#cyberbyte_code

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1222905926743232775

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.

• cyberbyte_code, 1 hour ago, 9 messages
• cyberbyte_code, 22 hours ago, 10 messages
• cyberbyte_api, 6 days ago, 13 messages

Hello

Hi @runic shadow

I'm stuck

Can you explain more what you mean here?

I don't really understand what you are trying to do based on the above

is it possible to have a call?

so I can screenshare

No we can only use chat here

okey, I'll share screenshots and snippets then

Yep that's the best thing to do

But first just start with an overall explanation of what you are trying to do

I'm setting up a online store for someone, and I'm having issues confirming the payment before moving forward

Okay. And you are confirming server-side?

And what does "moving forward" entail?

so, first step is when you sign up, you need to pay for a subscription, and in order to register the user in the database, I need to confirm the payment was complete first

Okay sure

is it possible to do this without using webhook, or do I need to use webhook?

That depends. Are you collecting the customers payment method ahead of starting this Subscription or upon the initial payment?

Overall you are going to need Webhooks regardless with Subscriptions

And you really should use them here as well

okey, in that case. First, I'm using embedded form for all purchases

Embedded form meaning Embedded Stripe Checkout?

I'm using php and javascript btw

this is what I've done on the test-server, and it's working

require_once 'vendor/autoload.php';

if (!isset($_SESSION['p'])) {
    echo json_encode(array('error' => 'Invalid data provided'));
    exit();
} else {
    $priceCode = $_SESSION['p'];
}

$YOUR_DOMAIN = 'http://dev.skybyn.no/smietarot';

$stripe = new \Stripe\StripeClient($stripeSecretKey);
header('Content-Type: application/json');

$checkout_session = $stripe->checkout->sessions->create([
    'ui_mode' => 'embedded',
    'line_items' => [[
        'price' => "price_1Oyi1QEFeu1ksCMiKVehgGdw",
        'quantity' => 1,
    ]],
    'mode' => 'subscription',
    'return_url' => $YOUR_DOMAIN . '/bli-medlem?betalt',
]);

$price = $stripe->prices->retrieve(
    $priceCode,
    []
);
$priceAcmount = $price->unit_amount;
$priceCurrency = $price->currency;
$priceMethods = $price->payment_methods;
$paymentIntent = $stripe->paymentIntents->create([
    'amount' => $priceAcmount,
    'currency' => $priceCurrency,
    'automatic_payment_methods' => ['enabled' => true],
]);
$paymentIntentId = $paymentIntent->id;
$receiveIntent = $stripe->paymentIntents->retrieve(
    $paymentIntentId,
    []
);
$paymentStatus = $stripe->paymentIntents->confirm(
    $paymentIntentId,
    [
      'payment_method' => 'pm_card_visa',
      'return_url' => $YOUR_DOMAIN,
    ]
);

$_SESSION['signup_paymentStatus'] = $paymentStatus->status;

echo json_encode(array('clientSecret' => $checkout_session->client_secret));```

Yeah you are confusing things a bit here

You don't confirm the PaymentIntent yourself when using a Checkout Session

That is all done for you

I know that, but I need to send the intent id to confirm the status before going to the next step

Why?

in order for the website to know the payment was successful, I need something to confirm with

else, anyone could just skip ahead if they know how to

Yeah but you don't need the PaymentIntent at all

that may be, so correct me please 🙂

You can just check the Session's status to know whether it was successful (see: https://docs.stripe.com/billing/subscriptions/build-subscriptions?platform=web&ui=embedded-form#handle-the-session)

Then you also want to use Webhooks for the actual provisioning

You listen for customer.subscription.updated to know the status of the Subscription

When it moves to active then you provision

Sorry, I don't understand

the session status?

I'm new to 3rd party codes, so please be specific with me 😅

Yes, the Checkout Session's status. In your code that would be $checkout_session -> status

yes?

Ah it doesn't look like you are adding the {CHECKOUT_SESSION_ID} URL param to your return_url

That is likely why you are confused

See: https://docs.stripe.com/billing/subscriptions/build-subscriptions?platform=web&ui=embedded-form#create-a-checkout-session

when I navigate to the checkout.php file, and echo the $checkout_session -> status I get "open"

Right that is because the Session hasn't been completed yet.

Once completed, there is a redirect to your return URL

how so?

Have you tested this out yet?

{CHECKOUT_SESSION_ID} you mean?

