Initialize the Stripe Client
Before proceeding with payment processing, you need to initialize the Stripe client with your secret key. Add the following to your PHP script:
require 'vendor/autoload.php';
\Stripe\Stripe::setApiKey('your_secret_key');
Replace 'your_secret_key'
with your actual secret key from the Stripe dashboard.
Create a Payment Intent
To accept a payment, you first need to create a PaymentIntent
. This object represents the payment process and holds details such as the amount and currency.
header('Content-Type: application/json');
// Calculate payment amount
$amount = 5000; // Example: $50.00
$currency = 'usd';
$paymentIntent = \Stripe\PaymentIntent::create([
'amount' => $amount,
'currency' => $currency,
'payment_method_types' => ['card'],
]);
echo json_encode(['clientSecret' => $paymentIntent->client_secret]);
Integrate with the Frontend
Once you have the client secret, you'll use it in your frontend to confirm the payment. Include the Stripe.js library in your HTML and implement a form:
<script src="https://js.stripe.com/v3/"></script>
<form id="payment-form">
<div id="card-element"></div>
<button type="submit">Submit Payment</button>
</form>
<script>
const stripe = Stripe('your_publishable_key');
const elements = stripe.elements();
const cardElement = elements.create('card');
cardElement.mount('#card-element');
const form = document.getElementById('payment-form');
form.addEventListener('submit', async (event) => {
event.preventDefault();
const { error } = await stripe.confirmCardPayment('client_secret_from_server', {
payment_method: {
card: cardElement,
}
});
if (error) {
console.error(error);
} else {
console.log('Payment successful!');
}
});
</script>
Replace 'client_secret_from_server'
with the client secret returned from your PHP script, and 'your_publishable_key'
with your Stripe publishable key.
Handle Post-Payment Actions
Once the payment is successfully processed, you should perform any necessary post-payment actions. This might include updating order status in a database or sending confirmation emails.
if ($paymentSuccessful) {
// Example actions:
// Update order status in database
updateOrderStatus($orderId, 'paid');
// Send confirmation email
sendConfirmationEmail($orderId);
}
Ensure each function like updateOrderStatus()
and sendConfirmationEmail()
is properly defined and operates securely.
Ensure Error Handling and Security
Implement comprehensive error handling to manage issues such as network errors, declined cards, or fraud detection.
Sanitize all inputs and properly handle exceptions to avoid security vulnerabilities such as SQL injection. Use prepared statements for database operations.
Stripe API offers robust tools to manage payments in PHP. By following these steps thoughtfully, and integrating with proper checks and actions, you ensure a seamless payment flow and a positive user experience.