Apache Today [Your Apache News Source]
Your Daily Source for Apache News and Information  
Breaking News Preferences Contribute Triggers Link Us Search About
To internet.com

Apache HTTPD Links
Apache Project
The Java Apache Project
PHP Server Side Scripting
The Apache Software Foundation
Apache-Related Projects
Apache Module Registry
The Apache FAQ
Apache XML Project
The Jakarta Project
Apache-Perl Integration Project
The Linux Channel at internet.com
BSD Today
Linux Apps
Apache Today
BSD Central
All Linux Devices
Linux Today
Linux Planet
Linux Central
Just Linux
Linux Start
Linux Programming
Enterprise Linux Today
E-Commerce Solutions: An Apache Overview
May 31, 2000, 14 :02 UTC (9 Talkback[s]) (9124 reads) (Other stories by Martin C. Brown)

Editor's Note: With this column Martin C. Brown begin his regular coverage of Apache and E-Commerce. This initial column maps out the burgeoning area of E-Commerce and what every Apache Webmaster needs to know about implementing E-Commerce on their site.

If you go up to any IT professional and ask them what the hottest Internet buzzword is right now, they'll tell you its E-Commerce. But if you ask them what the term means you'll get a range of different answers. Most people will agree that it refers to some form of selling on the Web, others will classify it as a way of communicating more intelligently with users on a business level. Whatever the real classification of the term, it definitely indicates a better use of the Internet as a tool for making money.

To me this means more than a shop selling the latest CDs and DVDs, or even a portal site like Computer Shopper. E-Commerce also covers the service-based industries like the banking and the ability to pay your utility bills, all through the same web interface. The terms Intranet and Extranet have been around for a long time, and are nothing new, but E-Commerce is beginning to add a new dimension to a previously information only service. In fact, one of the biggest growth areas is in the business to business arena, where the use of E-Commerce technologies is allowing people to big on projects, exchange information, and work more cooperatively.

So, E-Commerce is the buzzword, but how do you actually produce an E-Commerce site?

Well, beyond the obvious elements of an idea and a product or service to sell, you'll need to solve some problems related to identifying and communicating not just with users, but also with the databases and other information sources that go to make up your site.

Here's a quick guide to some of the issues facing the E-Commerce developer that we'll be covering in future articles:

Session Management
Whatever you're E-Commerce site aims to achieve, it's always useful to be able to track the user as they click through your site. Not only does it provide you with the hooks to provide customized solutions to individual users, it can also help you monitor which parts of your site your users really use. Session managment requires a simple suite of tools that support the creation of unique session ids, expiring old sessions and logging and tracking the session data.

Cookies provide a possible solution to the session management problem that goes far beyond a single user visit. Cookies reside in the user's browser and allow the user to be automatically identified by the site. They can also be used to store other information, including a list of the user's purchases or their display preferences. Using and managing cookies though can be complex, and you'll need to find ways round the problem of users who wont accept cookie data.

Template Driven Pages
Ignoring the issues of executing scripts on your website, you also need to provide a consistent interface between all of your pages. Even simple things like logos and copyright statements will need to be included into your pages. Adding this information manually to the end of each page is a nightmare - especially if you have to change it. It gets even more complex when you mix and match static pages and scripts.

There are a number of solutions including SHTML, a custom built engine for Perl or Python, or an embedded solution like PHP. SHTML, server-parsed HTML, allows you to embed other documents into an HTML page as it's being shared to other users. It only works on static pages, so you also need to develop your own system when using a scripting language. SHTML is also fairly limited, so when using it with a scripted solution you might also want to embed dynamic information, or even dynamically select an embedded element.

Script-Driven Sites
You probably think that all your sites will be script driven, but this won't always be the case. In fact, there are advantages to using some static pages and some of the less interactive facilities such as offered by Apache. If you decide to go the scrip- driven route you need to pass information between pages and know how to optimize your Apache server to prevent your users experiencing the world wide wait.

Database Integration
Unless you have a very simple site you'll need to interface to database to supply the information your either going to sell, or that you will use to sell your products. Actually talking to your database is probably the least of your worries; you'll also need to think about where the database resides, what software to use and how to manage your connectivity to the database. Keeping databases open improves performance, but may also tie up connections you'll need for future users. And what happens when a database process fails?

