
What does a payment order contain?

Class Payment Order

  Buying account ID
  Selling account ID
  Amount
  Currency
  Contract text to agree to.
  External Reference (for the seller to know what is ordered)
  Transaction ID
  Flags: anonymous | what else?

  Methods for

    reading in the payment order data from POST data

    reading in a transaction ID from POST data

    writing an order to a database

    reading an order from a database, by key of transaction ID.

What CGIs are needed?

  On the seller server:

  * order.html is an HTML form that POSTs to seller-order.cgi.

  * seller-order.cgi takes the form and hands it off to ipp-order.cgi
  at the IPP. When it returns it takes the tnxid and present a form
  with a submit action that sends it to ipp-approval.

  * seller-deal.cgi gets the OK or cancel choice of the consumer from
  the IPP. If OK, it files the order.

  On the IPP:

  * ipp-order.cgi takes the form from the seller and gives it a
  transaction ID and returns it to the caller (seller-order.cgi). It
  also stores the data relavant for the transaction to complete.

  : Reads the data. Stores in a database. Still has to generate a
  unique transaction ID.

  * ipp-approval.cgi takes the tnxid and presents the deal to the
  consumer. The choice is sent to ipp-deal.cgi.

  * ipp-deal.cgi takes OK or cancel from the consumer. ipp-deal
  contacts seller-deal.cgi and tells it about the consumer's choice.

For signature version:

  On the seller server:

  * order.html is an HTML form that POSTs to seller-order.cgi.

  * seller-order.cgi takes the form and hands it off to the
  ipp-order.cgi on the IPP.

  * seller-deal.cgi takes a response from the IPP and if OK, files the
  order, if not, complains to the consumer.

  On the IPP:

  * ipp-order.cgi takes the signed form and verifies the signature and
  transfers the amount between two accounts if correct. It calls
  seller-deal.cgi on the seller with the result: OK or cancel.
