I'm seeking some guidance from people with experience in building ecommerce sites. This is actually my first time integrating with a payment gateway.
My implementation is actually a very basic booking system, where user places selects a date and number of tickets to book, clicks checkout and comes to a order confirmation screen, and then upon clicking submit again, user is brought to 3rd party payment gateway.
The 3rd party payment gateway url expects a post submission, containing a few mandatory fields for their api, one of which is a orderID to identify the order.
This is what I'm doing:
Unique order is generated when the ticket booking page is loaded.
User chooses what date he want, # of tickets, and clicks submit.
Data is validated, and then saved to a bookings table in db, while the user is brought to the confirmation page, presenting him/her with the details they have chosen and the price.
User clicks checkout, and the form is submitted to the 3rd party payment gateway url, user is brought to their page as well to complete payment.
Payment is completed, user is brought to our success page, payment gateway also posts details of transaction to a url of our choice which captures the transaction details, and saves it into a orders database.
So is that feasible ? My questions are:
Should unique order ID be generated as soon as ticket booking page is loaded ?
Should I have a booking database that saves bookings on the confirmation page ? What is user never clicks submit, then i'd eventually have a long list of records.. of course we could create some functionality to clean up the table, but is this common practice ?
Should I have a temporary booking database as mentioned above, as well as a completed transaction database that only captures transaction details from the payment gateway ? (Regardless of successful/failed)