dousui3124 2018-01-08 08:29
浏览 26

如何防止条带支付网关上拒绝卡的令牌生成?

I am working with stripe payment gateway.

Flow -

1 . Generating token

2 . Creating payment

Generating Token - as per below code all is good and token it generating.

Now i would like to block or check the card is valid for payment while generating token.

For example - cvc is valid and generate token for that so it will get payment for sure.

if ($this->request->is('post') && $this->request->getData('gtoken') == 'gtoken') {

                $planId = $this->request->getData('planid');
                $amount = $this->request->getData('finalamount');
                $cc = $this->request->getData('cc');
                $cardHolder = $this->request->getData('cardHolder');
                $expiryMonth = $this->request->getData('expiryMonth');
                $expiryYear = $this->request->getData('expiryYear');
                $cvc = $this->request->getData('cvc');

                // validate data and generate token
                if($cc) {
                    $ch = curl_init();
                    curl_setopt($ch, CURLOPT_URL, "https://api.stripe.com/v1/tokens");
                    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt($ch, CURLOPT_POSTFIELDS, "card[number]=".$cc."&card[exp_month]=".$expiryMonth."&card[exp_year]=".$expiryYear."&card[cvc]=".$cvc);
                    curl_setopt($ch, CURLOPT_POST, 1);
                    curl_setopt($ch, CURLOPT_USERPWD, STRIPE_SECRET_KEY. ":" . "");

                    $headers = array();
                    $headers[] = "Content-Type: application/x-www-form-urlencoded";
                    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

                    $tokendata = json_decode(curl_exec($ch), true);

                    if(@$tokendata["error"]) {
                        if(@$tokendata['error']['param'] =='invalid_number'){
                            $this->Flash->error("Please Enter a Valid Card Number.");
                        } elseif(@$tokendata['error']['param']=='exp_month'){
                            $this->Flash->error("Please Enter a Valid Month.");
                        }
                        else {
                            $this->Flash->error($tokendata['error']['message'] );
                        }
                    }
                    else{
                        $token = $tokendata['id'];
                        $this->request->session()->write('payment',$this->request->getData());
                        $this->request->session()->write('paymenttoken',$token);
                        // flush save coupon onsession
                        $this->request->session()->write('isapplycoupon', false);
                        $this->savePayment();
                        return $this->redirect(['controller'=>'venues', 'action'=>'add']);
                    }
                    if (curl_errno($ch)) {
                        echo 'Error:' . curl_error($ch);
                    }
                    curl_close ($ch);
                }
            }

</div>
  • 写回答

1条回答 默认 最新

  • dongshu9458 2018-01-08 09:16
    关注

    yes definitely you can validate CVC while creating a token by passing an amount of 0.1$ while creating a token.

    This feature is not documented anywhere in stripe documentation

    see these blog post and stripe mailing list for more details

    link 1

    link 2

    Your updated code should look like this and use Stripe.js to create token 

    Stripe.card.createToken({
  number: '4242424242424242',
  exp_month: '12',
  exp_year: '2022',
  cvc: '987'
}, 100, stripeResponseHandler);
    评论

报告相同问题?

悬赏问题

  • ¥17 pro*C预编译“闪回查询”报错SCN不能识别
  • ¥15 微信会员卡接入微信支付商户号收款
  • ¥15 如何获取烟草零售终端数据
  • ¥15 数学建模招标中位数问题
  • ¥15 phython路径名过长报错 不知道什么问题
  • ¥15 深度学习中模型转换该怎么实现
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?