Online payments are important for PHP websites. In the current situation of technology, we have to upgrade our websites and get online payments with a payment gateway. This tutorial will teach Payumoney payment gateway integration in PHP with the MYSQL database. Payumoney is known as Payu. Payu is a short form of PayUmoney. Payumoney is the best payment gateway for an eCommerce system. In this tutorial, we will integrate the Payumoney payment gateway in PHP. As you know, every payment gateway has a different PHP KIT . We use that Payu PHP KIT to send and receive payment information. You can easily integrate the Payumoney payment gateway using that PHP KIT.
Payumoney integration in PHP with the MYSQL database?
Payumoney payment gateway integration is a very easy process. We will create a products shop. The customer will select any product and click on the buy button. After that, the customer will fill up the checkout form with the customer's first name, and customer lastname. customer email, customer phone number, customer address, or a note. These details will be transferred to the Payu website and customers can pay with multiple payment options. After payment, transaction data will be stored in the MYSQL database table. It’s an eCommerce system example. We will use bootstrap. Bootstrap is used to make a responsive website.Let’s integrate the Payumoney payment gateway using PHP with the MYSQL database –
First of all, create a table “products” using the below query –
CREATE TABLE `products` (
`pid` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`title` varchar(355) DEFAULT NULL,
`price` varchar(20) DEFAULT NULL,
`image` varchar(255) DEFAULT NULL
);
We will create a form to create new products with the product title, product price, and product image. We will fetch and display all products on another page.
Now, create a table “payments” using the below query –
CREATE TABLE `payments` (
`payid` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`firstname` varchar(40) DEFAULT NULL,
`lastname` varchar(40) DEFAULT NULL,
`amount` varchar(20) DEFAULT NULL,
`txnid` varchar(255) DEFAULT NULL,
`pid` int(11) DEFAULT NULL,
`payer_email` varchar(40) DEFAULT NULL,
`currency` varchar(10) DEFAULT NULL,
`mobile` varchar(15) NOT NULL,
`address` varchar(455) DEFAULT NULL,
`note` text DEFAULT NULL,
`payment_date` datetime DEFAULT NULL,
`status` varchar(30) DEFAULT NULL
);
We will insert every transaction record into this MYSQL database table with the product id.
Now, we will create a connection file. The connection file will help you to make a connection between PHP and MYSQL. We will use PHP PDO-prepared statements to make secure payumoney payment gateway integration.
config.php
<?php session_start();
define('DBNAME','gateway');
define('DBUSER','root');
define('DBPASS','');
define('DBHOST','localhost');
try {
$db = new PDO("mysql:host=".DBHOST.";dbname=".DBNAME, DBUSER, DBPASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//echo "Your page is connected with database successfully..";
} catch(PDOException $e) {
echo "Issue -> Connection failed: " . $e->getMessage();
}
?>
Kindly set all credentials according to your database.
We will now create products with the product title, price, and image. Users can buy these products from your website using the payu payment gateway. We will use bootstrap to make responsive forms, tables, product cards, etc.
Let’s create products –
create-product.php
<?php require_once("config.php");?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Add Product - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-3"></div>
<div class="col-sm-6 form-container">
<h1>Create a Product </h1>
<?php
if(isset($_POST['submit_form']))
{
$title=$_POST['title'];
$price=$_POST['price'];
$folder = "uploads/";
$image_file=$_FILES['image']['name'];
$file = $_FILES['image']['tmp_name'];
$path = $folder . $image_file;
$target_file=$folder.basename($image_file);
//move image to the folder
move_uploaded_file($file,$target_file);
$sql="INSERT into products(title,price,image) VALUES(:title,:price,:image)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':title', $title, PDO::PARAM_STR);
$stmt->bindParam(':price', $price, PDO::PARAM_STR);
$stmt->bindParam(':image', $image_file, PDO::PARAM_STR);
$stmt->execute();
header("location:products.php");
}
?>
<form action="" method="POST" enctype="multipart/form-data">
<div class="mb-3">
<label class="label">Product Title </label>
<input type="text" class="form-control" name="title" required>
</div>
<div class="mb-3">
<label class="label">Product Price</label>
<input type="number" class="form-control" name="price" required>
</div>
<div class="mb-3">
<label class="label">Product Image</label>
<input type="file" class="form-control" name="image" accept="image/*" required>
</div>
<button type="submit" class="btn btn-primary" name="submit_form">Create</button>
</form>
</div>
<div class="col-sm-3"></div>
</div>
</div>
</body>
</html>
We have created a simple insert query in the above code using PHP PDO-prepared statements.
