The form is submitted to pay.php
<?php
session_start();
if(isset($_POST['submit'])) {
$purpose = $_POST["product"];
//$amount = $_POST["amount"];
$name = $_POST["name"];
$_SESSION["surname"] = $_POST["surname"];
$_SESSION["parentname"] = $_POST["parentname"];
$_SESSION["femalename"] = $_POST["femalename"];
$_SESSION["mothername"] = $_POST["mothername"];
$_SESSION["fathername"] = $_POST["fathername"];
$_SESSION["style"] = $_POST["style"];
$phone = +919999999999;
$email = $_POST["email"];
$_SESSION["date"] = $_POST["date"];
$_SESSION["femaledate"] = $_POST["femaledate"];
$_SESSION["time"] = $_POST["time"];
$_SESSION["femaletime"] = $_POST["femaletime"];
$_SESSION["place"] = $_POST["place"];
$_SESSION["femaleplace"] = $_POST["femaleplace"];
$_SESSION["sex"] = $_POST["sex"];
$_SESSION["lang"] = $_POST["lang"];
$_SESSION["relegion"] = $_POST["religion"];
if ($purpose == 'Personal Horoscope') {
$amount = 1500;
}
elseif ($purpose == 'Marriage Horoscope') {
$amount = 500;
}
elseif ($purpose == 'Career Horoscope') {
$amount = 1400;
}
elseif ($purpose == 'Education Horoscope') {
$amount = 800;
}
elseif ($purpose == 'Wealth Horoscope') {
$amount = 300;
}
elseif ($purpose == 'Yearly Horoscope') {
$amount = 1100;
}
elseif ($purpose == 'Horoscope Compatibility') {
$amount = 190;
}
elseif ($purpose == 'Babyname Finder') {
$amount = 500;
}
elseif ($purpose == 'Gemstone Recommendation') {
$amount = 500;
}
elseif ($purpose == 'Numerology Report') {
$amount = 500;
}
else{
echo "Please do not fiddle!";
//exit();
}
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://test.instamojo.com/api/1.1/payment-requests/');
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER,
array("X-Api-Key:test_7a742d064a558a80efc166a1108",
"X-Auth-Token:test_e3c345ceef889751304b819ace2"));
$payload = Array(
'purpose' => $purpose,
'amount' => $amount,
'phone' => $phone,
'buyer_name' => $name,
'redirect_url' => 'https://www.example.com/thankyou.php',
'send_email' => false,
'webhook' => 'https://www.example.com/webhook.php',
'send_sms' => false,
'email' => $email,
'allow_repeated_payments' => false
);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($payload));
$response = curl_exec($ch);
curl_close($ch);
//echo $response;
$payment = json_decode($response,true);
$successdata = $payment['payment_request'];
echo "<script>location='".$successdata['longurl']."'</script>";
?>
user is then redirected to payment gateway. After payment user is redirected to thankyou.php where i can echo session variables.
webhook.php
<?php
session_start();
error_reporting(E_ALL);
$data = $_POST;
$mac_provided = $data['mac']; /* Get the MAC from the POST data*/
unset($data['mac']); /* Remove the MAC key from the data. */
$ver = explode('.', phpversion());
$major = (int) $ver[0];
$minor = (int) $ver[1];
if($major >= 5 and $minor >= 4){
ksort($data, SORT_STRING | SORT_FLAG_CASE);
}
else{
uksort($data, 'strcasecmp');
}
/* You can get the 'salt' from Instamojo's developers page(make sure to log in first): https://www.instamojo.com/developers*/
/* Pass the 'salt' without the <>.*/
$mac_calculated = hash_hmac("sha1", implode("|", $data), "6d9093bc43984665b0f13f111ee9d404");
if($mac_provided == $mac_calculated){
if($data['status'] == "Credit"){
/* Payment was successful, mark it as completed in your database */
$to = '[email protected]';
$subject = 'Website Payment Received from ' .$data['buyer_name'].'';
$message = "<h1>Payment Details</h1>";
$message .= "<hr>";
$message .= '<p><b>ID:</b> '.$data['payment_id'].'</p>';
$message .= '<p><b>Amount:</b> '.$data['amount'].'</p>';
$message .= '<p><b>Instamojo Fee:</b> '.$data['fees'].'</p>';
$message .= '<p><b>Purpose:</b> '.$data['purpose'].'</p>';
$message .= "<hr>";
$message .= '<p><b>Name:</b> '.$data['buyer_name'].'</p>';
$message .= "<p><b>Surname:</b> ".$_SESSION['surname']."</p>";
$message .= '<p><b>Mother Name:</b> '.$_SESSION['mothername'].'</p>';
$message .= '<p><b>Father Name:</b> '.$_SESSION['fathername'].'</p>';
$message .= '<p><b>Parents Name:</b> '.$_SESSION['parentname'].'</p>';
$message .= '<p><b>Female Name:</b> '.$_SESSION['femalename'].'</p>';
$message .= '<p><b>Email:</b> '.$data['buyer'].'</p>';
$message .= '<p><b>Phone:</b> '.$data['buyer_phone'].'</p>';
$message .= '<p><b>Style:</b> '.$_SESSION['style'].'</p>';
$message .= '<p><b>Date of Birth:</b> '.$_SESSION["date"].'</p>';
$message .= '<p><b>Female DoB:</b> '.$_SESSION['femaledate'].'</p>';
$message .= '<p><b>Time of Birth:</b> '.$_SESSION['time'].'</p>';
$message .= '<p><b>Female Time of Birth:</b> '.$_SESSION['femaletime'].'</p>';
$message .= '<p><b>Place of Birth:</b> '.$_SESSION['place'].'</p>';
$message .= '<p><b>Female Place of Birth:</b> '.$_SESSION['femaleplace'].'</p>';
$message .= '<p><b>Sex:</b> '.$_SESSION['sex'].'</p>';
$message .= '<p><b>Language:</b> '.$_SESSION['lang'].'</p>';
$message .= '<p><b>Religion:</b> '.$_SESSION['religion'].'</p>';
$message .= "<hr>";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
// send email
mail($to, $subject, $message, $headers);
}
else{
/* Payment was unsuccessful, mark it as failed in your database*/
echo "Payment failed!";
}
}
else{
echo "Invalid MAC passed";
}
?>
thankyou.php
<?php
session_start();
$pay_id=$_REQUEST['payment_id'];
$req=$_REQUEST['payment_request_id'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://test.instamojo.com/api/1.1/payments/'.$pay_id.'/');
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_HTTPHEADER,
array("X-Api-Key:test_7a742d064a558a80efc166a1108",
"X-Auth-Token:test_e3c345ceef889751304b819ace2"));
$response = curl_exec($ch);
curl_close($ch);
//echo $response;
$json=json_decode($response,TRUE);
if($json['success']==true){
echo "<p> </p>";
echo "Payment successful!<br><br>";
echo "You will receive your premium horoscope within 24 hours.";
echo "<p> </p>";
$surname = $_SESSION["surname"];
echo $surname;
echo $_SESSION["date"];
$status=$json['payment'];
//email
}
else{
echo "Payment failed!";
}
// remove all session variables
session_unset();
// destroy the session
session_destroy();
?>