How to Integrate Stripe Payment Gateway in PHP
Integrating payments with Stripe is easy. You would need a quick registration on http://www.stripe.com, after which you can use the test version of the Stripe API until your web app is deployed and the live version afterwards. Stripe is responsible for processing and keeping clients’ credit/debit card data so no information of essence would be stored on your server and you would not have to comply with all the rules that come with storing credit/debit cards.
Let’s start integration:
Step 1.
Create account on https://dashboard.stripe.com/register.
Step 2.
Now login to your account and go to Account Settings -> API Keys.
Step 3.
Edit charge.php file and replace with your Secret Key
|
1
2
3
4
5
6
7
8
9
10
|
try {
require_once(‘Stripe/lib/Stripe.php’);
Stripe::setApiKey(“secret_key_here”); //Replace with your Secret Key
$charge = Stripe_Charge::create(array(
“amount” => 1500,
“currency” => “usd”,
“card” => $_POST[‘stripeToken’],
“description” => “Charge for Facebook Login code.”
));
|
Edit index.php file and replace with your Publishable Key
|
1
2
3
4
5
6
7
8
|
<script
src=“https://checkout.stripe.com/checkout.js” class=“stripe-button”
data-key=“<em>publishable_key_here</em>” // Replace with your Publishable key
data-image=“favicon.png”
data-name=“PHPGang”
data-description=“Download Script ($15.00)”
data-amount=“1500”>
</script>
|
The test version does not entail actual transfer of funds and you can teste transfer if you have set up everything necessary to charge a customer by entering the following credit card number: 4242424242424242.
The only thing you would have to worry is Man-in-the-middle attacks and that is why Stripe highly recommends using HTTPS but no data about a card will be stored in your server.
First, we create a basic static web page and create a form that includes a script from Stripe (Checkout.js).
This script will create a button which when clicked would urge the users to enter an email, credit/debit card number and optionally choose to remember them.
We also set several variables.
Data-key would hold your publishable key, data-image would hold a link to your company’s logo, data-name would hold the company’s name and data-description – the description of the product being bought. Data-image, data-name and data-description will be shown when users click on the button created by Checkout.js and will make the modal feel like customers are in your site (they are optional but highly recommended).
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
<!DOCTYPE html>
<html lang=“en”>
<head>
<meta charset=“UTF-8”>
<title>Payments using Stripe</title>
</head>
<body>
<h1>Buy Facebook login Script</h1>
<p>Price: 15.00$</p>
<p>Name: How to Login with Facebook Graph API in PHP</p>
<form action=“charge.php” method=“POST”>
<script
src=“https://checkout.stripe.com/checkout.js” class=“stripe-button”
data-key=“publishable_key_here” // your publishable keys
data-image=“logo.png” // your company Logo
data-name=“PHPGang.com”
data-description=“Download Script ($15.00)”
data-amount=“1500”>
</script>
</form>
</body>
</html>
|
Here is an image of the modal that this code displays:
When the users fill out the modal and click on “Pay …” they will be redirected to the action attribute of the form, which is “charge.php” in this case. Thus, in charge.php we will actually retrieve 15$ from the client’s card. When redirecting to the form’s action attribute you would have two variables that you could use -> $_POST[‘stripeEmail’] (you could use it to send an email to the customer after a purchase or whatever) and $_POST[‘stripeToken’](which is used for retrieving funds from the customer in the script displayed after form submission). Of course, this is considering our form’s method attribute is set to POST.
Note that the last two digits of data-amount are actually the cents. 1500 is equal to $15.00 and 15000 is equal to $150.00.
In the script responsible for changing, we load the Stripe library which is available in download code or it could be downloaded at: https://github.com/stripe/stripe-php/releasesor set up using Composer: https://stripe.com/docs/libraries.
|
1
|
require_once(‘Stripe/lib/Stripe.php’);
|
Afterwards we set our secret API key using the static method setApiKey of the Stripe class:
|
1
|
Stripe::setApiKey(“secret_key_here”);
|
Afterwards, we actually charge the customer 15.00 bucks:
We set up a try and catch block. In the try block we attempt to charge the customer:
|
1
2
3
4
5
6
|
$charge = Stripe_Charge::create(array(
“amount” => 1500,
“currency” => “usd”,
“card” => $_POST[‘stripeToken’],
“description” => “Charge for Facebook Login code.”
));
|
We tell Stripe the currency we want the 15.00 bucks to be in, we give the token received from the Checkout.js script when the user entered his data and provide a description of the charge.
Now, we are done and could execute any code that we want executed after a purchase has been made,we just place it below the $charge variable, it will be executed only if the payment has been successful. (no exceptions were thrown when charging)
Here is the whole charge.php file:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<?php
//let’s say each article costs 15.00 bucks
try {
require_once(‘Stripe/lib/Stripe.php’);
Stripe::setApiKey(“secret_key_here”); //Replace with your Secret Key
$charge = Stripe_Charge::create(array(
“amount” => 1500,
“currency” => “usd”,
“card” => $_POST[‘stripeToken’],
“description” => “Charge for Facebook Login code.”
));
//send the file, this line will be reached if no error was thrown above
echo “<h1>Your payment has been completed. We will send you the Facebook Login code in a minute.</h1>”;
//you can send the file to this email:
echo $_POST[‘stripeEmail’];
}
//catch the errors in any way you like
catch(Stripe_CardError $e) {
}
catch (Stripe_InvalidRequestError $e) {
// Invalid parameters were supplied to Stripe’s API
} catch (Stripe_AuthenticationError $e) {
// Authentication with Stripe’s API failed
// (maybe you changed API keys recently)
} catch (Stripe_ApiConnectionError $e) {
// Network communication with Stripe failed
} catch (Stripe_Error $e) {
// Display a very generic error to the user, and maybe send
// yourself an email
} catch (Exception $e) {
// Something else happened, completely unrelated to Stripe
}
?>
|
Here is what happens when a payment has been successful:
