Make subscriptions / donations page HTTPS (+ add PayPal/Flattr option)

[study2k10]

I just checked out the "Upgrade" page, and unfortunately I don't have a credit card to either subscribe or donate. Since I plan to donate money in the future (to value your development effort) I'd like to do this via PayPal and/or Flattr.

Also I noticed that the actual credit card form page seems to be insecure (e.g. no HTTPS / certificate), even if there's a text in the lower right saying it's a "Secure Connection". Maybe this is due to embedding the process into Go Read's pages? I don't feel very confident with those pages at the moment really ...

[maddyblue]

It's secured through stripe, one of the most secure ways to do credit card payments. They handle all PCI compliance and security. No CC data ever passes through my servers, and there is no way for me to even request CC information. This all happens in a secured AJAX request. However, adding HTTPS to ease people's concerns (and a MITM attack) would be good, yes.

I will never support paypal. I'm considering google wallet if enough people ask for it. Flattr I've never heard of. Leaving this open for HTTPS support.

[vendion]

I would be interested in seeing Google Wallet support, they also handle PCI compliance as well as allow subscriptions.

[haacked]

So I just paid with Stripe and it's stuck on this screen and I'm still getting ads. :(

[maddyblue]

goread still thinks you have a free account, and there's no record of you in stripe. Also, I see no requests to the checkout route on your user for the last 17 minutes. (That's the oldest log for your user.) Don't try again - it's broken at the moment.

Getting ads is surprising, since I removed them completely some weeks ago.

Update: stripe got your cc info, but it appears that goread never then requested a payment on it. Since I didn't see any server requests, I suspect this is a javascript error. Yes, I tried to sub on my own account and got the same behavior. Will fix.

[maddyblue]

This has been fixed. Minor API change in angularjs caused the ajax request to be only queued and not sent. I believe it would have worked had you clicked on anything, which would have run the queues.