someone asked:
> >   does anybody have any experience processing credit card
> >transactions (eg. online shop) using ruby?
> >What third-party software do you suggest to use?
 
someone answered:
> Authorize.net also have a more advanced interface which is more like 
> RPCs: you do the work locally and they just handle authorization and 
> capture.
> You can download their manuals and code samples (no NDA required) from 
> http://www.authorizenet.com/support/


Yes!  I can HIGHLY recommend using Authorize.net because of their openness
in being able to just use regular HTTP POST over SSL.

I used the cURL (http://curl.haxx.se) library to post our info to them
and it was so easy.

Before that I had used three different companies that all made you use
some special stupid binary on your server to connect to theirs.


Here it is in PHP, but I hope this helps:
(how weird to be posting PHP code on the Ruby list! ack!)


<?php
/* the basic info for authorize.net.  same for every order. */
$passinfo = 'x_Login=YOUR_USERNAME_HERE';
$authinfo=array();
$authinfo['x_ADC_Delim_Data']='TRUE';
$authinfo['x_ADC_Delim_Character']='|';
$authinfo['x_ADC_URL']='FALSE';
$authinfo['x_Method']='CC';
$authinfo['x_Password']='YOUR_PASSWORD_HERE';
$authinfo['x_Recurring_Billing']='FALSE';
$authinfo['x_Type']='AUTH_CAPTURE';
$authinfo['x_Version']='3.0';
$authinfo['x_Email_Customer']='FALSE';
$authinfo['x_Email_Merchant']='FALSE';
$authinfo['x_Tax']='0';
$authinfo['x_Currency_Code']='USD';
$authinfo['x_Invoice_Num']=$invid;
$authinfo['x_Description']=$x_Description;
$authinfo['x_Amount']=$inv['total'];
$authinfo['x_Card_Num']=$_cc_number;
$authinfo['x_Exp_Date']=$_cc_expmonth . $_cc_expyear;
$authinfo['x_Cust_ID']=$c['uid'];
$authinfo['x_First_Name']=$c_firstname;
$authinfo['x_Last_Name']=$c_lastname;
$authinfo['x_Address']=$c['addr1'];
$authinfo['x_City']=$c['city'];
$authinfo['x_State']=$c['state'];
$authinfo['x_Zip']=$c['zip'];
$authinfo['x_Country']=$country;
$authinfo['x_Phone']=$phone;
$authinfo['x_Email']=$c['email'];
$authinfo['x_Customer_IP']=$_SERVER['REMOTE_ADDR'];
$authinfo['x_Ship_To_First_Name']=$i_firstname;
$authinfo['x_Ship_To_Last_Name']=$i_lastname;
$authinfo['x_Ship_To_Address']=$inv['addr1'];
$authinfo['x_Ship_To_City']=$inv['city'];
$authinfo['x_Ship_To_State']=$inv['state'];
$authinfo['x_Ship_To_Zip']=$inv['zip'];
$authinfo['x_Ship_To_Country']=$inv['country'];

/* CREATE THE STRING TO PASS USING cURL */
foreach($authinfo as $fieldname=>$value)
	{
	$passinfo .= '&' . $fieldname . '=' . $value;
	}

/* #-#-#-#-#-#-#-#-#-#-#-# START - CHARGE CARD WITH AUTHORIZE.NET #-#-#-#-#-#-#-#-#-#-#-#-#-# */
/* sometimes we get no response, so I'm going to loop it until we get SOME response */
$approved=0;
while ($approved==0)
	{
	/* cURL: no headers returned, no direct output to web browser, post info */
	$ch = curl_init("https://secure.authorize.net/gateway/transact.dll");
	curl_setopt ($ch, CURLOPT_HEADER, 0);
	curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt ($ch, CURLOPT_REFERER, 'http://www.YOUR_WEBSITE.com');
	curl_setopt ($ch, CURLOPT_POSTFIELDS, $passinfo);
	$response = curl_exec ($ch);
	$response = trim($response);
	curl_close ($ch);
	/* EXPLODE THE RESPONSE INTO AN ARRAY: $responseline */
	$responseline = explode($authinfo['x_ADC_Delim_Character'], $response);
	/* APPROVED CODE: 0=no response, 1=successful, 2=declined, 3=error */
	$approved = (int)$responseline[0];
	}
/* #-#-#-#-#-#-#-#-#-#-#-# END - CHARGE CARD WITH AUTHORIZE.NET #-#-#-#-#-#-#-#-#-#-#-#-#-# */

/* GET JUST WHAT I NEED FROM THE AUTHORIZE.NET RESPONSE */
$bank_response = array();
$bank_response['avs'] = $responseline[5] . ' = ' . $avs_response[$responseline[5]];
$bank_response['response'] = $responseline[0] . ' = ' . $response_code[$responseline[0]];
$bank_response['response_reason'] = $responseline[2] . ' = ' . $response_reason[$responseline[2]];
$bank_response['auth_code'] = $responseline[4];
$bank_response['trans_id'] = $responseline[6];
$bank_response['md5_hash'] = substr($responseline[37], 0, (strlen($responseline[37])-1));

?>