preventing multiple orders from same direct to checkout link

protocreateprotocreate Member
in Help edited May 2009
Hey Guys,

What's the best way to make sure an order can't be made twice when using direct to checkout? I have a form for a client where they can generate an invoice email for the odd manual transaction here and there. In this email is a link that sends the relevant invoice details to their foxycart, using cart=checkout. Since it's an external link there isn't any session type data passed in and it's possible that someone can pay for the same invoice multiple times.

Is there a random value I can pass in or something that will prevent the link from being processed more than once?
Comments
  • lukeluke FoxyCart Team
    edited May 2009
    When you say pay for the same invoice multiple times, do you mean they get more than one added to the cart, or they physically click on the link and go through the entire checkout process twice?

    If it's the former, just add empty=true to your form or add-to-cart string: http://wiki.foxycart.com/getting_started:adding_links_and_forms#emptying_the_cart_before_adding_a_product

    If it's the latter... well... The only way I can think of would be to do your emails as mail merges and make sure each email has a unique product code of some kind. Then use the XML Datafeed process to mark that entry as purchased the first time and have the links in your email go to your site first which would validate that it hasn't been purchased and then redirect to FoxyCart.

    Make sense?

    You'd have to have database of codes on your site that correspond to the email links you create and you'd have to use the XML datafeed to mark them as purchased.
  • Yep, makes sense... thanks Luke. The latter case was what I meant... the email link already clears the cart.

    Doubt the client is going to want to allocate development budget to do that for the occasional manually sent invoice email, but good to know. I imagine they'll just have a note in the email to delete it once the transaction has passed and if the odd one does got double billed they'll cancel/refund it.
  • brettbrett FoxyCart Team
    Fyi, v051 (which should be here soon) allows shared-authentication, which you could actually use to do a pre-checkout check (even with cart=checkout). You'd still need the database to keep track of what has and hasn't been paid, but it'd be another way to approach the problem.
  • Cool, yet another reason I'm looking forward to 051 then!

    I'm excited by shared auth... looking forward to it a lot. I don't remember them off the top of my head, but there are a couple other features announced as coming with 051 that I'm eager for too ;)
Sign In or Register to comment.