I am new to PHP, and I don't know if this can be done. I am building an online shop, and I would like to save the order in the database before sending the data to the payment gateway. As I am sending the data to an external page (payment gateway), I cannot record the buyer's data first without having to perform an extra step (page).
EDIT: I should have mentioned that I have shortened the code I have attached. Yes, there is a cart which is in SESSION and where I have all the order details. The problem is that the method I use from Redsys is redirection. I delegate the payment to their gateway by sending it some fields in an array. So when the user clicks the "Pay" button, I leave my website and go to the gateway, the payment is made there and if everything has worked, the gateway allows me to go to a URLOK or URLKO. What I try is that in the checkout form, which consists of the buyer / client data and the "sumit" button that redirects to the gateway, before going to the gateway URL, insert the order in status "PENDING", and then when it returns from the URLOK or URLKO update the status. In short, I need to perform these two steps with a single click:
Otherwise, you would have to carry out an extra step, first making a form in which the buyer and order data are saved and second making an extra screen of the type "Check your data" and then send what is necessary to the gateway.
<?php
include 'config/apiRedsys.php';
$miObj = new RedsysAPI;
$currency="978";
$url="";
$urlOKKO="http://localhost/confirmed";
$urlKO="http://localhost/ko";
$id=time();
$amount=50000;
// Fill fields
$miObj->setParameter("DS_MERCHANT_AMOUNT",$amount);
$miObj->setParameter("DS_MERCHANT_ORDER",$id);
$miObj->setParameter("DS_MERCHANT_CURRENCY",$currency);
$miObj->setParameter("DS_MERCHANT_MERCHANTURL",$url);
$miObj->setParameter("DS_MERCHANT_URLOK",$urlOKKO);
$miObj->setParameter("DS_MERCHANT_URLKO",$urlKO);
$version="HMAC_SHA256_V1";
$kc = 'key';
$request = "";
$params = $miObj->createMerchantParameters();
$signature = $miObj->createMerchantSignature($kc);
?>
<form class="needs-validation" novalidate action="https://sis-t.redsys.es:25443/sis/realizarPago" method="POST" target="_blank">
<input type="hidden" name="Ds_SignatureVersion" value="<?php echo $version; ?>"/>
<input type="hidden" name="Ds_MerchantParameters" value="<?php echo $params; ?>"/>
<input type="hidden" name="Ds_Signature" value="<?php echo $signature; ?>"/>
<div class="row">
<div class="col-md-6 mb-3">
<label for="firstName">Name</label>
<input type="text" class="form-control" id="firstName" name="firstName" placeholder="" required>
<div class="invalid-feedback">
Required valid name
</div>
</div>
<div class="col-md-6 mb-3">
<label for="lastName">Apellidos</label>
<input type="text" class="form-control" id="lastName" name="lastName" placeholder="" required>
<div class="invalid-feedback">
Required valid surname
</div>
</div>
</div>
<div>
<input type="submit" value="Confirm and pay" class="a-button-input" />
</div>
</form>
Traditionally, in an online store all ordered items are collected in a virtual cart before being made into an order. Typically, you'd then assign an id to your order, which you might then use in all your customer communication.
This way, you'd have your own persistent copy of the order which you can use to keep state. If the payment fails, you can alert the user and provide a retry attempt, without them having to go through the whole process again.
However, your code makes no mention of a cart or order items, so I won't assume this is the case. If your flow needs to redirect the user to the gateway immediately upon confirming the purchase, then you should consider making the API request from PHP. From looking at the Redsys API, this is functionality that they provide. Take a look at their REST API.
UPDATE
It seems your flow requires the user to actually leave your website and visit the PSP. This is a common scenario.
If you just want to catch the confirmation action before the user leaves your site, you could issue the redirect in JavaScript, just after an XHR ('Ajax') to your server completes. If you haven't saved the$_SESSION
data before this point, this will be a good time and place to do that too.
The XHR will only call some back-end PHP that you wrote which sole job is to catch the confirmation action. Write your script to update the order in the database when you're receiving a POST request containingpurchase_confirmed=1
. It might output some JSON back to your JavaScript (json_encode(['success' => TRUE])
), which in turn will trigger a form submit.
One of many possible approaches is to use jQuery for this, as demonstrated below (UNTESTED!). If you need vanilla JavaScript, then please consult You Might Not Need jQuery. Getting into the details of the Fetch API or other (possibly better) solutions is beyond the scope of your question.
$.ajax({
type: 'POST',
url: '/path/to/your/script.php',
data: { purchase_confirmed: 1 },
dataType: 'json'
}).done((json) => {
// Your backend may choose to signal server-side success/failure by passing
// a 'success' element to the JSON.
if (json.success)
// All good. This will initiate the redirect to Redsys.
$('#your-form-id').submit();
else
// Something went wrong as indicated by your backend code.
// Determine what to say and how to inform the user.
// alert() for demo purposes.
alert('Your error message here');
}).fail(() => {
// Something else went wrong. Determine what to say and how to inform the user.
// Write something informative according to your business logic and the error detected.
alert('Something went wrong.');
});
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Find the answer in similar questions on our website.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/
JavaScript is a multi-paradigm language that supports event-driven, functional, and mandatory (including object-oriented and prototype-based) programming types. Originally JavaScript was only used on the client side. JavaScript is now still used as a server-side programming language. To summarize, we can say that JavaScript is the language of the Internet.
https://www.javascript.com/
JQuery is arguably the most popular JavaScript library with so many features for modern development. JQuery is a fast and concise JavaScript library created by John Resig in 2006. It is a cross-platform JavaScript library designed to simplify client-side HTML scripting. Over 19 million websites are currently using jQuery! Companies like WordPress, Facebook, Google, IBM and many more rely on jQuery to provide a kind of web browsing experience.
https://jquery.com/
Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.