Note – Kindly create an uploads folder in your project folder. Create a new folder name "uploads"
After that, we display all products on another page.
products.php
<?php require_once("config.php");?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Products - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-2"></div>
<div class="col-sm-8 form-container">
<h1>Products</h1>
<hr>
<a href="create-product.php" class="btn btn-primary" style="float:right;">Create New </a>
<table class="table">
<tr>
<th>Image</th>
<th>Title</th>
<th>Price</th>
</tr>
<?php
$sql="SELECT * from products order by pid DESC";
$stmt = $db->prepare($sql);
$stmt->execute();
$rows=$stmt->fetchAll();
foreach ($rows as $row) {
echo '<tr>
<td><img src="uploads/'.$row['image'].'" height="100"></td>
<td>'.$row['title'].'</td>
<td>'.$row['price'].' INR</td>
</tr>';
}
?>
</table>
</div>
<div class="col-sm-2"></div>
</div>
</div>
</body>
</html>
In the above code, we have fetched and display all products.
If you want to design these forms, kindly use the below CSS stylesheet.
style.css
body{
background-color: #f1f1f1;
}
.form-container
{
padding: 20px;
border-radius: 20px;
background-color: #fff;
margin-top: 10px ;
}
.label{
font-weight: 500;
}
#btnsubmit{
background-color: #00BD68;
border-radius: 5px;
color: #FFFFFF;
cursor: pointer;
height: 44px;
line-height: 44px;
width: 100%;
border: 0;
}
Products are created. Now, we will fetch and display these products on the index page with the buy now button.
index.php
<?php require_once("config.php");?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Shop - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Shop </h1>
<hr>
<div class="row">
<?php
$sql="SELECT * from products order by pid DESC";
$stmt = $db->prepare($sql);
$stmt->execute();
$rows=$stmt->fetchAll();
foreach ($rows as $row) {
echo '<div class="col-4 text-center"><div class="card" style="width: 18rem;">
<img class="card-img-top" src="uploads/'.$row['image'].'" alt="Card image cap">
<div class="card-body">
<h5 class="card-title">'.$row['title'].'</h5>
<p class="card-text">'.$row['price'].' INR</p>
<a href="checkout.php?product_id='.$row['pid'].'" class="btn btn-primary">Buy Now</a>
</div>
</div></div>';
}
?>
</div>
</div>
</div>
</div>
</body>
</html>
The customer will click on the buy now button and process for checkout. This is a similar process to the eCommerce system in PHP with a payu payment gateway.
Now, we will create a checkout page to receive user data. As you know, we create a checkout page in the eCommerce system to receive user data and process payment using the Payumoney payment gateway.
Let's create a checkout page
checkout.php
<?php require_once("config.php"); $pid=$_GET['product_id'];
$sql="SELECT count(*) from products WHERE pid=:pid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':pid', $pid, PDO::PARAM_INT);
$stmt->execute();
$count=$stmt->fetchcolumn();
if($count==0)
{
header('location:index.php');
exit();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Checkout - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Checkout</h1>
<hr>
<?php
if(isset($_POST['submit_form']))
{
$_SESSION['fname']=$_POST['fname'];
$_SESSION['lname']=$_POST['lname'];
$_SESSION['email']=$_POST['email'];
$_SESSION['mobile']=$_POST['mobile'];
$_SESSION['note']=$_POST['note'];
$_SESSION['address']=$_POST['address'];
$_SESSION['pid']=$pid;
if($_POST['email']!='')
{
header("location:pay.php");
}
}
?>
<div class="row">
<div class="col-8">
<form action="" method="POST">
<div class="mb-3">
<label class="label">First Name</label>
<input type="text" class="form-control" name="fname" required>
</div>
<div class="mb-3">
<label class="label">Last Name</label>
<input type="text" class="form-control" name="lname" required>
</div>
<div class="mb-3">
<label class="label">Email </label>
<input type="email" class="form-control" name="email" required>
</div>
<div class="mb-3">
<label class="label">Mobile</label>
<input type="number" class="form-control" name="mobile" required>
</div>
<div class="mb-3">
<label class="label">Address</label>
<textarea name="address" class="form-control" name="address" required></textarea>
</div>
<div class="mb-3">
<label class="label">Note</label>
<textarea name="note" class="form-control" name="note"></textarea>
</div>
</div>
<div class="col-4 text-center">
<?php
$sql="SELECT * from products WHERE pid=:pid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':pid',$pid,PDO::PARAM_INT);
$stmt->execute();
$row=$stmt->fetch();
echo '<div class="card" style="width: 18rem;">
<img class="card-img-top" src="uploads/'.$row['image'].'" alt="Card image cap">
<div class="card-body">
<h5 class="card-title">'.$row['title'].'</h5>
<p class="card-text">'.$row['price'].' INR</p>
</div>
</div>';
?>
<br>
<button type="submit" class="btn btn-primary" name="submit_form">Place Order</button>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
We have created the HTML form with the product image in the above code. We are getting the product id from the URL. As you can see, there is a place order button.
