I'm using Stripe for a payment gateway. I can successfully obtain a card's "token" as Stripe calls it, which is explained here: https://stripe.com/docs/checkout#api
Good to go with that. I successfully receive the token in my stripe dashboard. Now what I need to do is actually charge that card(token). Here is how they put it: "You've got your user's credit card details, now what? Now you charge them money. This happens on your server, and the fastest way to do it is by using one of our client libraries." Well they supply the php needed right on that page:
// Set your secret key: remember to change this to your live secret key in production
// See your keys here https://manage.stripe.com/account
Stripe::setApiKey("sk_test_68YYnDTKPzcxxRZbkxEJtOVq");
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
// Create the charge on Stripe's servers - this will charge the user's card
try {
$charge = Stripe_Charge::create(array(
"amount" => 1000, // amount in cents, again
"currency" => "usd",
"card" => $token,
"description" => "payinguser#example.com")
);
} catch(Stripe_CardError $e) {
// The card has been declined
}
You can see exactly how they explain it here: https://stripe.com/docs/tutorials/charges
Here is where things go wrong.
1) Where in this code actually pinpoints what card to charge?! I have the card's token ID number in my private dashboard. I now need to charge it, but this code doesn't say anything about the card. The only spot I see is:
$token = $_POST['stripeToken'];
'stripeToken' do I put in the card's ID number here?
2)I've created a simple page to run this with:
<div id="payment">
<form action="charge-cards.php">
<?php require 'Stripe.php';?>
<input type="submit">
</form>
</div><!--end payment-->
"charge-cards.php" is the code at the top provided by Stripe. When I click submit, I get the follow error:
Fatal error: Class 'Stripe' not found in /home/preemin/public_html/fun.dit /testing/charge-cards.php on line 5
Can anyone see what I"m doing wrong? Thanks!
I think it's worthwhile to take a step back and review the basics. First, in order to provide a secure credit card transaction, and to ensure PCI compliance, Stripe has provided a javascript library that encrypts and transmits the sensitive credit card data. They provide an example form
Make careful note of the fact that the form has no submit action. Also pay special attention to the fact that none of the sensitive card fields have a name attribute. This form should never be submitted via any way other than the secure method they have provided. To try to do so opens you up to liability.
When you submit that form, using the js class they have provided (see Step 2), it gives you back a card token, which you say you already have. You can store that card token in your database without any security issues -- it's just an arbitrary number that means nothing to a hacker.
Once you have that token, you have two options:
use it immediately to make a one-time charge, or
store it and create a customer object that you can charge multiple times.
What you need to realize is that Stripe does NOT store that card token! If you lose it, you can't get it back. You have to generate a new one. Also, the only way you can use it for multiple charges is to create a customer object. In other words, UNLESS you store it on a customer object, it's only good for a single charge. So if you charge against it before attaching it to a customer object, it's no longer valid.
Now back to the basics again, as IOIO MAD described, there are two things you must do at the top of any php file that you want to call a Stripe method from:
include the Stripe php library
set the secret key
The only time the public key is used is when you're making that javascript call to submit the card form.
If you want to charge the card immediately, you have to turn right around and make a call back to the server, sending the card hash that you just got back. You might do this with ajax, or by sticking it in a form field that you then post. Step 3 shows you one way you might do this.
But lets assume that you want to do other things before actually charging the card. To expand on your example, lets say I have collected my customer's card on one page, then on my checkout page, I want to submit the charge:
<?php
require('path/to/Stripe.php'); // MUST be done before any Stripe:: call
Stripe::setApiKey("sk_test_mkGsLqEW6SLnZa487HYfJVLf");
// retrieve stored card hash. Could have got it to this page in any number of
// ways, including: stored in cookie, stored in session, stored in database.
// Let's assume stored in session for sake of simplicity of example
$cardHash = $_SESSION['stripeToken'];
?>
<div id="payment">
<form action="charge-cards.php">
<?php require 'Stripe.php';?>
<input name="stripeToken" type="hidden" value="<?= $cardHash ?>" />
<input type="submit">
</form>
</div>
When this form is submitted, charge-cards.php will get the $cardHash from the $_POST variable, whereupon you're going to follow the example given by Stripe:
<?php
require('path/to/Stripe.php'); // MUST be done before any Stripe:: call
Stripe::setApiKey("sk_test_mkGsLqEW6SLnZa487HYfJVLf");
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
// Create the charge on Stripe's servers - this will charge the user's card
try {
$charge = Stripe_Charge::create(array(
"amount" => 1000, // amount in cents, again
"currency" => "usd",
"card" => $token,
"description" => "payinguser#example.com")
);
} catch(Stripe_CardError $e) {
// The card has been declined
}
?>
If you're still having problems, employ proper debugging skills to check whether or not your $_POST variable contains a card hash. If all else fails, contact Stripe customer support. Their API is top-notch, as is their documentation and support.
