Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / Languages / PHP

PayFlowPro Hosted Checkout Pages in PHP

5.00/5 (2 votes)
26 Jun 2016CPOL3 min read 41K  
PayFlowPro Hosted Checkout page is a payment service from PayPal that helps you meet PCI compliance.

This article appears in the Third Party Products and Tools section. Articles in this section are for the members only and must not be used to promote or advertise products in any way, shape or form. Please report any spam or advertising.

Introduction

PayFlowPro Hosted Checkout Page is a payment service from PayPal. This article explains steps to implement this payment service in PHP website.

Background

If you are implementing payment system in your website, it is your responsibility to adhere to PCI compliance standards to protect personal information and implement security safeguards on your website when processing payment card transactions.

PayFlowPro Hosted Checkout Page helps you to meet PCI compliance. It does payment in PayPal page which is outside your website. So you are not needed to collect payment related information like Credit card number, Expiry Date, etc., from customer in your website.

Using the code

Creating PayFlowPro account

Click here to register PayFlowPro account or visit URL https://registration.paypal.com/welcomePage.do

Once account created, you need to configure Hosted Checkout page. Refer the document https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1493&viewlocale=en_US&direct=en, it contains complete information of creating PayFlowPro sandbox account and to configure Hosted Checkout Page.

Payment service in PHP

Following are the steps to do payment using PayFlowPro Hosted Checkout page

  1. Submit payment information to PayFlowPro and get security key
  2. Redirect page to Hosted Checkout Page
  3. Collect payment response from PayFlowPro

Submit payment information to PayFlowPro

Before initiating payment process, we need to submit payment information to PayFlowPro. PayFlowPro provided parameters to pass this values.

Prepare input parameters as array

PHP
$parameters = array();
$parameters['AMT'] = '100';
$parameters['CURRENCY'] = 'USD';
$parameters['FIRSTNAME'] = '***';
$parameters['LASTNAME'] = '***';
$parameters['PHONENUM'] = '***';
$parameters['EMAIL'] = '***';
$parameters['STREET'] = '***';
$parameters['STATE'] = '***';
$parameters['CITY'] = '***';

Add PayFlowPro account details

PHP
$parameters['USER'] = '***';
$parameters['VENDOR'] = '***';
$parameters['PARTNER'] = '***';
$parameters['PWD'] = '***';

Add unique secure token id

PHP
// SECURETOKENID - random 36 alpha numeric characters.
// SECURETOKENID - should be unique for each test, means you need to generate new id for each test payments.
$parameters['SECURETOKENID'] = '***';
$parameters['CREATESECURETOKEN'] = 'Y';
$parameters['TRXTYPE'] = 'S';

Submit input parameters and get SECURETOKEN from PayFlowPro.

Note : If you want to make payment using live account, use URL https://payflowpro.paypal.com instead of https://pilot-payflowpro.paypal.com in below code.

PHP
$curl_url = 'https://pilot-payflowpro.paypal.com';
$curl_param = array();
foreach($parameters as $key => $value) {
  $curl_param[] = "$key=$value";
}
$curl_params = implode('&',$curl_param);
$options = array(
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_HEADER         => false,
  CURLOPT_VERBOSE        => false,
  CURLOPT_SSL_VERIFYHOST => 0,
  CURLOPT_SSL_VERIFYPEER => false,
  CURLOPT_POST           => 1,
  CURLOPT_POSTFIELDS     => $curl_params,
);
$ch = curl_init($curl_url);
curl_setopt_array($ch,$options);
$content = curl_exec( $ch );
$response_status = curl_getinfo( $ch );
curl_close ( $ch );

  Read secure token from PayFlowPro

PHP
  if($content != '') {
    $response = array();
    foreach(explode('&', $content) as $item) {
      $key_value = explode('=', $item);
      $response[$key_value[0]] = $key_value[1];
    }
    // Validate response
    if(isset($response['RESULT']) && $response['RESULT'] == '0') {
      $securetoken = $response['SECURETOKEN'];
      $securetokenid = $response['SECURETOKENID'];
    }
    else {
      print_r($content);
    }
  }

Redirect page to Hosted Checkout Page

Once you get secure token from PayFlowPro, redirect the page to Hosted Checkout Page

Note : If you want to make payment using live account, use URL https://payflowlink.paypal.com instead of https://pilot-payflowlink.paypal.com in below code