Logic – We will take all details from the buyer and save them in different session variables and we will use these details during payment time.
When you will click the place order button, you will be redirected to the payment page. We will use payubiz PHP KIT code in this file.
Create a pay PHP file.
pay.php
<?php require_once("config.php");
if(!isset($_SESSION['email']))
{
header('location:index.php');
exit();
}
else
{
$pid=$_SESSION['pid'];
}
include("gateway-config.php");
$html='';
if(strcasecmp($_SERVER['REQUEST_METHOD'], 'POST') == 0){
$hash=hash('sha512', $key.'|'.$_POST['txnid'].'|'.$_POST['amount'].'|'.$_POST['productinfo'].'|'.$_POST['firstname'].'|'.$_POST['email'].'|'.$_POST['udf1'].'|'.$_POST['udf2'].'|||'.$_POST['udf5'].'||||||'.$salt);
$_SESSION['salt'] = $salt; //save salt in session to use during Hash validation in response
$html = '<form action="'.$action.'" id="payment_form_submit" method="post">
<input type="hidden" id="udf5" name="udf5" value="'.$_POST['udf5'].'" />
<input type="hidden" id="udf1" name="udf1" value="'.$_POST['udf1'].'" />
<input type="hidden" id="udf1" name="udf2" value="'.$_POST['udf2'].'" />
<input type="hidden" id="surl" name="surl" value="'.$success_url.'" />
<input type="hidden" id="furl" name="furl" value="'.$failed_url.'" />
<input type="hidden" id="curl" name="curl" value="'.$cancelled_url.'" />
<input type="hidden" id="key" name="key" value="'.$key.'" />
<input type="hidden" id="txnid" name="txnid" value="'.$_POST['txnid'].'" />
<input type="hidden" id="amount" name="amount" value="'.$_POST['amount'].'" />
<input type="hidden" id="productinfo" name="productinfo" value="'.$_POST['productinfo'].'" />
<input type="hidden" id="firstname" name="firstname" value="'.$_POST['firstname'].'" />
<input type="hidden" id="Lastname" name="Lastname" value="'.$_POST['Lastname'].'" />
<input type="hidden" id="Zipcode" name="Zipcode" value="'.$_POST['Zipcode'].'" />
<input type="hidden" id="email" name="email" value="'.$_POST['email'].'" />
<input type="hidden" id="phone" name="phone" value="'.$_POST['phone'].'" />
<input type="hidden" id="address1" name="address1" value="'.$_POST['address1'].'" />
<input type="hidden" id="address2" name="address2" value="'.(isset($_POST['address2'])? $_POST['address2'] : '').'" />
<input type="hidden" id="city" name="city" value="'.$_POST['city'].'" />
<input type="hidden" id="state" name="state" value="'.$_POST['state'].'" />
<input type="hidden" id="country" name="country" value="'.$_POST['country'].'" />
<input type="hidden" id="Pg" name="Pg" value="'.$_POST['Pg'].'" />
<input type="hidden" id="hash" name="hash" value="'.$hash.'" />
</form>
<script type="text/javascript"><!--
document.getElementById("payment_form_submit").submit();
//-->
</script>';
}
function getCallbackUrl()
{
$protocol = ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
$uri = str_replace('/index.php','/',$_SERVER['REQUEST_URI']);
return $protocol . $_SERVER['HTTP_HOST'] . $uri . 'response.php';
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Payment - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Payment</h1>
<hr>
<?php
$firstname=$_SESSION['fname'];
$lastname=$_SESSION['lname'];
$email=$_SESSION['email'];
$mobile=$_SESSION['mobile'];
$address=$_SESSION['address'];
$note=$_SESSION['note'];
$sql="SELECT * from products WHERE pid=:pid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':pid',$pid,PDO::PARAM_INT);
$stmt->execute();
$row=$stmt->fetch();
$price=$row['price'];
$title=$row['title'];
$webtitle='Techno Smarter'; // Change web title
$displayCurrency='INR';
$imageurl='https://technosmarter.com/assets/images/Avatar.png';
?>
<div class="row">
<div class="col-8">
