Stripe card handling

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP



Stripe card handling



I'm hoping someone here could throw their eye over my flow, to see if I'm doing things correctly and, if not, to advise me as to where to improve.



My scenario is a simple one:



Step 1



At this point I have, I believe, a response id and a source object containing the abstracted card details as well as a card id.



Step 2



I connect to the Stripe API:


Stripe::setApiKey($stripe_secret_key); // note this is a Connect account
Stripe::setApiVersion('2018-05-21');



I check to see if I already have a Stripe customer id stored for this email address. If so, I use that. Otherwise, I create a Stripe customer:


$customer = Stripe_Customer::create(
[
'description' => $u->user_email,
'email'=>$u->user_email
], $stripe_access_token
);
$customer_id = $customer->id;



I then fetch that customer's Stripe object:


$customer = Stripe_Customer::retrieve($customer_id);



and then I fetch the source object, using the response id


$source = Stripe_Token::retrieve($form_response_id);



Step 3



I want to make sure that the fee is taken from the card the Customer is using right now, irrespective of whether or not they have visited before or not, or used the same card before or not. So I save this source to the customer:


$customer->sources->create(['source' => $source->id]);
$customer->save();



... and, although the latest source is supposed to be the default source (i.e. the one that's used), I make sure of it:


$customer->default_source = $source->card->id;
$customer->save();



Step 4



I do some local work to get fee descriptions, calculate application fees, etc. I put this altogether as a charge array, using the inititial card id I received from Stripe.js as the 'source' parameter


$charge = [
'customer' => $customer->id,
'source' => $transaction_card_id,
'amount' => $total_gross_received_cents,
'currency' => 'EUR',
'description' => $transaction_desc,
'application_fee' => $application_fee
];

$charge_obj = Stripe_Charge::create($charge, $stripe_access_token);
$charge_id = $charge_obj->id;



I then save the $charge_id in my transaction records.


$charge_id



Questions



My biggest concerns revolve around Step 3 - making sure that the right card is accepted and used. Note that:



Can I save the card as a new source for the customer every time, even if it already exists and is assigned to them? It seems to be working, and overwriting duplicate source records, but I want to be sure.



Obviously, I'm nervous about rolling out something I feel I don't fully grok yet, so if someone could give me a thumbs up or thumbs down, I be very grateful.




1 Answer
1



Here are my notes:



The card information needs to be stored safely on the side of trusted payments gateways (e.g: Stripe, PayPal). Not storing the sensitive credit card information is one of the PCI compliance requirements.



In your case, I think you can use the token. Or creating a customer and saving your customer ID for later use.



https://stripe.com/docs/saving-cards
https://stripe.com/docs/recipes/updating-customer-cards
https://stackoverflow.com/a/18377973/5179786





Thanks for that, but, to clarify - my question is rather to ensure that there is no conflict with sources on Stripe's side, not mine. Specifically, when a card is renewed. I've had 'Source already exists' errors when this happens and I want a flow that avoids this.
– Eamonn
Aug 12 at 18:04






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

-

Popular posts from this blog

make 2 or more post in bootsrap

Image
Clash Royale CLAN TAG #URR8PPP make 2 or more post in bootsrap I am making a CMS and I want to add two or more content post in every row, I can made one post in one columns, please see my code below. I am using PHP , HTML and bootstrap . CMS PHP HTML bootstrap How can I add two or more content post in every row? Code: <div class="container"> <div class="row"> <!-- Post Content Column --> <div class="col-lg-4 border border-dark rounded"> <?php $query = "SELECT * FROM POSTS"; $run_query_post = mysqli_query($connection, $query); while ($row = mysqli_fetch_assoc($run_query_post)) $post_id = $row['post_id']; $post_title = $row['post_title']; $post_author = $row['post_author']; $post_date = $row['post_date']; $post_image = $row['post_image']; $post_content = substr($row['post_content'], 0, 50); $post_status = $row['post_status']; if ($post_status !=...
Read more

Store custom data using WC_Cart add_to_cart() method in Woocommerce 3

Image
Clash Royale CLAN TAG #URR8PPP Store custom data using WC_Cart add_to_cart() method in Woocommerce 3 I am creating a membership site and totally created static pages for each Membership plans (have only 3 plans). However, I have added products for each plan and when I hit SELECT PLAN button I redirect to some custom form where I ask users range of info we are going to use to fulfil the plan (same as sneakertub.com). I have written code into the PHP page which will handle SUBMIT action of the form. This PHP file, infopage.php , will process POST data I sent via POST call and stores these all data into WC session. infopage.php $customer_name = $_POST["customer_name"]; $customer_email = $_POST["customer_email"]; $customer_sex = $_POST["customer_sex"]; $customer_age = $_POST["customer_age"]; $product_id = $_POST["product_id"]; global $wp_session; $data = array( 'customer_name' => $customer_name, 'customer_email' =...
Read more

Firebase Auth - with Email and Password - Check user already registered

Image
Clash Royale CLAN TAG #URR8PPP Firebase Auth - with Email and Password - Check user already registered I want to check when a user attempts to signup with createUserWithEmailAndPassword() in Firebase user Authentication method, this user is already registered with my app. createUserWithEmailAndPassword() 8 Answers 8 To detect whether a user with that email address already exists, you can detect when the call to createUserWithEmailAndPassword () fails with auth/email-already-in-use . I see that @Srinivasan just posted an answer for this. createUserWithEmailAndPassword () auth/email-already-in-use Alternatively, you can detect that an email address is already used by calling fetchSignInMethodsForEmail() (previous called fetchProvidersForEmail() ). fetchSignInMethodsForEmail() fetchProvidersForEmail() When the user trying to create an user with same email address, the task response will be "Response: The email address is already in use by another account." mFirebas...
Read more