我使用这个PHP代码错了吗? (使用Stripe)
[英]Am I using this PHP code wrong? (working with Stripe)
问题描述
I'm using Stripe for a payment gateway. 
我正在使用Stripe作为支付网关。 I can successfully obtain a card's "token" as Stripe calls it, which is explained here: https://stripe.com/docs/checkout#api Good to go with that. 我可以成功获得卡片的“令牌”,因为Stripe称之为“令牌”,这里有解释: https : //stripe.com/docs/checkout#api很高兴能够使用它。 I successfully receive the token in my stripe dashboard. 我在条带仪表板中成功收到了令牌。 Now what I need to do is actually charge that card(token). 现在我需要做的是实际收取该卡(令牌)。 Here is how they put it: "You've got your user's credit card details, now what? Now you charge them money. This happens on your server, and the fastest way to do it is by using one of our client libraries." 以下是他们如何说:“你已经获得了用户的信用卡详细信息,现在是什么?现在你向他们收取费用。这种情况发生在您的服务器上,最快的方法就是使用我们的客户端库。” Well they supply the php needed right on that page: 那么他们在该页面上提供所需的php:
// Set your secret key: remember to change this to your live secret key in production
// See your keys here https://manage.stripe.com/account
Stripe::setApiKey("sk_test_68YYnDTKPzcxxRZbkxEJtOVq");
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
// Create the charge on Stripe's servers - this will charge the user's card
try {
$charge = Stripe_Charge::create(array(
"amount" => 1000, // amount in cents, again
"currency" => "usd",
"card" => $token,
"description" => "payinguser@example.com")
);
} catch(Stripe_CardError $e) {
// The card has been declined
}
You can see exactly how they explain it here: https://stripe.com/docs/tutorials/charges 你可以在这里看到他们如何解释它们: https : //stripe.com/docs/tutorials/charges
Here is where things go wrong. 这是出问题的地方。 1) Where in this code actually pinpoints what card to charge?! 1)这段代码中的哪些地方确实指出要充电的卡?! I have the card's token ID number in my private dashboard. 我的私人信息中心中有卡的令牌ID号。 I now need to charge it, but this code doesn't say anything about the card. 我现在需要充电,但这段代码没有说明卡片的任何内容。 The only spot I see is: 我看到的唯一一点是:
$token = $_POST['stripeToken'];
'stripeToken' do I put in the card's ID number here? 'stripeToken'我在这里输入卡的身份证号码吗?
2)I've created a simple page to run this with: 2)我创建了一个简单的页面来运行它:
<div id="payment">
<form action="charge-cards.php">
<?php require 'Stripe.php';?>
<input type="submit">
</form>
</div><!--end payment-->
"charge-cards.php" is the code at the top provided by Stripe. “charge-cards.php”是Stripe提供的顶部代码。 When I click submit, I get the follow error: 当我点击提交时,我收到以下错误:
Fatal error: Class 'Stripe' not found in /home/preemin/public_html/fun.dit /testing/charge-cards.php on line 5
Can anyone see what I"m doing wrong? Thanks! 谁能看到我做错了什么?谢谢!