<h4>(Payer Details)</h4>
<div class="mb-3">
<label class="label">First Name :- </label>
<?php echo $firstname; ?>
</div>
<div class="mb-3">
<label class="label">Last Name:- </label>
<?php echo $lastname; ?>
</div>
<div class="mb-3">
<label class="label">Email:- </label>
<?php echo $email; ?>
</div>
<div class="mb-3">
<label class="label">Mobile:- </label>
<?php echo $mobile; ?>
</div>
<div class="mb-3">
<label class="label">Address:- </label>
<?php echo $address; ?>
</div>
<div class="mb-3">
<label class="label">Note:- </label>
<?php echo $note; ?>
</div>
</div>
<div class="col-4 text-center">
<?php
$sql="SELECT * from products WHERE pid=:pid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':pid',$pid,PDO::PARAM_INT);
$stmt->execute();
$row=$stmt->fetch();
echo '<div class="card" style="width: 18rem;">
<img class="card-img-top" src="uploads/'.$row['image'].'" alt="Card image cap">
<div class="card-body">
<h5 class="card-title">'.$row['title'].'</h5>
<p class="card-text">'.$row['price'].' INR</p>
</div>
</div>';
?>
<br>
<form action="" id="payment_form" method="post">
<input type="hidden" id="udf5" name="udf5" value="PayUBiz_PHP7_Kit" />
<input type="hidden" id="udf1" name="udf1" value="<?php echo $pid;?>" />
<input type="hidden" id="udf2" name="udf2" value="<?php echo $note;?>" />
<div class="dv">
<span>
<input type="hidden" id="txnid" name="txnid" placeholder="Transaction ID" value="<?php echo "Txn" . rand(10000,99999999)?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="amount" name="amount" placeholder="Amount" value="<?php echo $price;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="productinfo" name="productinfo" placeholder="Product Info" value="<?php echo $title;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="firstname" name="firstname" placeholder="First Name" value="<?php echo $firstname;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="Lastname" name="Lastname" placeholder="Last Name" value="<?php echo $lastname;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="Zipcode" name="Zipcode" placeholder="Zip Code" value="" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="email" name="email" placeholder="Email ID" value="<?php echo $email;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="phone" name="phone" placeholder="Mobile/Cell Number" value="<?php echo $mobile;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="address1" name="address1" placeholder="Address1" value="<?php echo $address;?>" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="address2" name="address2" placeholder="Address2" value="" /></span>
</div>
<div class="dv">
<span>
<input type="hidden" id="city" name="city" placeholder="City" value="" /></span>
</div>
<div class="dv">
<span><input type="hidden" id="state" name="state" placeholder="State" value="" /></span>
</div>
<div class="dv">
<span><input type="hidden" id="country" name="country" placeholder="Country" value="" /></span>
</div>
<div class="dv">
<span>
<!-- Not mandatory but fixed code can be passed to Payment Gateway to show default payment
option tab. e.g. NB, CC, DC, CASH, EMI. Refer PDF for more details. //-->
<input type="hidden" id="Pg" name="Pg" placeholder="PG" value="" /></span>
</div>
<div><input type="button" id="btnsubmit" name="btnsubmit" value="Pay Now" onclick="frmsubmit(); return true;" /></div>
</form>
<?php if($html) echo $html; //submit request to PayUBiz ?>
</div>
<script type="text/javascript">
<!--
function frmsubmit()
{
document.getElementById("payment_form").submit();
return true;
}
//-->
</script>
</div>
</div>
</div>
</div>
</body>
</html>
In the above code, hash pattern and sequence most important things.
