#ericrueter_22046

hello! what's the error message you're seeing?

is it possible to create a Checkout Session now for me to view that error? I'll want the Checkout Session id

OK, Do you want the CS info or are you wanting something else? I have the CS info for one that works and one that doesn't in a PDF, Is there a way to atach a PDF here?

OR I can start a new one - do you just need the failure?

For a start, i'll just want the Checkout Session id where you're seeing the failure to take a look

the id prefix looks like cs_test_

OK. Give me about 5 min to get that setup.

"id": "cs_test_b10KMVo3hdevs231me1Ny8e3FhqEdHI5dMlVVQhue5x9S1b5huom0igNz8",

"client_secret": "cs_test_b10KMVo3hdevs231me1Ny8e3FhqEdHI5dMlVVQhue5x9S1b5huom0igNz8_secret_fidwbEhqYWAnPydgaGdgYWFgYScpJ2lkfGpwcVF8dWAnPydocGlxbFpscWBoJyknd2BhbHdgZnFKa0ZqaHVpYHFsamsnPydkaXJkfHYneCUl",

when you say older accounts work fine, do you mean you have other Stripe accounts?

I "wrote and support" a specialized event entry web application. I require each new event to have their own STRIPE account. This has worked fine for the last 3/4 years, but the last three or four "new" events seem to have a problem. I had to re-write my application to use the new APIs, the existing accounts use the new APIs. The new accounts however, show that failure. I hope that makes sense.\

hrm alright, can you share one Checkout Session id that has no issues i.e. no error, and also the code snippet where you're mounting the Checkout Session? I assume the code is the same for both existing and new accounts

Yes, everything uses the same code. The API keys get set when the event is selected,. I think this is what you want for the code snippet.

if that's the case, then have you tried logging the publishable API key when you load your page and the checkout session id in the developers console to verify if the key is correct for that checkout session id?

is it possible to try that out right now? and paste the last 4 of the publishable key along with the corresponding Checkout Session id?

// Common code and routines
header('Content-Type: application/json');
include_once($_SERVER['DOCUMENT_ROOT'].'/SERAMySQL.php');
include_once($_SERVER['DOCUMENT_ROOT'].'/PHPUtility/PHPMySQLUtilities.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/SOLEStripeConfig.php');
require_once($_SERVER['DOCUMENT_ROOT'].'/StripePHP/lib/Stripe.php');
setDBconnections("calendar");
// Start
$FeeAmount = $_SESSION['ccFeeAmount'];
$FeeDescription = $_SESSION['ccDescription'];
$ChargeAmount = $_SESSION['ccChargeAmount'];
$ChargeType = $_SESSION['ccChargeType'];
$ChargeFee = $_SESSION['ccChargeFee'];
unset($_SESSION['ccFeeAmount']);
unset($_SESSION['ccDescription']);
unset($_SESSION['ccChargeAmount']);
unset($_SESSION['ccChargeType']);
unset($_SESSION['ccChargeFee']);
$stripe = new \Stripe\StripeClient($StripeSecretKey);
$SERA = 'https://SERAOnline.org';
// us_bank_account card
$checkout_session = $stripe->checkout->sessions->create([
'ui_mode' => 'embedded',
'payment_method_types' => [$ChargeType,],
'line_items' => [
[
'price_data' => [
'currency' => 'usd',
'unit_amount' => $FeeAmount,
'product_data' => [
'name' => $FeeDescription,
],
],
'quantity' => 1 ,
],
[
'price_data' => [
'currency' => 'usd',
'unit_amount' => $ChargeFee,
'product_data' => [
'name' => 'Online Payment Fee',
],
],
'quantity' => 1 ,
],
],
'mode' => 'payment',
'metadata' => [
'FeeAmount' => $FeeAmount,
'ChargeFee' => $ChargeFee,
],
'return_url' => $SERA.'/SOLEStripeReturnTEST.php?session_id={CHECKOUT_SESSION_ID}',
]);
echo json_encode(array('clientSecret' => $checkout_session->client_secret));
?>

"id": "cs_test_b1ceYzsBYcHG8tmW42SOb0Y4a7Sou80biGLXlX4wJiV9F3fDXOzTxkXreI",

client_secret": "cs_test_b1ceYzsBYcHG8tmW42SOb0Y4a7Sou80biGLXlX4wJiV9F3fDXOzTxkXreI_secret_fidwbEhqYWAnPydgaGdgYWFgYScpJ2lkfGpwcVF8dWAnPydocGlxbFpscWBoJyknd2BhbHdgZnFKa0ZqaHVpYHFsamsnPydkaXJkfHYneCUl"

that's your backend code which should be fine, what about your frontend? I think what looks like an area of concern would be the publishable key which you're loading since you mentioned you switch between Stripe accounts

can you log the publishable API key when you load your page and the checkout session id in the developers console to verify if the key is correct for that checkout session id?
is it possible to try that out right now and paste the last 4 of the publishable key along with the corresponding Checkout Session id?