2 个解决方案
解决方案1
16 2013-04-12 16:32:47
I think it's worthwhile to take a step back and review the basics. 我认为退一步并审查基础知识是值得的。 First, in order to provide a secure credit card transaction, and to ensure PCI compliance, Stripe has provided a javascript library that encrypts and transmits the sensitive credit card data. 首先,为了提供安全的信用卡交易,并确保PCI合规性,Stripe提供了一个加密和传输敏感信用卡数据的JavaScript库。 They provide an example form 它们提供了一个示例表单
Make careful note of the fact that the form has no submit action. 请仔细注意表单没有提交操作的事实。 Also pay special attention to the fact that none of the sensitive card fields have a name attribute. 还要特别注意这些敏感卡片字段都没有name属性。 This form should never be submitted via any way other than the secure method they have provided. 除了他们提供的安全方法之外, 不得以任何方式提交此表单。 To try to do so opens you up to liability. 试图这样做会让您承担责任。
When you submit that form, using the js class they have provided (see Step 2 ), it gives you back a card token, which you say you already have. 当您提交该表单时,使用他们提供的js类(请参阅步骤2 ),它会返回一个卡片令牌,您说您已经拥有该令牌。 You can store that card token in your database without any security issues -- it's just an arbitrary number that means nothing to a hacker. 您可以将该卡令牌存储在数据库中而不会出现任何安全问题 - 它只是一个任意数字,对黑客来说没有任何意义。
Once you have that token, you have two options: 拥有该令牌后,您有两种选择:
- use it immediately to make a one-time charge, or 立即使用它来进行一次性充电,或者
- store it and create a customer object that you can charge multiple times. 存储它并创建一个可以多次充电的客户对象。
What you need to realize is that Stripe does NOT store that card token! 您需要意识到Stripe不存储该卡令牌! If you lose it, you can't get it back. 如果你失去它,你就无法取回它。 You have to generate a new one. 你必须生成一个新的。 Also, the only way you can use it for multiple charges is to create a customer object . 此外, 您可以将其用于多次收费的唯一方法是创建客户对象 。 In other words, UNLESS you store it on a customer object, it's only good for a single charge. 换句话说,除非您将其存储在客户对象上,否则只需一次充电即可。 So if you charge against it before attaching it to a customer object, it's no longer valid . 因此, 如果您在将其附加到客户对象之前对其收费,则它不再有效 。
Now back to the basics again, as IOIO MAD described, there are two things you must do at the top of any php file that you want to call a Stripe method from: 现在再回到基础知识,正如IOIO MAD所描述的那样,你必须在任何你要调用Stripe方法的php文件的顶部做两件事:
- include the Stripe php library 包括Stripe php库
- set the secret key 设置密钥
The only time the public key is used is when you're making that javascript call to submit the card form. 使用公钥的唯一时间是当您进行javascript调用以提交卡表单时。
If you want to charge the card immediately, you have to turn right around and make a call back to the server, sending the card hash that you just got back. 如果您想立即为卡充电,您必须右转并回拨服务器,发送您刚回来的卡片哈希。 You might do this with ajax, or by sticking it in a form field that you then post. 您可以使用ajax执行此操作,或者将其粘贴到随后发布的表单字段中。 Step 3 shows you one way you might do this. 第3步向您展示了一种可能的方法。
But lets assume that you want to do other things before actually charging the card. 但我们假设您在实际为卡充电之前想要做其他事情。 To expand on your example, lets say I have collected my customer's card on one page, then on my checkout page, I want to submit the charge: 为了扩展您的示例,假设我已经在一个页面上收集了我的客户卡,然后在我的结帐页面上,我想提交费用:
<?php
require('path/to/Stripe.php'); // MUST be done before any Stripe:: call
Stripe::setApiKey("sk_test_mkGsLqEW6SLnZa487HYfJVLf");
// retrieve stored card hash. Could have got it to this page in any number of
// ways, including: stored in cookie, stored in session, stored in database.