Apply the sha512 algorithm on this string. Please note that you have to
use pipe (|) character as delimiter.
The parameter order is mentioned below:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)
Description of each parameter available on HTML page as well as in PDF.
Case 1: If all the udf parameters (udf1-udf5) are posted by the merchant. Then,
hash=sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)
Case 2: If only some of the udf parameters are posted and others are not. For example, if udf2 and udf4 are posted and udf1, udf3, udf5 are not. Then,
hash=sha512(key|txnid|amount|productinfo|firstname|email||udf2||udf4|||||||SALT)
Case 3: If NONE of the udf parameters (udf1-udf5) are posted. Then,
hash=sha512(key|txnid|amount|productinfo|firstname|email|||||||||||SALT)
In the present kit and available PayU plugins, UDF5 is used. So the order is -
hash=sha512(key|txnid|amount|productinfo|firstname|email|||||udf5||||||SALT)
Here, we will use udf1 and udf2 extra parameters for product id and note. By the way, generate a hash with mandatory parameters and udf5. Mandatory parameters are – first name, email, phone number, amount, surl, curl and furl, key, txnid, productinfo. You can use extra paramerters from udf1 to udf5 for extra values. In the above code, we have used the udf1 and udf2 extra parameters.
We have used an HTML form. As you know, we are getting customer data from the checkout page in different session variables. We have used these session variables' data in the form. You can give direct value to has to string inside the PHP sha512() function. You can find these code lines in the payumoney PHP payubiz_php integration kit.
Now, we will need the payumoney merchant key and merchant salt. You can get a merchant key and merchant salt from your PayU account. Find in integration option from the left menu or in the profile.
Let’s create the gateway config file.
gateway-config.php
<?php
$key="xxxxxxxx";
$salt="xxxxxxx";
$mode='test'; //test or live
// Set your pages path
$success_url="http://localhost/gateway/response.php"; // set your success page url response.php path
$failed_url="http://localhost/gateway/failed.php"; // Transaction failed page URL failed.php path
$cancelled_url="http://localhost/gateway/cancelled.php"; // Transaction cancelled page URL cancelled.php path
// Please do not change anything after this line..
if($mode=='live')
{
$action = 'https://secure.payu.in/_payment';
}
else {
$action = 'https://test.payu.in/_payment';
$key="oZ7oo9";
$salt="UkojH5TS";
}
?>
Kindly set your key and salt in the config file. You can change the mode from test to live or live to test.
If you want to test then set it like that –
$mode='test';
If you want to live mode then please set your merchant key and salt
$key="xxxxxxxx";
$salt="xxxxxxx";
And mode will be
$mode='live';
After that, Kindly set your success page URL (response.php -> We will create it.. )
Set your transaction failed URL (failed.php -> We will create it. )
Set your transaction cancelled page URL (cancelled.php -> We will create it.)
surl- Success URL
furl- Failed URL
curl – Cancelled URL
All set.
Live mode -Test before live mode.
Now, create a response.php file.
response.php
<?php require_once("config.php");
include("gateway-config.php");
$postdata = $_POST;
$msg = '';
$status='';
if (isset($postdata ['key'])) {
$key = $postdata['key'];
$txnid = $postdata['txnid'];
$amount = $postdata['amount'];
$productInfo = $postdata['productinfo'];
$firstname = $postdata['firstname'];
$lastname = $postdata['lastname'];
$phone = $postdata['phone'];
$email = $postdata['email'];
$address1 = $postdata['address1'];
$udf5 = $postdata['udf5'];
$pid = $postdata['udf1'];
$note = $postdata['udf2'];
$status = $postdata['status'];
$resphash = $postdata['hash'];
//Calculate response hash to verify
$keyString = $key.'|'.$txnid.'|'.$amount.'|'.$productInfo.'|'.$firstname.'|'.$email.'|'.$postdata['udf1'].'|'.$postdata['udf2'].'|||'.$udf5.'|||||';
$keyArray = explode("|",$keyString);
$reverseKeyArray = array_reverse($keyArray);
$reverseKeyString = implode("|",$reverseKeyArray);
$CalcHashString = strtolower(hash('sha512', $salt.'|'.$status.'|'.$reverseKeyString)); //hash without additionalcharges
//check for presence of additionalcharges parameter in response.