Yeah, see the example at the link above. It would look like 'return_url' => 'https://example.com/checkout/return?session_id={CHECKOUT_SESSION_ID}',

Then your return URL will contain the Checkout Session ID as a URL param

Which you can grab and use to show a confirmation page

sure, but how do I use that id to confirm anything?

Well you can check the status of the Checkout Session or retrieve whatever information you want using that ID

But really, if they make it to your return URL then the session was successful

so, by using the session id, the session will automatically close?

No that happens by default on completion. The Session ID is what you can use to get specific information client-side about that Checkout Session

Have you tested out completing a Checkout Session on your page yet?

as long as you're providing the stripe script tag on the page

To see what happens?

I have, with the code I provided before, it's working

this is the code I'm using on the signup page

        // Redirect to another page or perform further actions
        echo "<script>window.location.replace('bli-medlem?betaling');</script>";
        exit();
    }
    
    if (isset($_GET['betalt'])) {
        $paymentStatus = $_SESSION['signup_paymentStatus'];
        if ($paymentStatus == "succeeded") {}
    }```

Okay let's pause and backup. I think we are confusing things here a bit.

Your question primarily is how to know when a Subscription is activated so you know to provision your product, right?

no, my question is to know how to verify a payment has been completed successfully

Okay really those things are synonymous. But the simple answer is that whenever your return URL is hit, the payment was completed.

If you are using async payment method types (like bank debits), then you would need to wait for a payment_intent.succeeded Event to know that the payment was actually successful, which can take a few days with these async payment method types.

okey, so the payment itself can take days before it's successful?

For async payment methods (like bank debits), yes.

what if.. let's say someone is signing up, they go through the payment and pays normally, they see the url and understand how the return url looks like. They don't really want to pay more, but still want's to get access. So they go to the payment page again later, and instead of going through the payment part, they manually navigate to the return url, with a random invalid session id, then the website thinks it's valid without confirming it, and they get the product.

Yeah that's why I said before that you only provision your product based on Webhooks

okey, so how would I use the webhook?

You also want to do that because it is very possible that your customer completes the Checkout Session but then closes their browser and never makes it to your return URL

You listen for customer.subscription.updated and look at the status of the Subscription

this is where I'm falling off..

you'll have to identify customer to use that right?

how does it work with a normal payment?

Hi taking over here

What do you mean by this question? If it's not a subscription payment, you can listen for payment_intent.succeeded

that's what I do, and that's working, but not for live environment

btw, I'm not uing webhook, because I don't understand how to use it

@stable crane I mentioned my code before you came in, want me to share again?

it's this

My question is what did you mean by this?

you'll have to identify customer to use that right?
how does it work with a normal payment?```

that I'm falling off, I don't understand it

and that using customer.subscription.updated is for subscriptions, what about payment

Have you read our webhook docs

It's payment_intent.succeeded

As I said before

https://docs.stripe.com/payments/handling-payment-events

Also: https://docs.stripe.com/webhooks

I'm not sure if I should ask you about this, but how do I use the webhook.php?

Are you a developer?

yeah, but don't feel like it right now 🤣

It's ok

Recommend reading that whole doc though

Have you already done that?

It should be a bit more clear if you read it in its entirety

Specifically that second link I shared

okey

the docs is talking about all the different codes in so much details, and the snippets are fine, but I don't understand any of it

What don't you understand

I've used this, and it's great, but I don't understand how to use the file the way I intend to

What do you mean

It's just an endpoint on your server

to confirm the payment was complete

It needs to be deployed

Can you be more specific?

deployed? with CLI?

Yeah a webhook endpoint needs to be live. On your server

However

I don't know what server/cloud environment you're using

So I can't advise there

I can help with Stripe questions

I'm using a dedicated home-hosted server for testing, but the website does not have this available, as far as I've checked

The doc I shared shows you how to test locally at home without deploying in test mode

all I want to do, is use the API's to check the status of the payment by it's id to confirm that it's been successful in order to update the database for the client

So you don't want to use webhooks?

if possible, not at all

Ok

It's not recommended

Your integration won't be very robust

But that's your choice

okey, tell me

https://docs.stripe.com/api/payment_intents/retrieve

That's your endpoint

You can just check the status returned: https://docs.stripe.com/api/payment_intents/object#payment_intent_object-status

yes, this is what I've tried, and it's working on test server, but not on live environment

What isn't working

I need specifics

of course

this is the code I've been using:

header('Content-Type: application/json');