EDIT 4/15/13
OP is using the quick checkout method and using custom buttons. Most of the above still applies.
The code outlined in the Custom Buttons section assigns a click handler to the custom button, which returns a callback function that when executed, appends a hidden input to a form, assigns the stripeToken to that field, and submits the form. Just before the form is submitted, console.log or alert the stripeToken to make sure you have a legitimate value:
$('#customButton').click(function(){
var token = function(res){
var $input = $('<input type=hidden name=stripeToken />').val(res.id);
// alert the value of stripeToken
alert('stripeToken = ' + res.id);
$('form').append($input).submit();
};
This would be used in conjunction with this:
<form action="/charge" method="post">
<script src="https://checkout.stripe.com/v2/checkout.js" class="stripe-button"
data-key="pk_test_yourprivatekeyhere"></script>
</form>
So what should happen is after the user presses the checkout button, the form should have a hidden input field named 'stripeToken' which contains the token value. You can get that token from the form and submit it later. Alternatively, you can listen on the 'token' event, which will be bound to your button:
jQuery(function($){
var $button = $('#customButton');
$button.on('token', function(e, token){
$button.after('<hr /><p>Your Stripe token is: <strong>' + token.id + '</strong></p>');
});
});
DISCLAIMER: I haven't used the simple checkout method yet. This code is not tested
i think may be you are missing some "include" , Class 'Stripe' not found means that the PHP File consisting of Class 'Stripe' haven't included before the call#
Note : A PHP >= 5.2 environment is required
Download The Stripe PHP library
Extract it to your HOME!
Let’s create a file called config.php, where we’re going to set up some initial configuration.
<?php
require_once('./lib/Stripe.php');
$stripe = array(
"secret_key" => "sk_test_mkGsLqEW6SLnZa487HYfJVLf",
"publishable_key" => "pk_test_czwzkTp2tactuLOEOqbMTRzG"
);
Stripe::setApiKey($stripe['secret_key']);
?>
Then at your Code file ABOVE (assumes yours.php)
include "config.php";
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
//rest as you go!
Related
Here is theSDK of youcanpay payment gateway https://github.com/NextmediaMa/youcan-payment-php-sdk
I have followed the documentation described in the above link. And the payment form is displaying fine but I need to generate a token to proceed with the payments. But in the token generating step php not able to find youcanpay class intances which is used as static method
YouCanPay::setIsSandboxMode(true);. I simply want to be sure I didn't do anything wrong. May be there was an issue with my folder structure here it's screenshot https://i.imgur.com/uqdXgmr.png. Or I have to change php namcspace? use YouCan\Pay\YouCanPay;
Form display HTML
<div id="error-container"></div>
<div id="payment-card"></div>
<button id="pay">Pay</button>
** php **
use YouCan\Pay\YouCanPay;
class ExamplePayment
{
/**
* Return a token to make payment for an order, this token is required to make payment with JS script.
*
* #return string
*/
public function createToken()
{
// Enable sandbox mode, otherwise delete this line.
YouCanPay::setIsSandboxMode(true);
// Create a YouCan Pay instance, to retrieve your private and public keys login to your YouCan Pay account
// and go to Settings and open API Keys.
$youCanPay = YouCanPay::instance()->useKeys('pri_sandbox_56cfe571-f671-42a6-a231-d58ec', 'pub_sandbox_a62be70f-d585-4e88-9c5b-563f2');
// $youCanPay = YouCanPay::instance()->useKeys('pri_sandbox_56cfe571-f671-42a6-a231-d58ec', 'pub_sandbox_a62be70f-d585-4e88-9c5b-563f2');
// Data of the customer who wishes to make this purchase.
// Please keep these keys.
// Create the order you want to be paid
$token = $youCanPay->token->create(
// String orderId (required): Identifier of the order you want to be paid.
"order-id",
// Integer amount (required): The amount, Example: 25 USD is 2500.