$additionalCharges = "";
If (isset($postdata["additionalCharges"])) {
$additionalCharges=$postdata["additionalCharges"];
//hash with additionalcharges
$CalcHashString = strtolower(hash('sha512', $additionalCharges.'|'.$salt.'|'.$status.'|'.$reverseKeyString));
}
//Comapre status and hash. Hash verification is mandatory.
if ($status == 'success' && $resphash == $CalcHashString) {
$msg = "Transaction Successful, Hash Verified...<br />";
//Do success order processing here...
}
else {
//tampered or failed
$msg = "Payment failed for Hash not verified...";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Payment Status - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Payment Status</h1>
<hr>
<div class="row">
<div class="col-8">
<?php
if ($status == 'success' && $resphash == $CalcHashString && $txnid!='')
{
$subject='Your payment has been successful..';
$currency='INR';
$date = new DateTime(null, new DateTimezone("Asia/Kolkata"));
$payment_date=$date->format('Y-m-d H:i:s');
$sql="SELECT count(*) from payments WHERE txnid=:txnid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':txnid', $txnid, PDO::PARAM_STR);
$stmt->execute();
$countts=$stmt->fetchcolumn();
if($txnid!=''){
if($countts<=0)
{
$sql="INSERT INTO payments(firstname,lastname,amount,status,txnid,pid,payer_email,currency,mobile,address,note,payment_date) VALUES(:firstname,:lastname,:amount,:status,:txnid,:pid,:payer_email,:currency,:mobile,:address,:note,:payment_date)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':firstname', $firstname, PDO::PARAM_STR);
$stmt->bindParam(':lastname', $lastname, PDO::PARAM_STR);
$stmt->bindParam(':amount', $amount, PDO::PARAM_STR);
$stmt->bindParam(':status', $status, PDO::PARAM_STR);
$stmt->bindParam(':txnid', $txnid, PDO::PARAM_STR);
$stmt->bindParam(':pid', $pid, PDO::PARAM_INT);
$stmt->bindParam(':payer_email', $email, PDO::PARAM_STR);
$stmt->bindParam(':currency', $currency, PDO::PARAM_STR);
$stmt->bindParam(':mobile', $phone, PDO::PARAM_STR);
$stmt->bindParam(':address', $address1, PDO::PARAM_STR);
$stmt->bindParam(':note', $note, PDO::PARAM_STR);
$stmt->bindParam(':payment_date', $payment_date, PDO::PARAM_STR);
$stmt->execute();
}
// start
echo ' <h2 style="color:#33FF00";>'.$subject.'</h2> <hr>';
echo '<table class="table">';
echo '<tr> ';
$rows= $sql="SELECT * from payments WHERE txnid=:txnid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':txnid',$txnid,PDO::PARAM_STR);
$stmt->execute();
$rows=$stmt->fetchAll();
foreach($rows as $row)
{
$dbdate = $row['payment_date'];
}
echo '<tr>
<th>Transaction ID:</th>
<td>'.$txnid.'</td>
</tr>
<tr>
<th>Paid Amount:</th>
<td>'.$amount.' '. $currency.'</td>
</tr>
<tr>
<th>Payment Status:</th>
<td>'.$status.'</td>
</tr>
<tr>
<th>Payer Email:</th>
<td>'.$email.'</td>
</tr>
<tr>
<th>Name:</th>
<td>'.$firstname.' '.$lastname.'</td>
</tr>
<tr>
<th>Mobile No:</th>
<td>'.$phone.'</td>
</tr>
<tr>
<th>Address:</th>
<td>'.$address1.'</td>
</tr>
<tr>
<th>Note:</th>
<td>'.$note.'</td>
</tr>
<tr>
<th>Date :</th>
<td>'.$dbdate.'</td>
</tr>
</table>';
}
}
else
{
$html = "<p><div class='errmsg'>Invalid Transaction. Please Try Again</div></p>
";
$error_found=1;
}
if(isset($html)){
echo $html;
}
?>
</div>
<div class="col-4 text-center">
<?php
if(!isset($error_found)){
$sql="SELECT * from products WHERE pid=:pid";
$stmt = $db->prepare($sql);
$stmt->bindParam(':pid',$pid,PDO::PARAM_INT);
$stmt->execute();
$row=$stmt->fetch();
echo '<div class="card" style="width: 18rem;">
<img class="card-img-top" src="uploads/'.$row['image'].'" alt="Card image cap">
<div class="card-body">
<h5 class="card-title">'.$row['title'].'</h5>
</div>
</div>';
}
?>
<br>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
After completing the transaction process it is recommended to make an inquiry call with PayU to validate the response received and then save the response to DB or display it on UI. Response received from Payment Gateway at this page.
