我正在使用Active Merchant和PayPal沙箱创建商店.它似乎工作正常,但我不认为它甚至是远程安全的.我真的不太了解HTTPS以及如何实现安全连接.
我目前正在通过会话中的信用卡和账单信息(可能不是最聪明的想法).我目前的代码发布在下面.我真的需要帮助我们采取什么方向和步骤,以使这个安全,可用的商店.
def payment
session[:billing_address] = params[:billing_address]
end
def summary
@credit_card = params[:credit_card]
session[:credit_card] = params[:credit_card]
@billing_address = session[:billing_address]
@cart = get_cart
@purchases = @cart.purchases
@total = @cart.total
end
def finish
@cart = get_cart
@total = @cart.total
credit_card = ActiveMerchant::Billing::CreditCard.new( session[:credit_card] )
billing_address = session[:billing_address]
flash[:notice] = credit_card.errors and return unless credit_card.valid?
gateway = ActiveMerchant::Billing::PaypalGateway.new(:login=>$PAYPAL_LOGIN, :password=>$PAYPAL_PASSWORD)
res = gateway.authorize(@total, credit_card, :ip=>request.remote_ip, :billing_address=>billing_address)
if res.success?
gateway.capture(@total, res.authorization)
flash[:notice] = "Authorized"
else
flash[:notice] = "Failure: " + res.message.to_s
end
end
Dan McNevin.. 7
有一个关于如何实现ssl的良好的railscast.
http://railscasts.com/episodes/143-paypal-security
有一个关于如何实现ssl的良好的railscast.
http://railscasts.com/episodes/143-paypal-security
京公网安备 11010802040832号 | 京ICP备19059560号-6 