// Let's assume stored in session for sake of simplicity of example
$cardHash = $_SESSION['stripeToken'];
?>
<div id="payment">
<form action="charge-cards.php">
<?php require 'Stripe.php';?>
<input name="stripeToken" type="hidden" value="<?= $cardHash ?>" />
<input type="submit">
</form>
</div>
When this form is submitted, charge-cards.php will get the $cardHash from the $_POST variable, whereupon you're going to follow the example given by Stripe : 提交此表单时,charge-cards.php将从$_POST变量获取$cardHash ,然后您将按照Stripe给出的示例 :
<?php
require('path/to/Stripe.php'); // MUST be done before any Stripe:: call
Stripe::setApiKey("sk_test_mkGsLqEW6SLnZa487HYfJVLf");
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
// Create the charge on Stripe's servers - this will charge the user's card
try {
$charge = Stripe_Charge::create(array(
"amount" => 1000, // amount in cents, again
"currency" => "usd",
"card" => $token,
"description" => "payinguser@example.com")
);
} catch(Stripe_CardError $e) {
// The card has been declined
}
?>
If you're still having problems, employ proper debugging skills to check whether or not your $_POST variable contains a card hash. 如果您仍然遇到问题,请使用适当的调试技巧来检查$ _POST变量是否包含卡片哈希。 If all else fails, contact Stripe customer support. 如果一切都失败了,请联系Stripe客户支持。 Their API is top-notch, as is their documentation and support. 他们的API是一流的,他们的文档和支持也是如此。
EDIT 4/15/13 OP is using the quick checkout method and using custom buttons. 编辑4/15/13 OP正在使用快速结账方法并使用自定义按钮。 Most of the above still applies. 以上大部分仍然适用。
The code outlined in the Custom Buttons section assigns a click handler to the custom button, which returns a callback function that when executed, appends a hidden input to a form, assigns the stripeToken to that field, and submits the form. 自定义按钮部分中列出的代码为自定义按钮分配了一个单击处理程序,该按钮返回一个回调函数,该函数在执行时将隐藏的输入附加到表单,将stripeToken指定给该字段,然后提交表单。 Just before the form is submitted, console.log or alert the stripeToken to make sure you have a legitimate value: 在提交表单之前,console.log或提醒stripeToken以确保您具有合法的值:
$('#customButton').click(function(){
var token = function(res){
var $input = $('<input type=hidden name=stripeToken />').val(res.id);
// alert the value of stripeToken
alert('stripeToken = ' + res.id);
$('form').append($input).submit();
};
This would be used in conjunction with this: 这将与此一起使用:
<form action="/charge" method="post">
<script src="https://checkout.stripe.com/v2/checkout.js" class="stripe-button"
data-key="pk_test_yourprivatekeyhere"></script>
</form>
So what should happen is after the user presses the checkout button, the form should have a hidden input field named 'stripeToken' which contains the token value. 所以应该发生的是在用户按下checkout按钮之后,表单应该有一个名为'stripeToken'的隐藏输入字段,其中包含标记值。 You can get that token from the form and submit it later. 您可以从表单中获取该令牌并在以后提交。 Alternatively, you can listen on the 'token' event, which will be bound to your button: 或者,您可以收听“令牌”事件,该事件将绑定到您的按钮:
jQuery(function($){
var $button = $('#customButton');
$button.on('token', function(e, token){
$button.after('<hr /><p>Your Stripe token is: <strong>' + token.id + '</strong></p>');
});
});
DISCLAIMER: I haven't used the simple checkout method yet. 免责声明:我还没有使用简单的结账方法。 This code is not tested 此代码未经过测试
解决方案2
2 2013-04-12 02:20:20
i think may be you are missing some "include" , Class 'Stripe' not found means that the PHP File consisting of Class 'Stripe' haven't included before the call@ 我想可能你错过了一些“包含”, Class 'Stripe' not found意味着在调用@之前没有包含Class'Stripe'的PHP文件
Note : A PHP >= 5.2 environment is required 注意:需要PHP> = 5.2环境
Download The Stripe PHP library 下载Stripe PHP库
Extract it to your HOME! 把它提取到你的家!
Let's create a file called config.php, where we're going to set up some initial configuration. 让我们创建一个名为config.php的文件,我们将在其中设置一些初始配置。
<?php
require_once('./lib/Stripe.php');
$stripe = array(
"secret_key" => "sk_test_mkGsLqEW6SLnZa487HYfJVLf",
"publishable_key" => "pk_test_czwzkTp2tactuLOEOqbMTRzG"
);
Stripe::setApiKey($stripe['secret_key']);
?>
Then at your Code file ABOVE (assumes yours.php) 然后在您的代码文件ABOVE(假设yours.php)
include "config.php";
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
//rest as you go!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.