I've no idea what shopsite is, being a coder I don't dabble much in open source or off the shelf solutions.
I really would like to have a 'professional' deal with security and payment processing
By your mention of Authorize.net, I am guessing you're familiar with the two key elements in processing CC's, your gateway and your merchant account.
Some processors are both the gateway and merchant account in one. In either case, a slick setup is:
- install SSL cert on your site. This allows you to accept the credit card info securely (but not "save" it, see below.)
- When submitted, you do what's called a "silent post" to the gateway using curl or some other method. Basically 1) user submits, 2) using curl you post over SSL to the gateway, 3) you receive a response to the attempted auth/charge, then 4) based on the response, act accordingly (update database, send emails, OR return to form with declined message.)
This has the effect of the user never leaving your site.
Note that at no point do you store credit card information: you just build a string in the format supported by the gateway which includes the CC info, send it to them, and receive a response. Storing credit card info pushes your site up to a higher level of PCI compliance, which, while it can be done, is often not possible in most hosting environments.
You wouldn't have to pass any order information, although you can. Generally all the gateway needs is some form of token identifying your account, the basic CC info, and the total. Some gateways require a .pem, like a miniature SSL cert, as part of the authentication token.