Creating a "Confirm Order" Page

My website has a Payment Form where people can enter their credit card details to buy something. (It is home-grown.)

When the Form is submitted…

If there are data-entry errors, the Form is redisplayed with an error message next to the offending field (e.g. “Please choose an Expiration Date.”).

If there are no errors, then the Form is submitted, and a message is displayed on a new page like this…

Order #1234 was placed. Your Mastercard was charged $20.00. Thanks you for your order!

Moving forward, after the Payment Form is submitted (without any errors), I would like to display a “Confirm Order” page that has all of the Order & Payment Details along with a button along the lines of “I have confirmed the details. Please submit this Order.”

Because I am dealing with sensitive information, I am not sure how to pass Order & Payment Data from my “Payment Form” to a “Confirm Order” page, and then possibly back to the “Payment Form” if there are issues?!

(Whatever I do, it must be PCI-compliant!!)

As far as I know, you would never temporarily store the data in a Cookie or a Session variable, and the $_POST array only works on a given page, so I’m not sure how to accomplish what I just described?! :-/

Here is hoping that there are some people with hands-on E-commerce experience…



P.S. My site is coded using Procedural Methods, so no OOP please!! :wink:

You could kind of avoid the issue by not submitting the payment info quite yet. You can show a popup area (I know it as a dialog box) with the summary and a confirm/cancel button. Confirm will submit the form. So there isn’t really another page just an “are you sure” type of thing (with more details than that).

I am not using JavaScript, so that is not an option.