It is absolutely mandatory that the hash (or checksum) is computed again after you receive a response from PayU and compare it with request and postback parameters. This will protect you from any tampering by the user and help in ensuring a safe and secure transaction experience. It is mandated that you secure your integration with PayU by implementing Verify web service and Webhook/callback as a secondary confirmation of transaction response.
Process response parameters to generate the Hash signature and compare with Hash sent by the payment gateway
to verify response content. The response may contain additional charges parameter so depending on that
two orders of strings are used in this kit.
Hash string without Additional Charges -
hash = sha512(SALT|status||||||udf5|||||email|firstname|productinfo|amount|txnid|key)
With additional charges -
hash = sha512(additionalCharges|SALT|status||||||udf5|||||email|firstname|productinfo|amount|txnid|key)
In the above code, we geo data from the payu website response and insert transaction data into the MYSQL database table.
As you know that we have used failed and cancelled URLs in the gateway config file.
Let’s create both files one by one.
failed.php
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Payment Failed - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Payment Failed </h1>
<hr>
<div class="row">
<div class="col-8">
<p><div class='errmsg'>Your payment has been failed .</div></p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
Redirect customer to failed page when the payment fails
cancelled.php
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Payment Cancelled - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Payment Cancelled</h1>
<hr>
<div class="row">
<div class="col-8">
<p><div class='errmsg'>Your payment has been cancelled.</div></p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
Redirect customer to cancelled page when payment cancels.
We have already discussed that we are created a simple eCommerce system in PHP with payUmoney. We are integrating the Payumoney payment gateway using PHP and MYSQL database.
Now, we will display all payments (orders ) on a page.
payments.php
<?php require_once("config.php");?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Payments | Orders - Techno Smarter </title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container-fluid">
<div class="row">
<div class="col-sm-12 form-container">
<h1>Payments | Orders</h1>
<hr>
<table class="table">
<tr>
<th>Paid By </th>
<th>Payer Email</th>
<th>Txn Id </th>
<th>Product Image</th>
<th>Title</th>
<th>Paid Amount</th>
<th>Address</th>
<th>Mobile</th>
<th>Note</th>
<th>Order Date</th>
</tr>
<?php
$sql="SELECT * from products,payments WHERE products.pid=payments.pid order by payments.payid DESC ";
$stmt = $db->prepare($sql);
$stmt->execute();
$rows=$stmt->fetchAll();
foreach ($rows as $row) {
echo '<tr>
<td>'.$row['firstname'].' '.$row['lastname'].'</td>
<td>'.$row['payer_email'].'</td>
<td>'.$row['txnid'].'</td>
<td><img src="uploads/'.$row['image'].'" height="100"></td>
<td>'.$row['title'].'</td>
<td>'.$row['amount'].' INR</td>
<td>'.$row['address'].'</td>
<td>'.$row['mobile'].'</td>
<td>'.$row['note'].'</td>
<td>'.$row['payment_date'].'</td>
</tr>';
}
?>
</table>
</div>
</div>
</div>
</body>
</html>
You can use it as an orders page or a payments page. Admin can check all payments or orders on this page.
You can execute on test mode or live anytime from the gateway config file.
In this way, you can integrate the Payumoney payment gateway in PHP with the MYSQL database.
Recommended Posts:-