1. Generate a new key pair on the fly with (https://blockchain.info/q/newkey)
2. You just generated a new address followed by the 64hex private key.
3. THAT KEY IS TRANSMITTED OPENLY AND NOT SECURE. No biggie, as long as you are dealing with only a few orders a day and low dollar amounts your risk is minimal. Risk does exist to a MitM but again, if you are some small shop selling your homemade jelly for $20 a jar I'd say you're pretty unlikely to be a target. Now if your selling weed and cocaine, with a bunch of orders per hour, well then this would be the stupidest way to accept payment.
4. Present the address to your customer, and tell them to send bitcoins to that address.
5. Use something like mail(); to email yourself the customer's contact/shipping info, the item they ordered, and the key pair your generated.
6. Once or a couple times a day when you receive an email that there was a new order, sweep the funds to your secure wallet on your phone/table/PC whatever.
7. If you don't know how to convert the 64 hex private key to wallet import format, head on over to bitaddress.org, click on wallet details and paste it in there.
Below are some very brief code examples for steps 1, 4 and 5
1.
$fgc = file_get_contents($url);
$keypair = explode(" ", $fgc);
$bitcoin_address = $keypair[0];
$private_key = $keypair[1];
//store in session
session_start();
$_SESSION["addy"] = $bitcoin_address;
$_SESSION["pk"] = $private_key;
?>
4.
Hello Mr Customer,
Please send $20 or //get exchange rate
$exc = json_decode(file_get_contents("https://blockchain.info/stats?format=json"), true);
$btcusd = $exc["market_price_usd"];
$usdamount = 20;
$convert = $usdamount / $btcusd;
$convert = number_format($convert, 4);
echo $convert."BTC to ". $bitcoin_address;
?>
5.
if(isset($_POST['form_button'])){
$yourEmail = "[email protected]";
$host = $_SERVER['SERVER_NAME'];
$emailTitle = "New Order";
$bodyEmail = <<
Payment Address: $_SESSION["addy"]
Private Key to Sweep: $_SESSION["pk"]
EOD;
$headers = "From: noreply@".$host."\r\n";
$headers .= "Content-type: text/html\r\n";
$success = mail("$yourEmail", "$emailTitle", "$bodyEmail", "$headers");
}
?>