating Amazon Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . 625

■APPENDIX A Installing the Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643

■APPENDIX B Project Management Considerations . . . . . . . . . . . . . . . . . . . . . . . . 651

■INDEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661

Darie-Watson_4681Front.fm Page iii Thursday, September 22, 2005 5:26 AM

Darie-Watson_4681Front.fm Page iv Thursday, September 22, 2005 5:26 AM

v

Contents

About the Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

About the Technical Reviewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

■CHAPTER 1 Starting an E-Commerce Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Deciding Whether to Go Online . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Getting More Customers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Making Customers Spend More . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Reducing the Costs of Fulfilling Orders . . . . . . . . . . . . . . . . . . . . . . . . 3

Making Money . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Considering the Risks and Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Designing for Business . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Phase I: Getting a Site Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Phase II: Creating Your Own Shopping Cart. . . . . . . . . . . . . . . . . . . . . 6

Phase III: Processing Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

The Balloon Shop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

■CHAPTER 2 Laying Out the Foundations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Designing for Growth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Meeting Long-Term Requirements with Minimal Effort . . . . . . . . . . 12

The Magic of the Three-Tier Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 13

Choosing Technologies and Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Using ASP.NET 2.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Using C# and VB .NET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Using Visual Studio 2005 and Visual Web Developer 2005

Express Edition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Using SQL Server 2005 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Following Coding Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Creating the Visual Web Developer Project . . . . . . . . . . . . . . . . . . . . . . . . 27

Contents

Darie-Watson_4681Front.fm Page v Thursday, September 22, 2005 5:26 AM

vi ■CONTENTS

Implementing the Site Skeleton . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Building the First Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Adding the Header to the Main Page . . . . . . . . . . . . . . . . . . . . . . . . . 38

Creating the SQL Server Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Downloading the Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

■CHAPTER 3 Creating the Product Catalog: Part I . . . . . . . . . . . . . . . . . . . . . 45

Showing Your Visitor What You’ve Got . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

What Does a Product Catalog Look Like? . . . . . . . . . . . . . . . . . . . . . 46

Previewing the Product Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Roadmap for This Chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Storing Catalog Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Understanding Data Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Creating the Department Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Communicating with the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Speaking the Database Language . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Creating Stored Procedures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Adding Logic to the Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70

Connecting to SQL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Issuing Commands and Executing Stored Procedures. . . . . . . . . . . 74

Implementing Generic Data Access Code . . . . . . . . . . . . . . . . . . . . . 76

Catching and Handling Exceptions . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Sending Emails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Writing the Business Tier Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Displaying the List of Departments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Preparing the Field: Themes, Skins, and Styles . . . . . . . . . . . . . . . . 90

Displaying the Departments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Adding a Custom Error Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

■CHAPTER 4 Creating the Product Catalog: Part II . . . . . . . . . . . . . . . . . . . . 105

Storing the New Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

What Makes a Relational Database . . . . . . . . . . . . . . . . . . . . . . . . . 106

Enforcing Table Relationships with the

FOREIGN KEY Constraint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

Adding Categories. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

Adding Products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Darie-Watson_4681Front.fm Page vi Thursday, September 22, 2005 5:26 AM

■CONTENTS vii

Querying the New Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Retrieving Short Product Descriptions . . . . . . . . . . . . . . . . . . . . . . . 122

Joining Data Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Showing Products Page by Page . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Writing the New Stored Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Using ADO.NET with Parameterized Stored Procedures . . . . . . . . . . . . 135

Using Input Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Using Output Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Stored Procedure Parameters Are Not Strongly Typed. . . . . . . . . . 136

Getting the Results Back from Output Parameters . . . . . . . . . . . . . 136

Completing the Business Tier Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

Implementing the Presentation Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Displaying the List of Categories. . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Displaying Department and Category Details . . . . . . . . . . . . . . . . . 153

Displaying Product Lists. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Displaying Product Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

■CHAPTER 5 Searching the Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

Choosing How to Search the Catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

Teaching the Database to Search Itself . . . . . . . . . . . . . . . . . . . . . . . . . . 171

Implementing a Custom Search Engine . . . . . . . . . . . . . . . . . . . . . . 171

Introducing the SearchCatalog Stored Procedure . . . . . . . . . . . . . . 175

Implementing Paging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Writing the Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

Implementing the Business Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

Implementing the Presentation Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Creating the Search Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Displaying the Search Results. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Searching Smarter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

■CHAPTER 6 Improving Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

Handling Postback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

Managing ViewState . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

Using Output Cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208

Darie-Watson_4681Front.fm Page vii Thursday, September 22, 2005 5:26 AM

8213592a117456a340854d18cee57603

viii ■CONTENTS

■CHAPTER 7 Receiving Payments Using PayPal . . . . . . . . . . . . . . . . . . . . . . 209

Considering Internet Payment Service Providers . . . . . . . . . . . . . . . . . . 210