"2000",
// String currency (required): Uppercase currency.
"USD",
// String customerIP (required): Customer Address IP.
"175.107.236.174",
// String successUrl (required): This URL is returned when the payment is successfully processed.
"https://smmpanelauto.com/orders-status/success",
// String errorUrl (required): This URL is returned when payment is invalid.
"https://smmpanelauto.com/orders-status/error"
);
echo $token->getId();
}
}
********** JS Code **********
<script type="text/javascript">
// Create a YouCan Pay instance.
const ycPay = new YCPay('pub_sandbox_a62be70f-d585-4e88-9c5b-563f2', {
formContainer: '#payment-card',
locale: 'en',
isSandbox: true,
errorContainer: '#error-container',
// token: 'token_x6gf0_....'
});
// render the form
ycPay.renderCreditCardForm();
// start the payment on button click
var el = document.getElementById('pay');
if(el){
<?php
$a = new ExamplePayment;
?>
el.addEventListener('click', function(){
// execute the payment
ycPay.pay("<?php $a->createToken(); ?>") //using token
.then(successCallback)
.catch(errorCallback);
});
}
function successCallback(response) {
console.log(rsponse);
}
function errorCallback(response) {
console.log(rsponse);
}
</script>
When I use <?php $a->createToken(); ?> the form is not showing. otherwise. it's shows the following error There are invalid fields in your request, please verify your inputs and try again But all inputs are filled.
When you call the createToken() method it causes the PHP fatal error, and the server responds with 500 HTTP status or the blank page. To see the exact error you may check the logs, of for the dev environment just add these lines in the beginning of the PHP code:
error_reporting(E_ALL);
ini_set('display_errors', 1)
So that all the PHP errors are sent to the output and displayed ob the page.
Looking into the file structure I assume all the PHP/HTML/JS code is located in the single index.php file. So make sure the YouCanPay SDK's file are included, i.e. you should have the line like this in the beginning if the file (or anywhere before teh actual usage of the YouCanPay class):
require_once 'vendor/autoload.php';
I am working on Square payment gateway and I created three steps creating a customer, creating a card, and then making a payment.
$create_customer_request = new \Square\Models\CreateCustomerRequest();
$address = new \Square\Models\Address();
$address->setAddressLine1($ship_address);
$address->setPostalCode($_POST['ship_postcode']);
$address->setCountry('US');
$create_customer_request->setGivenName($_POST['f_name']);
$create_customer_request->setFamilyName($_POST['f_name']);
$create_customer_request->setEmailAddress($_POST['email']);
$create_customer_request->setAddress($address);
$create_customer_request->setPhoneNumber($_POST['phone']);
$create_customer_request->setReferenceId($_POST['f_name']."-customer-".rand(10,15));
$create_customer_request->setNote('A customer');
$custcreateapiResponse = $client->getCustomersApi() >createCustomer($create_customer_request);
$custcreateapiResponse->isSuccess();
$_SESSION['temp_customer_id'] = $cust_res->getCustomer()->getId();
creating a card request
$body_card = new \Square\Models\CreateCustomerCardRequest($_POST['nonce']);
$card_api_response = $client->getCustomersApi()->createCustomerCard($_SESSION['temp_customer_id'], $body_card);
making a payment
$payments_api = $client->getPaymentsApi();
$money->setAmount(10);
$money->setCurrency('USD');
$pay_body = new \Square\Models\CreatePaymentRequest($_POST['nonce'],uniqid(),$money);
$pay_body->setCustomerId($_SESSION['temp_customer_id']);
$response = $client->getPaymentsApi()->createPayment($pay_body);
The issue I am having right now, I need to make two requests with the Nonce token but the system doesn't allow me to do it for the Square payment gateway. Don't know what to do now, Any kind of help will be appreciated. Pardon me for any mistakes here.
I tried many solutions from the internet but none of them work for me, so I try logic by myself. I know it's not a good approach, however, it works for me
in payment form, I create another hidden field
<input type="hidden" id="card-nonce-1" name="nonce1">
create a new function in sq-payment-form.js
function onGetCardNoncesecond(event) {
event.preventDefault();
paymentForm.requestCardNonce();
}
and put the value in a hidden field and submit and use it. Any suggestion would be appreciated for the betterment.
I'm using PayPal and want to add the payment method SEPA on my current website.