PHP
if(!empty($securetoken) && !empty($securetokenid)) {
  $querystring = array(
    'SECURETOKEN' => $securetoken,
    'SECURETOKENID' => $securetokenid,
  );
  header('Location: https://pilot-payflowlink.paypal.com?' . http_build_query($querystring, '', '&'));
  exit;
}

User will be redirected to PayFlowPro Hosted Checkout Page (payment page)

Collect payment response from PayFlowPro

After completing payment process PayFlowPro will submit the page back to website. Read responses from $_POST or $_GET variables based on your Hosted Checkout Page settings. In thank you page print PNREF unique id

<?php
  if($_POST['RESULT'] == 0) {
    print 'Thank you for your payment, please note transaction number ' . $_POST['PNREF'];
  }
?>

After completion your code should look like below

File : testpayment.php

PHP
<?php
  // Preparing input parameters.
  $parameters = array();
  $parameters['AMT'] = '100';
  $parameters['CURRENCY'] = 'USD';
  $parameters['FIRSTNAME'] = '***';
  $parameters['LASTNAME'] = '***';
  $parameters['PHONENUM'] = '***';
  $parameters['EMAIL'] = '***';
  $parameters['STREET'] = '***';
  $parameters['STATE'] = '***';
  $parameters['CITY'] = '***';
  // Add PayFlowPro account details.
  $parameters['USER'] = '***';
  $parameters['VENDOR'] = '***';
  $parameters['PARTNER'] = '***';
  $parameters['PWD'] = '***';
  // Add unique secure token id.
  // random 36 alpha numeric characters.
  $parameters['SECURETOKENID'] = '***';
  $parameters['CREATESECURETOKEN'] = 'Y';
  $parameters['TRXTYPE'] = 'S';
  // Send values to PayFlowPro.
  $curl_url = 'https://pilot-payflowpro.paypal.com';
  $curl_param = array();
  foreach($parameters as $key => $value) {
    $curl_param[] = "$key=$value";
  }
  $curl_params = implode('&',$curl_param);
  $options = array(
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HEADER         => false,
    CURLOPT_VERBOSE        => false,
    CURLOPT_SSL_VERIFYHOST => 0,
    CURLOPT_SSL_VERIFYPEER => false,
    CURLOPT_POST           => 1,
    CURLOPT_POSTFIELDS     => $curl_params,
  );
  $ch = curl_init($curl_url);
  curl_setopt_array($ch,$options);
  $content = curl_exec( $ch );
  $response_status = curl_getinfo( $ch );
  curl_close ( $ch );
  // Read response.
  if($content != '') {
    $response = array();
    foreach(explode('&', $content) as $item) {
      $key_value = explode('=', $item);
      $response[$key_value[0]] = $key_value[1];
    }
    // Validate response
    if(isset($response['RESULT']) && $response['RESULT'] == '0') {
      $securetoken = $response['SECURETOKEN'];
      $securetokenid = $response['SECURETOKENID'];
    }
    else {
      print_r($content);
    }
  }
  // Redirect to PayFlowPro Hosted Checout Page.
  if(!empty($securetoken) && !empty($securetokenid)) {
    $querystring = array(
      'SECURETOKEN' => $securetoken,
      'SECURETOKENID' => $securetokenid,
    );
    header('Location: https://pilot-payflowlink.paypal.com?' . http_build_query($querystring, '', '&'));
    exit;
  }
?>

File : response.php

PHP
<?php
  if($_POST['RESULT'] == 0) {
    print 'Thank you for your payment, please note transaction number ' . $_POST['PNREF'];
  }
?>

Steps to execute

1. Create PayFlowPro account and setup Hosted Checkout Page, remember to configure return URLs as "response.php" (full URL). Only then PayPal will redirect back to our custom page "response.php"

2. Update appropriate values for '***' in file testpayment.php and save the file, remember to use unique value for 'SECURETOKENID', you need to change value of this parameter in every test payments.

3. Browse the file testpayment.php through apache server, it will automatically redirect the page to PayFlowPro Hosted Checkout Page.

4. Enter test credit card numbers and compelte payment process. Page will redirect back to response.php, that will display PNREF number generated in PayPal. You can get test credit card numbers in this page https://www.paypalobjects.com/en_US/vhelp/paypalmanager_help/credit_card_numbers.htm

Reference

https://developer.paypal.com/docs/classic/products/paypal-payments-pro/
https://developer.paypal.com/docs/classic/payflow/gs_ppa_hosted_pages/
https://www.paypalobjects.com/en_US/vhelp/paypalmanager_help/credit_card_numbers.htm 

 

 

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)