$checkout_session = $stripe->checkout->sessions->create([
    'ui_mode' => 'embedded',
    'line_items' => [[
        'price' => "price_1Oyi1QEFeu1ksCMiKVehgGdw",
        'quantity' => 1,
    ]],
    'mode' => 'subscription',
    'return_url' => $YOUR_DOMAIN . '/bli-medlem?betalt',
]);

$price = $stripe->prices->retrieve(
    $priceCode,
    []
);
$priceAcmount = $price->unit_amount;
$priceCurrency = $price->currency;
$priceMethods = $price->payment_methods;
$paymentIntent = $stripe->paymentIntents->create([
    'amount' => $priceAcmount,
    'currency' => $priceCurrency,
    'automatic_payment_methods' => ['enabled' => true],
]);
$paymentIntentId = $paymentIntent->id;
$receiveIntent = $stripe->paymentIntents->retrieve(
    $paymentIntentId,
    []
);
$paymentStatus = $stripe->paymentIntents->confirm(
    $paymentIntentId,
    [
      'payment_method' => 'pm_card_visa',
      'return_url' => $YOUR_DOMAIN,
    ]
);

$_SESSION['signup_paymentStatus'] = $paymentStatus->status;```

BUT, the 'pm_card_visa' is only for test environments

and to get this working live, I need that part

Why do you create a checkout session and a payment intent?

You really should only need one or the other

how do I get the payment_intent_id without the first one?

Are you wanting to create 2 payments?

I'm just confused why you have checkout and payemnt intent

Checkout sessions generate payment intents themself

I thoguht so, but I was getting error messages when I tried only that, let me try again

so what would the code need to be?

Let's slow down here. One step at a time. What are you building? How many payments are you trying to accept

an online store, one payment at the time

really simple

I thought 🤣

So why is your checkout session in subscription mode?

'mode' => 'subscription',

yes, because the signup is a subscription, the products are payment

What does that mean

you can sign up, and the registration is a membership, the membership is a subscription. but the website also has products that are normal payments

Ah ok

So the customer checks out once and buys a subscription

Then they can optionally check out again and buy products?

yes

And the code you shared with me is just supposed to be the subscription piece?

yes

for starters

Gotcha. And you want to use embedded checkout, correct?

correct

I AM using embedded 😄

so all I need to know/understand, is what codes I need to use to confirm the payment for each checkout

You don't need to confirm it

The customer does that by clicking the pay button

That's the advantage of embedded checkout

The stripe-hosted portion handles most everything

See: https://docs.stripe.com/billing/subscriptions/build-subscriptions?platform=web&ui=embedded-form&lang=php

yeah, but in order to update the database for the website I need to verify, right?

Yeah I hate to tell you, that's what webhooks are for

Webhooks would be the easiest in this flow I'm afraid

I get that, but if I am unable to use webhooks, what then?

I'm stuck?

Kinda. You could have code built around your return url

But that's very risky

Customer may never reach it

Or customers could find out that all they have to do to have access provisioned is reach your return url

what do you mean built around?

It's not a very good coding practice at all

I mean provision access to them once they reach the return url from Checkout

But that's super insecure and risky

Have you tried webhooks?

Have you read that entire guide I sent you?

I've tried webhooks yes, but not a way I am comfortable with 😅

not yet

I'll need my partner to do this

so there are no way except webhooks to check if a payment was successful after a checkout using api?

No

You can use return url like I said

I'm just saying that it's HIGHLY not recommended

You'll likely run into tons of issues once you go live

With some folks not having subscriptions provisioned

I recommend you build it right once tbh

got it

okey, thanks

so in order for a webhook to work, you'll need to deploy a terminal to send and/or receive the data right?

I don't know what deploy a terminal means

You just need a webhook endpoint available at a public url

what do you mean by "deploy"?

?

You said deploy

What does that mean

like i have no idea what you mean by deploy a terminal

You just need an endpoint on your server that's publicly reachable by us to send events to

you said deploy here

Referring to your server, yes

That's standard terminology in software dev for pushing a website/server to production

okey, so a public web address that can be used as an api?

It won't be a webpage

It's just exposing an endpoint on your server for POST requests only

That we can reach

okey, sure, I think we speak in different languages, but I'm starting to understand now 🤣

so this webhook, it's like the example provided on your docs page, used to receive post requests and return some data right?

I'm using standard terminology for the industry/software dev

yes

great, that's also how an api works, so we're good

It is an api

It's an api endpoint that we, Stripe, hit on your server

yes, I've figured that now, so how would I set this webhook up for the payment confirmation to work?

Have you read the docs I sent? They cover all this

Here's a quickstart you can reference as well: https://docs.stripe.com/webhooks/quickstart