Shopping Carts
If your site is selling products or services then you need to keep track of the products your users have purchased. The real question is how--you could use hidden fields between pages, but that's prone to errors, and won't be stored if the users goes to another site but for short processes can be easier to manage. Cookies are seen by some users as a security blackhole, and sessions imply a reasonable overhead on your applications, but they all support the ability to perform sophisticated transactions.

Credit Card Authorization
For services that require instant payment you'll need to accept a credit card number and validate it before telling the user their purchase has been approved. But how do you accept the payment and authorize the card to ensure your not breaking the law? Furthermore, how do you avoid giving away products without getting any payment?

Security and Secure Communications
Very few people are going to be happy about giving away their name and address to a site that doesn't use secure communication. Apache supports secure HTTP communication but you still need to provide a conduit between the insecure and secure side of your site. Once you've got the information you also need to ensure that the information is safe on your site--taking secure details is great, but pointless if you leave the machine wide open to attacks.

Returning Non-Standard Data
Internet-based software delivery is probably one of the future hot topics for the next generation of E-Commerce service. The ability to visit a site and purchase and download the software package is nothing new, but with broadband services coming on line it may become the normal method of software delivery. Making the software downloadable from an FTP or HTTP site is not secure; once the URL is known anybody could download.

By using some scripting tricks and other techniques to verify the user you can supply the software dynamically, only when the correct payment has been received. Other solutions can use the same basic process--dynamically selected or created graphics, audio files, even customized software can be transmitted using the same principle.

Creating Graphics on the Fly
Years ago I worked with Hewlett-Packard on the first online-configuration and pricing system on the Web. Now they are ten a penny, but something that we worked that has never made it to the big time is the ability to build a representation of what the final machine will look like. Using some of the tools available today it's possible to draw a picture within a script and then supply the information directly back to the browser.

Development and Production Servers
No matter what platform you are working on, or what type of site you are working on, having two different servers, one for development and the one that actually hosts the site. Keeping the two sites separate is not a problem, but making sure that you can easily and painlessly move your development server data to the real server requires some careful planning and a few tricks.

Error Handling and Debugging
Making sure that you don't provide your uses with a 404 message, or that your script doesn't produce a useless result is vital if you want to keep the professionalism of your site at it's highest level. Apache provides its own solutions, but you also need to make sure your scripts are as clean and bug-free as possible, which can be difficult when your only means of monitoring the script is with a combination of the Web interface and the error files produced by Apache.

Parsing Apache Logs
Even with the addition of sessions and cookies, you still need to be able to read and parse the log files that Apache produces to monitor your web site's usage, performance, bottlenecks, and errors. There are many ways of doing this, from custom-built solutions, to free analyzers like Analog, and even commercial systems like Funnel Web. They all provide similar functionality, but you still need to know how to use the information they output to ensure the best availability for your site.

For this series of articles we'll be covering all these issues, and many more, in terms of Apache and the scripting languages like Perl, Python and Rebol, and solutions like Zope and PHP.

If there's a product or solution that you've been looking for to do with E-Commerce then just drop me a line at and we'll see what we can do!

Martin C. Brown is a full-time writer and consultant specializing in multiplatform integration and internet technologies. He is author of both the Perl and Python Annotated Archives and Perl The Complete Reference.

  Current Newswire:
FreeOS: (Apache) Web server tutorial

PHP-Nuke 5.0 released

SECURITY: EnGarde Linux advisory: Apache directory listing vulnerability

ZDNet: Red Hat Tux 2.0 blows away Apache

O'Reilly: Industrial-Strength Webcasting with mod_mp3

Apache Module Registration: mod_gd

Expresso 3.1 open source application development framework unveiled

mnoGoSearch 3.1.15 released

Apache Module Registration: mod_sqlinclude

Apache Week issue 250 (8th June 2001) is out

 Talkback(s) Name  Date
  Coolness & phpShop
Good deal. I look forward to reading your future columns.

While I'm here I thought I would mention that I've been working with an open source e-commerce package called PHPShop, and am very impressed with it. It's currently at version 0.3 (0.4 is due out Real Soon Now), and while there are currently a few gaps in its functionality, I think it has a ton of potential. I like it a lot more than some expensive commercial products I've used.