Getting Started with PayPal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

Integrating the PayPal Shopping Cart and Checkout . . . . . . . . . . . . . . . 212

Using the PayPal Single Item Purchases Feature . . . . . . . . . . . . . . . . . . 218

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

■CHAPTER 8 Catalog Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

Preparing to Create the Catalog Administration Page . . . . . . . . . . . . . . 221

Authenticating Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

ASP.NET 2.0 and Using Declarative Security . . . . . . . . . . . . . . . . . 229

Implementing Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

Administering Departments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

Stored Procedures for Departments Administration . . . . . . . . . . . . 244

Middle-Tier Methods for Departments Administration . . . . . . . . . . 244

The DepartmentsAdmin User Control . . . . . . . . . . . . . . . . . . . . . . . . 249

Customizing the GridView with Template Columns . . . . . . . . . . . . 263

Administering Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266

Stored Procedures for Categories Administration . . . . . . . . . . . . . . 266

Middle-Tier Methods for Categories Administration . . . . . . . . . . . . 267

The CategoriesAdmin Web User Control . . . . . . . . . . . . . . . . . . . . . 270

Administering Products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

Stored Procedures for Products Administration . . . . . . . . . . . . . . . 278

Middle-Tier Methods for Products Administration . . . . . . . . . . . . . 280

The ProductsAdmin Web User Control . . . . . . . . . . . . . . . . . . . . . . . 284

Administering Product Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

Stored Procedures for Product Details Admin . . . . . . . . . . . . . . . . . 295

Middle-Tier Methods for Product Details Admin . . . . . . . . . . . . . . . 298

The ProductDetailsAdmin Web User Control . . . . . . . . . . . . . . . . . . 302

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

■CHAPTER 9 Creating a Custom Shopping Cart . . . . . . . . . . . . . . . . . . . . . . . 311

Designing the Shopping Cart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314

Storing Shopping Cart Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314

Implementing the Data Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317

Implementing the Business Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320

Generating Shopping Cart IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320

What If the Visitor Doesn’t Like Cookies? . . . . . . . . . . . . . . . . . . . . 325

Implementing the Shopping Cart Access Functionality . . . . . . . . . 325

Darie-Watson_4681Front.fm Page viii Thursday, September 22, 2005 5:26 AM

■CONTENTS ix

Implementing the Presentation Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329

Creating the Add to Cart Buttons . . . . . . . . . . . . . . . . . . . . . . . . . . . 329

Showing the Shopping Cart Summary . . . . . . . . . . . . . . . . . . . . . . . 331

Displaying the Shopping Cart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

Editing Product Quantities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341

Adding “Continue Shopping” Functionality . . . . . . . . . . . . . . . . . . . 343

Administering the Shopping Cart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

Deleting Products that Exist in Shopping Carts . . . . . . . . . . . . . . . . 346

Removing Old Shopping Carts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352

■CHAPTER 10 Dealing with Customer Orders . . . . . . . . . . . . . . . . . . . . . . . . . . 353

Implementing an Order-Placing System . . . . . . . . . . . . . . . . . . . . . . . . . 353

Storing Orders in the Database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Updating the Business Layer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360

Adding the Checkout Button . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361

Administering Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363

Creating the OrdersAdmin Web Form. . . . . . . . . . . . . . . . . . . . . . . . 365

Displaying Existing Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367

Administering Order Details. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399

■CHAPTER 11 Making Product Recommendations . . . . . . . . . . . . . . . . . . . . . 401

Increasing Sales with Dynamic Recommendations . . . . . . . . . . . . . . . . 402

Implementing the Data Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403

Adding Product Recommendations. . . . . . . . . . . . . . . . . . . . . . . . . . 407

Adding Shopping Cart Recommendations . . . . . . . . . . . . . . . . . . . . 409

Implementing the Business Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410

Implementing the Presentation Tier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415

■CHAPTER 12 Adding Customer Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

Handling Customer Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

Creating a BalloonShop Customer Account Scheme . . . . . . . . . . . . . . . 418

The SecurityLib Classes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419

Customer Logins. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448

Customer Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455

The Checkout Page. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474

Darie-Watson_4681Front.fm Page ix Thursday, September 22, 2005 5:26 AM

x ■CONTENTS

Setting Up Secure Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

Obtaining an SSL Certificate from VeriSign . . . . . . . . . . . . . . . . . . . 480

Enforcing SSL Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

Including Redirections to Enforce Required SSL Connections. . . . 482

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484

■CHAPTER 13 Advanced Customer Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485

Implementing Customer Order Functionality . . . . . . . . . . . . . . . . . . . . . . 485

Placing Customer Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485

Accessing Customer Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490

Tax and Shipping Charges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500

Tax Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500

Shipping Issues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501

Implementing Tax and Shipping Charges . . . . . . . . . . . . . . . . . . . . 502

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515

■CHAPTER 14 Order Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

Defining an Order Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

Understanding the BalloonShop Order Pipeline . . . . . . . . . . . . . . . . . . . . 518

