Hello Dear Developers,
I am sorry if this thread gona bother you but i have googled around about the PHP Credit Card Processor tutorials but i could not find any good tutorial that can help me learning Credit Card processing.
I dont wan’t to ask for the pre-build code so i can use it but i want to learn how i can use the code and what this code is exactly doing. I am not here to ask somebody to do my job but i want to learn so please i wll be thankful if anybody would help me by way of guiding me about the PHP credit card processing, i will be grateful to him/her.
I imagine that processing credit cards would be the same as processing any other user input. The problem is communicating with the bank to order a funds transfer as you will *I guess* need a secure connection to the MasterCard or Visa server where you can submit all the details that they require. I wouldn’t know where to start, but have you looked for MasterCard or Visa server requests? Or credit card processing requirements? The PHP is easy (on your side) but it’s the communication which I believe you will require some approval or connection user name and password.
This is all speculation as I have never seen CC processor code, let alone thought about making my own! *Subscribing*
thank you for your reply sir. i have read about HTTPS/SSL and these are the secure services for the credit card processing the problem is what is doing what? i mean where i have to use my account number which services should i ask from the bank and if i have my master or visa card then how im going to use it. anything is easy only if you understand about it for examples only a variable declared in PHP ($abc_123) may be difficult to understand to those who have no idea about PHP variables. the same thing is with me. i never implemented or worked on credit card processing but i have seen alot of PHP scripts doing this but i want to learn and want to know what is going exactly with processing. copying and pasting is not dat u going to learn anything i will just solve ur problem and if u r going to change it then u can be in trouble with dat so dats y i want to know the functioning of all this process. i want to educate myself. i will be grateful for you if you would kindly provide me any help in this regard.
I have never implemented anything like this (it’s a pain to try this in my country), but I hear PayPal offers a good API for processing credit cards in many parts of the world.
Maybe you could try checking that out.
You say that you have seen lots of PHP code to do this? Do you still have that code? Because you (and I) do not want to reinvent the wheel, maybe you should try get some code to read through first.
Let me also say that making your own processing program has it’s downfalls as I am sure you already know. You do not have the responsibility (or atleast as much of it) if you just use a company like PayPal which specializes in this sort of stuff. I will not buy stuff from an internet company unless it offers PayPal or gives an account number, because I worry that the devloper has build the transaction processor themselves and have missed something or not made it as secure as they think it is. I don’t mean to discourage you but I think there are better things you can spend your time on.
If you can find some code (PayPal and other places), or even ask them for some resources (I doubt they will give you their code!) you can have a start. Because not many people have done this on their own (atleast who have not been paid) it will be difficult to tell you the logic in Mastercard/Visa communication.
Here’s how you process credit cards through a page on your site in general terms.
You have a secure page (HTTPS/SSL like you said). the encryption is done by the protocal, you just make sure the URL says https and not http
Your page collects the sensitive information, sends it to your credit card processor (no body creates their own processor, do not attempt this, you have to be a financial institution to do this with millions of dollars to back you up)
The processor (like PayPal or Authorize.net) gives you feedback about the authorization. Your page than reads this data and either displays a success page or a declined/failure page.
How do you do all this? fortunately for you the steps are easy as e-commerce sites are so common, this stuff is almost standardized. (I said /almost/ !)
1. Get a SSL certificate from a trust-worthy vendor (like Verisign)
2. Learn how to build a PHP form and also ensure the page redirects to https URL if the current url starts with http.
3. Get an account with a processor like PayPal that most people trust.
4. Read their documentation about their API (Application Program Interface) (usually XML). This is unique to each processor. You’re in luck because both PayPal and Authorize.net give you example PHP code to submit and parse their XML data.
5. Test, and Retest with sample credit cards or your own credit card. Test as if you’re a hacker and are trying to break the page.
You’re done! Make sure your site looks professional enough that people trust their money with such as displaying the Certification logo, SSL logo, PayPal/or your processor logo.
Again, nobody really writes code that talks directly to your bank. A merchant/processor needs to act as a middle-man.
Let me know if any questions, and guys please reply if you have additional information or if I’ve missed something,
After reading the whole thread it seems to me that u people are discussing about the Credit Card processing via Payment Gateway.
There are several payment gateways available for processing CC. How far I am concern these payment gateways never publish their code due to security reasons I hope. So its not easy to know how does they work. If you visit developer central of Paypal you will get a fair knowledge about how the gateway works. However these payment gateways provide a good API support so that you can process CC via these gateways from your site. Here one point you need to remember that the actual processing is never done in your site. All you need to do is to send some required information to a pre-specified URL via post method(most of the time). For this purpose sometimes you may require a SSL(HTTPS) or sometimes not. As for example, in Paypal as you don’t require to send the CC number so you can use normal HTTP. But in case of Authorize.net SSL is must as you need to accept a CC number in your site and send it to a specific script for processing.
After the processing done in payment gateway they provide information about the transaction different ways like sending authenticated token, XML data, email etc. They also provide different methods to get information about the transaction form the gateway.
So different Payment gateway provides their API support, all you can do is make a good knowledge about these APIs. This is the only way to work with Payment Gateways.