More information can be had at http://www.phpshop.org/ Why not give it a whirl and see if you think its worth doing a column on?   
  Jun 1, 2000, 05:39:51
   Re: Coolness & phpShop
Thanks for your comments., and your suggestion. I'll give PHPshop a look.

I'm always interested in new toys and tools, so if you or anybody else has any other suggestions, please feel free to post em here, or direct to me.   
  Jun 1, 2000, 13:47:13
Something I've always wondered is why there are no good development oriented books regarding e-commerce, like an O'Reilly approach covering the actual programming aspects of billing transactions, storing customer and purchasing history, dealing with interstate and international tax and shipping issues, etc.

Everything I've found on the subject has been very vague, management oriented. It would be killer if someone covered the hardcore details, something you'd want open by your desk as you were building your site. It would probably cover 3 systems of billing: cybercash-ish, Yahoo-store-ish, and using your own direct-dialup-to-visa billing. It should also be as language-neutral as possible. Not a small task, but definitially badly needed!

Any recommendations, or takers from bored authors? :)

And thanks for setting up this forum. Great intro articles... looking forward to reading more!

  Jun 2, 2000, 21:31:35
   Re: Books?
Actually, if you look around there are quite a few books that will help you along, even if they aren't listed as E-Commerce titles. For example, the excellent Building Dynamic HTML GUIs, By Champeon & Fox provides an excellent outline for building dynamic websites - a critical part of the e-commerce process.

There is however a gap, and I can assure you that somebody, somewhere, is working on something :)

Martin C Brown, www.mcwords.com   
  Jun 18, 2000, 07:57:15
  e-busi·ness (e' biz' nis)
e-busi·ness (e' biz' nis)

IMO, and in a nutshell, Electronic Commerce - or eCommerce - can be summarized as an industry standardized exchange of goods and services, done electronically.

The definition is the simple and easy part. Enabling, or readying your business for eCommerce can be a trying, cumbersome, and uneventful journey, full of surprises and compromises.

This post is comprised of excerpts from an E-Commerce Proposal I did for Sky-Tech Computers, and in correlation to the article, "E-Commerce Solutions: An Apache Overview," by Martin C. Brown. This post is not intended dissemination or advertisement for either of "the company" described, to follow, nor "the application" used to describe the processes.

Since Sky-Tech (http://www.sky-pro.net) was already residing on a Unix system serving Apache, the script we chose (http://www.sky-pro.net/cgi-local/ws400CS.cgi) was the WebStore, by Ratite. Issues regarding cost effectivity, ease of use, ease of navigation, ease of configuration, smooth integration and implementation, a simple database and database management system, and training requirements, to name just a few topics, all played into the decision making process.

Martin C. Brown's "quick guide" to "issues facing the developer" are an excellent starting point, and we used a system very similar in our decision making process. I will try to use proper writing techniques when quoting Mr. Brown's article. Un-quoted material should still be referenced to the original piece. In no way is the misuse of quotes intentional, or plagiaristic.

Let's start with Session Management.

Our script utilized a cart ID, which in turn processed a unique banner ID. If not present, produces an error if a user tries to execute an individual frame of the script, and forces a full-load of the originating script. When we say we're going to utilize session management, we're going to utilize session management. Period. Don't like it? I hear there's excellent opportunities in the food service industry. The visitor number, item referenced, originating (on-site) page, and record-viewed details were logged. Cart ID's were set to expire after 24 hours, so if you got pulled away from your order, you could come back and re-open your current session. Nifty, yes, but very informative, i.e., this "database" of activity plainly tells you "our visitors are looking at this product," or "these records." Sort of the 'what's hot' and 'what's not' of your eComm product offerings.