Building the Order Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522

The Basic Order Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522

Adding More Functionality to OrderProcessor. . . . . . . . . . . . . . . . . 535

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539

■CHAPTER 15 Implementing the Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541

Considering the Code for the Pipeline Sections . . . . . . . . . . . . . . . . . . . 541

Business Tier Modifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541

Presentation Tier Modifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554

Administering BalloonShop Orders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561

Database Modifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561

Business Tier Modifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565

Presentation Tier Modifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575

Testing the Order Administration Page . . . . . . . . . . . . . . . . . . . . . . 589

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591

Darie-Watson_4681Front.fm Page x Thursday, September 22, 2005 5:26 AM

■CONTENTS xi

■CHAPTER 16 Credit Card Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593

Learning the Credit Card Transaction Fundamentals . . . . . . . . . . . . . . . 593

Working with Credit Card Payment Gateways. . . . . . . . . . . . . . . . . 594

Understanding Credit Card Transactions . . . . . . . . . . . . . . . . . . . . . 595

Implementing Credit Card Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . 596

Considering the DataCash XML API . . . . . . . . . . . . . . . . . . . . . . . . . 596

Integrating DataCash with BalloonShop . . . . . . . . . . . . . . . . . . . . . . . . . . 615

Business Tier Modifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616

Testing the Pipeline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621

Going Live . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621

Using the PayFlow Pro API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624

■CHAPTER 17 Integrating Amazon Web Services . . . . . . . . . . . . . . . . . . . . . . 625

Accessing the Amazon E-Commerce Service . . . . . . . . . . . . . . . . . . . . . 626

Creating Your Amazon E-Commerce Service Account . . . . . . . . . . 627

Getting an Amazon Associate ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627

Accessing Amazon Web Services Using REST . . . . . . . . . . . . . . . . 628

Accessing Amazon Web Services Using SOAP . . . . . . . . . . . . . . . . 631

Integrating the Amazon E-Commerce Service with BalloonShop . . . . . 631

Writing the Amazon Access Code . . . . . . . . . . . . . . . . . . . . . . . . . . . 632

Implementing the Presentation Tier . . . . . . . . . . . . . . . . . . . . . . . . . 639

Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642

■APPENDIX A Installing the Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643

What Do These Programs Do? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643

Installing Visual Web Developer 2005 Express Edition

and SQL Server 2005 Express Edition . . . . . . . . . . . . . . . . . . . . . . . . . . 644

Installing SQL Server 2005 Express Manager . . . . . . . . . . . . . . . . . . . . . 645

Installing the IIS 5.x Web Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646

Installing IIS 5.x on a Web Server Machine . . . . . . . . . . . . . . . . . . . 647

Working with IIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649

Darie-Watson_4681Front.fm Page xi Thursday, September 22, 2005 5:26 AM

xii ■CONTENTS

■APPENDIX B Project Management Considerations . . . . . . . . . . . . . . . . . . . 651

Developing Software Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651

Considering the Theory Behind Project Management . . . . . . . . . . . . . . 652

The Waterfall (or Traditional) Method . . . . . . . . . . . . . . . . . . . . . . . . 652

The Spiral Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 654

The Rapid Application Development (RAD) Method . . . . . . . . . . . . 656

Extreme Programming (XP) Methodology . . . . . . . . . . . . . . . . . . . . 657

Picking a Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657

Understanding the E-Commerce Project Cycle . . . . . . . . . . . . . . . . . . . 658

Maintaining Relationships with Your Customers . . . . . . . . . . . . . . . . . . . 659

■INDEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661

Darie-Watson_4681Front.fm Page xii Thursday, September 22, 2005 5:26 AM

xiii

About the Authors

■CRISTIAN DARIE, currently technical lead for the Better Business Bureau

Romania, is an experienced programmer specializing in Microsoft and

open source technologies, and relational database management systems.

Having worked with computers since he was old enough to press the

keyboard, he initially tasted programming success with a first prize in

his first programming contest at the age of 12. From there, Cristian moved

on to many other similar achievements in the following years, and now

he is studying advanced distributed application architectures for his

PhD degree. Cristian co-authored several programming books for Apress, Wrox Press, and Packt

Publishing. He can be contacted through his personal web site at http://www.CristianDarie.ro.

■KARLI WATSON is the technical director of 3form Ltd. (http://www.3form.net)

and a freelance writer. He started out with the intention of becoming a

world-famous nanotechnologist, so perhaps one day you might recognize

his name as he receives a Nobel Prize. For now, though, Karli’s computer

interests include all things mobile and everything .NET. Karli is also a snow￾boarding enthusiast and wishes he had a cat.

Darie-Watson_4681Front.fm Page xiii Thursday, September 22, 2005 5:26 AM

Darie-Watson_4681Front.fm Page xiv Thursday, September 22, 2005 5:26 AM

8213592a117456a340854d18cee57603