Whats the program workflow for paid membership on sites?

Question

I'm building a paid membership site in php using the Zend Framework. I need to work out a workflow for charging users. We have a number of monthly packages each offering varying degrees of services. For an example:

A free plan which allows users to create one workspace and one user

A Basic plan which allows to create 5 workspaces and 3 users and costs 15 dollars/month

A Premium Plan which allows to create 20 workspaces and 10 users and costs 35 dollars/month

A Heavy Duty Plan which allows to create 50 workspaces and 30 users and costs 65 dollars/month

I would mostlikelye be integrating with a third party gateway like AlertPay for now - however the packages are monthly and :( sorry to say I haven't actually signed up on any monthly membership service site so far and wonder on how do you incrementally charge a user each month.

Do you insist that they enter their credit card details each month or do you actually ask them for the detaisl once and then you charge it monthly - I honestly doubt the latter can even be considered.

Or do users pay in advance for how many months they wish to use - how is it done normally.

Also I would like to give my users a 10 day free trial of all the paid packages upon signing up. How would I implement this in code. I have my application set up and is functioning as though all users were administrators i.e no holds on anything and would now want to build in teh restrictions to monetise but am a bit lost on the work flow and the code implementation and data design to do this.

Reminds me are there any online services or open source applications that I can use to plug in to my application and handle this aspect of the site for me?

UPDATE =========================

Very comprehensive answers, however on a development level - what should I store in my database and how would I design the tables required. I understand not that each month for a monthly subscription a postback would be made to a url I would provide the gateway. Like what would be the bare essentials here for the database.

Answer 1

Well, you're asking two questions.

how do you incrementally charge a user each month?

What you are looking for is recurring payment, most payment gateway provides such options (Paypal does). Basically, it stores credit card information in a secure database, and run a cron every day to check for recurring profile and ask for authorization. However, I actually don't advise you to do it yourself, it's difficult, and somehow illegal in most country. (You can't store CC numbers yourself).

Some website will charge you once for n months, but in a user perspective point of view it can afraid them.

How would I implement this in code?

Zend Framework ships a component (Zend_Acl) which will help you to build an Access Control List.

What you can do is created one "role" per subscription type, each with different privileges on different resources.

If you know the MoSCOW method, it is somehow similar:

• (Role)Free plan can (Privilege)register (Resource)website.
• (Role)Basic plan can (Privilege)create 5 (Resource)workspace.
  etc.

Note, that most of the time, there is a kind of Privilege Escalation, because on how you can inherit roles.

You need to isolate, and find what your resource, resources can be anything you want, and even be dynamic and created on the fly.

Using assertions, you should be able to limit the number of workspace per role.

Class WorkspaceCountAssertion {

    const MAX_WORKSPACE = 5;

    public function assert(Zend_Acl $acl,
                           Zend_Acl_Role_Interface $role = null,
                           Zend_Acl_Resource_Interface $resource = null,
                           $privilege = null)
    {
        //retrieve the current workspace count
        if ($workspaceCount > self::MAX_WORKSPACE) {
            return false;
        }

        return true;
    }
}

$acl->allow('basic', 'workspace', 'create', new WorkspaceCountAssertion());

It gives you the idea.

Note, that I never used the term user, controller, etc., you actually need to think in terms of Role, Resource, Privilege.

---

You need to store the role, with its associated account in a simple many-to-one relationship.
Each account can have one role. How to update this when the payment stop? Depends, but in most case you'll need to run a cron which will check for ending subscription and check for recurring payment, depending on the payment gateway, it'll either postback the resulting transaction, or return it directly with the webservice. If the payment failed or is refused, then you can change back the role to a free account.

There are several way to do that, it depends on your application and requirements.

You may want to store each monthly subscription, or update a linked account/subscription row.

Answer 2

Most payment gateways will manage your subscriptions for you and notify your site via postback mechanism. I.e.,

1. User visits your site
2. User pays for subscription on your site
3. User is redirected to payment form either hosted by yourself or the payment gateway (depends on the gateway).
4. User enters their credit card information on the form and is submitted to payment gateway.
5. Payment gateway initiates subscription and notifies your site via postback (in background).
6. Depending on whether the user payment form is hosted locally and you are simply post'ing the submission to your payment gateway, or the payment gateway is handling the form, your user may need to be redirected back to a success/failure page, or simply display the appropriate response.

When a a change in subscription occurs, i.e., rebill, cancel, chargeback, your payment gateway initiates another postback to let you know of a new event. Your application would then be responsible for updating the user status appropriately.

This is pretty general information, although it is roughly the steps most payment gateways follow.