We utilized cookies in two separate and distinct ways. If you did go to the CGI example above (http://www.sky-pro.net/cgi-local/ws400CS.cgi) and actually attempt to place an order, the Order Form is pretty cool. Steve Britten, the owner of Sky-Tech Computers, is very emphatical about acknowledgement of the store's return, refund, and exchange policies. The back of his invoice/receipt is pre-printed on an 8-1/2 x 11 from top to bottom with this policy -- computer sales, go figure. I racked my brain ... how could I get the customers to flip over their monitor, to look at the back of their receipt? Sure, ya' might catch 1 or 2, but the rest ... LOL. Well, with the help of a cookie, we pop-up a separate window that explains the whole process, which terminates with a button labeled "Acknowledged." Voila! The second use of cookies was with the (now defunct, but still operational) "Build Your Own / Custom Config" pages (http://www.sky-pro.net/start_custom.html). A very simple 'one-click' questionnaire, and you're on your way. Security issues played an important part in the design of the 'Build Your Own' pages. The WebStore's (static, linear) database was set-up with additional fields for multiple pricing levels, but integrating it with customer designed builds proved to tax the server (Sky-Tech gets several hundred unique hits per day -- CGI anybody?) I designed a simple export macro from the company's existing Excel accounting package to format the custom builds database. Using Javascript's 'SRC="filename.js"' feature, I included then uploaded this to a directory with proper permissions set, and an "index.html" to redirect the user if they get snoopy. The cookie logged who, what, when, where's of the actual order process. This cookie eventually was purged from the process though.

Template Driven Pages

Although not used extensively at the fore mentioned website, I worked on the conversion of an attorney's intranet where had it not been for templates, I probably wouldn't have fingertips anymore. Extensive and repetitive documents were warehoused for quick reference via XML. WordPerfect DOC's stripped down to TXT, and served to a browser via an intranet. (Cordially, voila!)

Script-Driven Sites

If you haven't yet figured out Sky-Tech's eCommerce site, it's one honkin' script. Yep. Just one! Not really though. For this configuration, we actually use three: The Store -- encompasses product eye-candy & choice, pricing, ordering, and billing. The Banner -- effectively can offer click-thru to individual pages, or paid advertising. The Database Editor -- neither shown nor described, this all-in-one-tool was a catch-all for data-entry because you could view the record after it was entered. Each record contains a field for an image, that actually uses the HTML tag 'IMG SRC='. GIGO.

Database Integration

Heavy on the database side, the webstore utilized a very simple, pipe-delimited, linear ASCII database. Price consciousness played it's part there.

Shopping Carts, Credit Card Auth., and Secure Sockets

Can't emphasize enough how important this is to your site -- whether your company sells a product, information, services, anything! All are a must have. Whether you intend (or currently do) B2B, retail, wholesale, whatever ... remember this: There are roughly 100 million Internet users in North America, and upwards to 55 million of them "Buy Online."

skimming thru ...

What makes all of this possible? Apache. I build test-run complete applications on my Windows 98 machine, running ActivePerl on Apache. I can test my scripts, make minor OS-specific changes, FTP them to the server, finalize configuration issues, and BOOM! Apache makes me happy.

Jim Miotke
MioTEK Enterprises
I thought, therefore I was.   
  Jun 27, 2000, 01:03:46
   Re: Books?
Philip and Alex's Guide to Web Publishing is one of the best resources on the net. A lot of good advice, but take it with a grain of salt.   
  Aug 24, 2000, 20:12:36
  Creating a Web server
Hi there,

I am a software professional aspiring to create a web server using the Apache
web server software. I currently have 233MHZ pentium machine. I would
like to know whether you could give me tips on what I need to look for
in terms of infrastructure here. Is is possible to go on a small scale
with the 4.3GB hard drive in my machine for a while before buying high
end infrastructure? Please advise me on this.

Looking forward to hear from you.

Best Regards,

Mahesh Venkatachalam   
  Sep 6, 2000, 16:12:55
  E-Commerce Draft Capture Software
Hello Apache,
Can anyone tell me where I can find a Draft capture program or software package for use with Cybercash or Credit Card?

Thanks, Scott Marcks   
  Oct 4, 2000, 16:29:58
   Re: E-Commerce Draft Capture Software
  Feb 23, 2001, 08:17:54
Enter your comments below.
Your Name: Your Email Address:

Subject: CC: [will also send this talkback to an E-Mail address]

See our talkback-policy for or guidelines on talkback content.

About Triggers Newsletters Media Kit Security Triggers Login

All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux 2.2.12, Apache 1.3.9. and PHP 3.14
Copyright INT Media Group, Incorporated All Rights Reserved.
Legal Notices,  Licensing, Reprints, & Permissions,  Privacy Policy.