Here are some examples I have followed:
https://developer.paypal.com/docs/checkout/integration-features/standalone-buttons/#funding-sources
https://demo.paypal.com/de/demo/go_platform/pcRestServerV2/paymentOptions
So basically I'm not getting SEPA button as displayed here on above 2nd link.
Here is my code that helps you to identify what I'm doing wrong.
var FUNDING_SOURCES = [
paypal.FUNDING.PAYPAL,
paypal.FUNDING.VENMO,
paypal.FUNDING.CREDIT,
paypal.FUNDING.CARD,
paypal.FUNDING.SEPA,
];
FUNDING_SOURCES.forEach(function(fundingSource) {
// Initialize the buttons
var button = paypal.Buttons({
fundingSource: fundingSource
});
// Check if the button is eligible
if (button.isEligible()) {
// Render the standalone button for that funding source
button.render('#paypalCheckoutContainer');
}
});
Is there a reason you are checking for and rendering particular funding sources? You can let PayPal handle that automatically instead of a forEach loop. Basically, use the simpler code at; https://developer.paypal.com/demo/checkout/#/pattern/client
If you are not located in a country that defaults to showing SEPA, add &buyer-country=DE to the SDK script query string line when testing in sandbox mode. Only do this for testing other countries in sandbox mode, it is not a valid parameter in live. The buyer's country will be auto detected in live.
I have a pricing table that includes 3 plans with different prices.
I'm trying to charge the user the amount related to the plan they select. Is there a way to dynamically fetch the amount on the server side using PHP when the user selects a plan and the form is submitted? I'm not sure how to pass the dollar amount safely and charge them.
Edit: added PHP code
Here is the PHP i'm working with which pulls the dollar amount from the form which is inside a value. eg. "value='20'. My problem with the current setup is anyone can change that value.
<?php
require 'lib/Stripe.php';
if ($_POST) {
Stripe::setApiKey("insert_key_here");
try {
if (empty($_POST['email']))
throw new Exception("Fill out all required fields.");
if (!isset($_POST['stripeToken']))
throw new Exception("The Stripe Token was not generated correctly");
Stripe_Charge::create(array("amount" => $_POST['posted'] * 100,
"currency" => "usd",
"card" => $_POST['stripeToken'],
"description" => $_POST['email']));
$success = '<div class="alert alert-success">
<strong>Success!</strong> Your payment was successful.
</div>';
}
}
?>
I would recommend passing a an additional <input type="hidden">-field or a drop-down along with your form that contains the tier name. This can map to an enumeration (or map) on your backend that has the actual amounts associated with each tier. Then you don't run the risk of someone screwing with your Javascript and changing what they have to pay.
I implement the example from facebook credits, and create an test app, added the callback.php in the Callback Url, place my keys correctly. but I get this error:
Sorry, but we're having trouble processing your payment. You have not been charged for this transaction. Please try again.
I am trying to create a few buttons with different monetary values. Like:
Click to get 100 credits
Click to get 1000 credits
If I use this generic code, I get the payment window just fine, but I can't see my products there, I can only choose from already made presets :
function buyMore(){
// calling the API ...
var obj = {
app_id: 'xxxxxxxxxxxxxxxxxxxxx',
method: 'pay',
order_info: n,
purchase_type: 'item',
credits_purchase: true
};
to show the user my monetary presets I think I need to pass different values to the function:
<p><a onclick="buyMore('100'); return false;">Buy More Credits 100</a></p>
<p><a onclick="buyMore('1000'); return false;">Buy More Credits 1000</a></p>
function buyMore(price) {
var order_info = {
"title":'title',
"description":'description',
"price":price,
"image_url":'http://....img_url',
"product_url":'http://....product_url'
};
// calling the API ...
var obj = {
app_id: '153230661424821',
method: 'pay',
order_info: order_info,
purchase_type: 'item'
};
}
Not sure if I got it right.
Can anyone push me in the right direction?
Yeah, you'll have to have your users select the item they want to purchase, which will then call the buyMore function to have them confirm their purchase via the Credits dialog (like you're doing in your second example).
First thing I'd do is check my Credits setting in the Developer app though. I've gotten that error before on a new app before realizing I'd forgotten to set my credits callback URL or set my user as a Credits test user.
Why are you asking the user to buy a set number of credits?
Surely it's an easier flow if you ask the user to buy an item (priced in credits) and Facebook handles the step of the user buying the necessary credits themselves?