Category Archives: Code

My first Stripe integration, using PHP

Recently I carried out my first integration to the new (to the UK) payment processing provider Stripe. My client Jasper Goodall was looking at moving to Paypal for taking payments and having integrated with Paypal in the past, I suggested Stripe as a more developer and client friendly alternative. He liked the look of Stripe and signed up.

I was moving the site from using Sagepay over to Stripe and as all the basket and post-payment logic was written, dropping in Stripe was very straightforward. Their documentation is very clear, testing is simple, and taking a payment is a doddle. I hit a few minor issues, which were:

PHP needs ‘mbstring’ turned on

My local PHP 5.2.4 install didn’t have mbstring on by default, so I had to install it. This was on my Windows PC so I had to move the mbstring DLL in to the main ‘php’ directory and edit the httpd.conf file to include the DLL as one that needed to be loaded. I then restarted Apache and it was working fine.

My host did have mbstring turned on, so I didn’t need to change anything there.

Secure certificate required

My client didn’t have a certificate to allow his to use SSL. However his host, Claranet, had a shared secure area that all of their customers could use without requiring their own certificate. This was good, but I had to re-code parts of his site so things like the stylesheets would load properly when using this area.

If you or your client are on shared hosting with one of the larger providers, it’s worth checking to see if they have a secure area you can use before investing in your own certificate. This can save you some money, but has the disadvantage that the URL of your secure pages won’t show your domain in that part of the website address, which may make some customers suspicious. It will be worth adding some text to your pages explaining how they are secured if you think that is going to be a problem.

Coding up receipts

Previously, we were using Sagepay which takes various information about the products in the customer’s basket and builds an e-mail notification of the sale for you. Stripe just take the amount of money you are charging, so I had to update the website to create a notification for the customer, and one to tell the client a sale had been made. These were very simple additions to the post-sale process.

Overall, Stripe was a delight to integrate with. I’ve set up shops using several payment gateways – Sagepay (was Protx), Worldpay, Secure Trading, Paypal, and Paypoint. Stripe was by far the easiest, taking only a few hours to integrate with including the bug fixing of my setup and the re-coding of the existing shop to send the right information through and use the extra secure area of their hosting. If you were starting from a cleaner base, you’d probably be looking at an hour or two including reading the documentation. Really nice.

Rebranding Paypoint payment pages – gotchas

One of my clients is using Paypoint (AKA SECPay) as the payment gateway for their online store. Their documentation on integrating the shopping basket part of the site with Paypoint is not too bad, but I came unstuck when trying to rebrand the gateway pages to look like the main website.

Before starting – I believe you need to be a ‘Gateway Freedom’ customer to be able to rebrand the page that takes the credit card details on Paypoint.

If you’re a Gateway Freedom customer, you can follow the Gateway Hosted PDF from theirĀ  integration guides page, then make some changes based on the Gateway Freedom PDF, downloadable from the same page.

Part of the Gateway Freedom guide says you make a branded page, they give you a template to save and amend to your design, then upload it in to your Paypoint account and reference it in a hidden variable of the form you send to Paypoint with the various customer and product details. Unfortunately, I couldn’t find the File Manager talked about in any part of my client’s account, either where the documentation says it is or anywhere else.

The thing you actually have to do is make the rebranded template, save it on your site, then reference that in the hidden field. Paypoint then pull that off your server, replace all their placeholder tags with relevant information (i.e. the credit card field labels), and display it to the customer.

The hidden HTML field is ‘template’, so you add to the other hidden fields you send through to them something like this:

<input type=”hidden” name=”template” value=”http://www.yoursite.com/your-rebranded-page.html”>

When you rebrand a page in this way, you need to make sure all references to images are absolute – so they have the whole path to them including the domain. Potentially you’ll need an SSL certificate on your site so you can reference them through https rather than http. This means you won’t get a mixed secure/non-secure warning on the credit card page. If you don’t have an SSL certificate, test that first as my client already had one so I just used it.

Also, if you copy the Paypoint template, the images don’t have absolute URLs and didn’t work for me, I had to put https://www.secpay.com/starter/ in front of them – so small_logo.gif became https://www.secpay.com/starter/small_logo.gif

All rather frustrating, but once you know how it works, it’s easy to set up. I also discovered if you need to amend the HTML when you’re testing, you can just upload a change to your server and refresh the page you’re seeing on Paypoint/SECPay, no need to back out and re-submit your form, which I’ve had with some other payment gateways. That makes testing how changes look very easy.

If you’re doing a Paypoint/SECPay integration – good luck!