【发布时间】:2017-06-18 13:43:15
【问题描述】:
我有一个 3 页的结帐流程。第一页是客户信息。第二页是卡信息。第三页是查看和确认订单。
我正在使用 paypal api 来处理付款处理。现在,我已经设置了支付页面,其中存储在数组中的 paypal api 的请求参数,在客户点击确认并付款后,我通过 paypal api 发送请求。这是处理信用卡付款的正确方法吗?我是否只需要使用 mcrypt 或其他加密方法存储 $nvp_string 吗?还是暂时存储在数据库中并在订单付款后删除信息?
Payment Information Page
// Store request params in an array THESE ARE STATIC VARIABLES FOR TESTING
$request_params = array
(
'METHOD' => 'DoDirectPayment',
'USER' => $api_username,
'PWD' => $api_password,
'SIGNATURE' => $api_signature,
'VERSION' => $api_version,
'PAYMENTACTION' => 'Sale',
'IPADDRESS' => $_SERVER['REMOTE_ADDR'],
'CREDITCARDTYPE' => 'MasterCard',
'ACCT' => '5522340006063638',
'EXPDATE' => '022018',
'CVV2' => '456',
'FIRSTNAME' => 'Tester',
'LASTNAME' => 'Testerson',
'STREET' => '707 W. Bay Drive',
'CITY' => 'Largo',
'STATE' => 'FL',
'COUNTRYCODE' => 'US',
'ZIP' => '33770',
'AMT' => '100.00',
'CURRENCYCODE' => 'USD',
'DESC' => 'Testing Payments Pro'
);
// Loop through $request_params array to generate the NVP string.
$nvp_string = '';
foreach($request_params as $var=>$val)
{
$nvp_string .= '&'.$var.'='.urlencode($val);
}
Confirm & Pay Page
// Send NVP string to PayPal and store response
$curl = curl_init();
curl_setopt($curl, CURLOPT_VERBOSE, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_URL, $api_endpoint);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $nvp_string);
$result = curl_exec($curl);
curl_close($curl);
// Parse the API response
$nvp_response_array = parse_str($result);
【问题讨论】: