Want to see demo?
We start the integration process first by registering an account with the PayUmoney. Straight after registration we should generate a Merchant key and Merchnat salt which can be found at account dashboard.
Now, payumoney provides two modes of operation first is test mode. In test mode we test the code for demo transaction and when we are are assured of everything is runnning fine, we can go live then.
Test & Live credentials are now same present under Payu Dashboard with difference in Base URL:
Here, in this article I will edit the codes to some extent according to our needs and convenience.
User starts the payment clicking on Pay button
In this page user fills his details and clicks on Pay button to proceed for the final payment. As soon as user ckiks the button a new screen appears where user his enter bank/card details and completes the payment. In this page I have hidden two fields merchant key and salt. Because user need not know these two fields, so for simplicity I have hidden these two fields.
Now depending upon the Merchant key, Merchant salt, product price and product id, a hash value is generated and sent to the Payumoney. This hash is actually a checksum of above fields to prevent "Man in the Middle attack". Merchant sends the hash value with each transaction request to the payumoney. Payumoney receiving all the details along with checksum examines the integrity of transaction, processes the transaction and sends the response back to the merchnat along with a checksum. So, the security in any tarnsaction is maintained by hash value generated at both end client and server.
index.php
Merchant verifies the transaction
When merchant receives the checksum sent by payumoney, compares it with own local copy of checksum. If both copy matches then transaction is successful otherrwise transaction failure message appears.response.php
<?php $postdata = $_POST; $msg = ''; if (isset($postdata ['key'])) { $key = $postdata['key']; $salt = $postdata['salt']; $txnid = $postdata['txnid']; $amount = $postdata['amount']; $productInfo = $postdata['productinfo']; $firstname = $postdata['firstname']; $email = $postdata['email']; $udf5 = $postdata['udf5']; $mihpayid = $postdata['mihpayid']; $status = $postdata['status']; $resphash = $postdata['hash']; //Calculate response hash to verify $keyString = $key.'|'.$txnid.'|'.$amount.'|'.$productInfo.'|'.$firstname.'|'.$email.'|||||'.$udf5.'|||||'; $keyArray = explode("|",$keyString); $reverseKeyArray = array_reverse($keyArray); $reverseKeyString = implode("|",$reverseKeyArray); $CalcHashString = strtolower(hash('sha512', $salt.'|'.$status.'|'.$reverseKeyString)); if ($status == 'success' && $resphash == $CalcHashString) { $msg = "Transaction Successful and Hash Verified..."; //Do success order processing here... } else { //tampered or failed $msg = "Payment failed for Hasn not verified..."; } } else exit(0); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>PayUmoney BOLT PHP7 Kit</title> </head> <style type="text/css"> .main { margin-left:30px; font-family:Verdana, Geneva, sans-serif, serif; } .text { float:left; width:180px; } .dv { margin-bottom:5px; } </style> <body> <div class="main"> <div> <img src="images/payumoney.png" /> </div> <div> <h3>PHP7 BOLT Kit Response</h3> </div> <div class="dv"> <span class="text"><label>Merchant Key:</label></span> <span><?php echo $key; ?></span> </div> <div class="dv"> <span class="text"><label>Merchant Salt:</label></span> <span><?php echo $salt; ?></span> </div> <div class="dv"> <span class="text"><label>Transaction/Order ID:</label></span> <span><?php echo $txnid; ?></span> </div> <div class="dv"> <span class="text"><label>Amount:</label></span> <span><?php echo $amount; ?></span> </div> <div class="dv"> <span class="text"><label>Product Info:</label></span> <span><?php echo $productInfo; ?></span> </div> <div class="dv"> <span class="text"><label>First Name:</label></span> <span><?php echo $firstname; ?></span> </div> <div class="dv"> <span class="text"><label>Email ID:</label></span> <span><?php echo $email; ?></span> </div> <div class="dv"> <span class="text"><label>Mihpayid:</label></span> <span><?php echo $mihpayid; ?></span> </div> <div class="dv"> <span class="text"><label>Hash:</label></span> <span><?php echo $resphash; ?></span> </div> <div class="dv"> <span class="text"><label>Transaction Status:</label></span> <span><?php echo $status; ?></span> </div> <div class="dv"> <span class="text"><label>Message:</label></span> <span><?php echo $msg; ?></span> </div> </div> </body> </html>
If you face any issue while implementing the code, you can contact me. Thanks for patient reading. If you like this article, share with your friends. It will inspire me to write more.