SurfDOM Web Application Framework

Support for On-line Shopping

The application has been primarily set up as an on-line catalogue with shopping cart facilities. It therefore has support for all of the following e-commerce features:

Pricing: Each catalogue item can be linked to a price. Prices are separately defined and multiple catalogue items can share a single price, making price maintenance simpler.
Currencies: Each price can have multiple different currency values. If you support international customers and want to allow them to purchase in their own currency you can easily do so.
Sales Taxes and GST: The application allows the definition and calculation of sales taxes, including GST, both inclusive and exclusive to the price.
Shipping Costs: The application supports a sophisticated, rule based shipping cost calculator. Costs can be calculated based on delivery address, as a percentage of the total price, based on currency, based on the type of item purchased, or as a combination of these.
Discounts: The application supports discounting and special offer codes. These can be set up based on an individual or a time period and can be for a percentage or fixed amount.
Shopping Cart: The application has built in support for a shopping cart. Catalogue items can be selected for purchase and will be added to the shopping cart. The total cost including shipping can be calculated and displayed and the customer can proceed to a checkout page to complete their payment and shipping details.
Payment Interface: The application is extensible to support your preferred payment gateway. If we do not already support it, we can add the necessary interface for you, often no more than a correctly constructed form posting to the payment provider's site.
Order Management: Because of the security features of the application, your staff can login at a higher access level to normal customers and manage orders in the system.
Email Notification: The system can automatically mail out an order receipt to the customer, and can be configured to email an address of your choosing ever time an order is completed.
On-Line Registration: The application has built in support for customer registration, password management - including emailing lost passwords and rule based password selection, and customer subscription.
Purchase History and Order Progress: After logging in, registered customers are able to view their own purchase history on line and track the progress of their order.

Email Support

The application supports template based email using the String Template language, similar to the template content items. This enables the creation of personalised emails which can be sent to your subscribed customers or groups of customers based on a database query or generated list.

Security Features

The application has a number of features to protect your data and allow peace of mind to your customers. It supports the following security features:

Https Secured Pages

The application has built in support for secure sockets layer (SSL) encryption. This requires a properly configured server with a certificate to support SSL but, assuming the configuration is correct, if a page in the database is marked as secure it will always be called through the https protocol. If an attempt is made to access a secure page over http a server redirect will send the request through https.

Multi-Level Account Based Access

Each content item has an access level assigned to it and each user has an access level. Anonymous public users have an access level of 1 and once a user logs in they have an assigned access level based on their role. The access levels are based on a two's complement system and in a standard set up the following user access levels are available:

1 - Public anonymous access.
2 - Registered customer.
4 - Authorised customer, e.g. Wholesale or Reseller
8 - General Administration
24 - Content Administration
56 - Account Administration

Content is displayed if the content access level binary anded with the user access level is greater than zero.

A content item with an access level of 15 would be visible to all users, one with an access level of 14 would be visible to all logged in users, and one with a level of 8 would only be visible to administrators.

Content Encryption

Any sensitive data, such as passwords, credit card information, etc., is stored encrypted in the database using AES 128 bit encryption and a site specific key.

Contact Us Facility

To avoid publishing email addresses on the internet, where they can be harvested by spam bots, the application supports a Contact Us page to allow customer and prospect email to be sent to a specified address that is not published.

AJAX Support

One of the more important recent technologies on the internet has been the so called AJAX technology. This stands for Asynchronous Javascript And Xml and it is a method for requesting data asynchronously across the web. Calls are made in the background and can be used to update small sections of the page, rather than requesting another page. This can greatly improve website performance and give a much better user experience.

The Application Framework fully supports asynchronous calls and any content item or type can be marked as being for asynchronous calls and that content will be streamed to the client asynchronously as an xhtml fragment. The framework also supports processing of data posted asynchronously.

Content Search

Because all the site content is stored in the database, it is easy to search and functionality for searching, including regular expression based searches, are built in to the framework - utilising the underlying power of the PostgreSQL database.

Traffic Analysis

The application has the ability to record and report each user session and page request, including Ajax requests. This functionality can be turned on and off with a switch in the configuration file. It records the ip address, reported browser language, the browser user agent string, referrer and the page, group and item for catalogue items, and the request date and time. If the user logs in, the session will map back to that userid.

It can be used to report information like the total amount of site traffic in a given period; the various amounts of traffic by days of the week and hours of the day; the most popular and least popular pages, customer purchase patterns, etc.

Content Management

Content management functionality is built in to the application. We can configure this specifically for your site, so that the content you want to update is presented in a simple and understandable format.

There are also editors for pricing and catalogue management.