Conession time. While I have almost 50 years of IT experience, I retired about 10 years ago and all my "Web/PHP" experience is self-taught. I will try and get what you want, but it might take me a minute or ten.

no worries, take your time

this is a public channel, so you don't want to paste your secret key here, even if it's test mode. I've deleted your message

you may want to consider rolling your testmode secret key since it's considered compromised at this point : https://dashboard.stripe.com/test/apikeys

OK.

Do i need to repost something or part of something I guess I should say.

it'd be good if you reposted just the id and the last 4 of the logged publishable key

Last 4 of Pub E8ph ID from CS cs_test_b1unUPe9ersrhT0XV8BefdVl5EHv6GRAoOi0hhigcTbzmBMqTqR0ilGVjP

okay, interestingly, what i'm seeing from our internal logs, you aren't using the publishable key with the last4 E8ph to mount the Checkout Session cs_test_b1unUPe9ersrhT0XV8BefdVl5EHv6GRAoOi0hhigcTbzmBMqTqR0ilGVjP

you're using a different account's publishable key

if you try hardcoding the publishable key ending with last 4 E8ph in your frontend, and load the Checkout Session for cs_test_b1unUPe9ersrhT0XV8BefdVl5EHv6GRAoOi0hhigcTbzmBMqTqR0ilGVjP - i'm pretty certain it'll work fine

so somehow somewhere in your code, it's probably not using the (correct) publishable key

I think that gets set in // This is your test publishable API key.
// const stripe = Stripe("pk_test_kDvBG3sFiQ9YyQlC3vqHtzW0");
// const stripe = '<?php echo Stripe("$StripePublishKey")?>';
const stripe = Stripe("pk_test_...E8ph"
initialize();

// Create a Checkout Session as soon as the page loads
async function initialize() {
const response = await fetch("/SOLEStripeCheckoutTEST.php", {
method: "POST",
});

const { clientSecret } = await response.json();

const checkout = await stripe.initEmbeddedCheckout({
clientSecret,
});

// Mount Checkout
checkout.mount('#checkout');
}

If that is the right place, I just reran the whole code and it failed. I am not sure how to start in the middle and only run 1 section.

// const stripe = Stripe("pk_test_kDvBG3sFiQ9YyQlC3vqHtzW0"); - this was the publishable key i saw attempting to load the embedded checkout for cs_test_b1unUPe9ersrhT0XV8BefdVl5EHv6GRAoOi0hhigcTbzmBMqTqR0ilGVjP

OK, I'll spend a while making sure I have all my "program names" changed. This will take me a while. Go elsewhere. At least I now know what to look for. BUT this does not explain why the older accounts appear to work, unless they are treated differently because they were created prior to .....

it's a bit difficult to say, maybe // const stripe = '<?php echo Stripe("$StripePublishKey")?>'; -> when you were using this line, it likely wasn't loading the right Stripe Publishable key but I don't know how you're determining what key to load and where those keys are saved, so maybe that would be a good place to start

Thank you. That key is from my test event. So yes somewhere I got a hut-oh. I store the keys in a table, and use the event id to retrieve them. I'll just have to chase about 10000 lines of code now to see where / if I overwrite or reload them.

THANK YOU for your time. I am not going to make you wait on me to chase this down. I have spent more than a week trying to get this level of support - but from appearently the wrong "side", and nobody recognized that I was in the wrong place. If / when I ru into a road block with this again, do I just pick this thread back up or start a new one. I understand I moght not get you on the next go around.

the thread will usually close after a while. If you come back again and need help (even if it's with anything else), you can ask again on the main channel. We'd be happy to help! If you're using the same Discord account, we'll usually have a link to a few previous conversations too. You can feel free to share a link (https://discord.com/channels/841573134531821608/1201709609404858408) to it too in case the past conversations don't pop up automatically in a bot message