I wouldn't take credit cards unless you can control the
server. Taking credit cards is a big responsibility,
and you will have a hard time proving that you did it
correctly should anything go wrong. Although I am used
to US liability laws (and am therefore paranoid about such
things), I wouldn't want to be the one who got sued because
someone hacked into the ISP and set up a credit card
I set up a credit card system and found it to be painful,
because I had to deal with:
Learning how credit cards really work. This isn't as
simple as you might think. There are many issues that I can
describe if people are interested.
Dealing with the US Department of Commerce denial list.
They keep a list of bad guys that I wasn't allowed to
Security reviews by a guy who was long on paranoia and
short on real knowledge. He
insisted that I implement a really twisted system that
had performance problems.
An antiquated order processing system in the company.
There were many more...
Once the site is running, you need one or more people in
a production and support role. This is the area that
many people don't think about at all, and it makes many
sites fail quickly after deployment.
Given the level of experience you have described,
the tools that you have available, and your time frame,
it sounds like a crash-and-burn to me. Debugging problems
will be extremely difficult, especially with your
credit card system, which is difficult to prototype.
For example, say your credit card transaction times out.
How will you solve the problem?
It should work perfectly the first time! - toma