I'd like to capture sales information (items ordered, price of each item, total order sale, etc.) from our affiliated web sites. The webmasters would insert a little bit of JS on their order confirmation page which would be populated with the sales info.

For example, here's an example of how shopzilla does it.

<script language="javascript">
<!--
/* ROI Tracking Data */
var order_value = '$50.00';
var order_id = '12345';
var units_ordered = '3';
//-->
</script>
<script language="javascript" src="https://www.shopzilla.com/css/roi_tracker.js"></script>

Can anyone provide any info on a simple, secure method of processing the data sent via JS and adding it to our server? I'm just unclear on the JS part of it.

At the most basic level of thought, would you just take the JavaScript variables they set and make a GET request with the variables and then handle all the data sanitizing and security on the server?

[edited by: Mr_Diggz at 11:17 pm (utc) on April 22, 2008]