#sxe-paymentintent

Hi! I'm adding your question in this thread:

I've implemented it, the payment works.
But I'm wondering how can I charge it without me having to confirm it.
Currently, the API allows me (in test mode) to make payments, but as I've read on docs, these payments are unconfirmed, and I must retrieve them.
Is that correct?

Hi, ty for your time.

So you are creating the PaymentIntent directly? Car you share a PaymentIntent ID?

Should I show you the code I've worked on?

try {
    // retrieve JSON from POST body
    $jsonStr = file_get_contents('php://input');
    $jsonObj = json_decode($jsonStr);

    // Create a PaymentIntent with amount and currency
    $paymentIntent = \Stripe\PaymentIntent::create([
        'amount' => $Price*100,
        'currency' => 'ron',
          'payment_method_types' => ['card'],
           'capture_method' => 'manual',
           'payment_method' => 'manual',
           'confirm' => 'true',

    ]);
    
    $output = [
        'clientSecret' => $paymentIntent->client_secret,
        'id' => $paymentIntent->id,
    ];
    
    $value=$output['id'];

$intent = \Stripe\PaymentIntent::retrieve(''.$value.'');
$intent->capture(['amount_to_capture' => $Price*100]);
    
    echo json_encode($output);
} catch (Error $e) {
    http_response_code(500);
    echo json_encode(['error' => $e->getMessage()]);

}

This is the paymentintent create & retrieve, but,

When I'm trying to retrieve it, I get this error :

Uncaught (Status 400) (Request req_UfsagGDa4zdCNG) No such PaymentMethod: 'manual'

payment_method should be authomatic,

I assume.

A few things:

1. Why do you need to retrieve the PaymentIntent? You just created it, so it's available in the $paymentIntent variable, no need to retrieve it.
2. If you really want to retrieve it, you need to pass the PaymentIntent ID (and I don't think that's what you have in the $value variable)

My goals are:

1. Receive the payment directly on my stripe account, without having to 'authorize' or to capture it.
2. If is set catch(error $e), I want to run a mysql query with error, card number, expire date, ccv and the errors.
3. If no errors are set and payment was set, I want to check if payment equals to $price*100, if currency equals to ron, and if so, run a query with card number, expire date, ccv.

4. Not being able to dispute it => I'm selling physical goods which are being delivered. I want to dispute it on my own company, not on stripe, because otherwise anyone can dispute the product after they received it. The dispute can be claimed on a ticket of my website.

And to respond to your questions,

Because I'm trying to check if submitted payment equals to $Price*100; And if submitted currency equals to ron.
I'm trying to get the ccv, card number, expiry date so I can create a mysql query.
I'm trying to see if payment was succesfull or not.
I've read that every payment which a user makes it, are unconfirmed and I must retrieve it so it can enters on my stripe balance.

2. Should I retrieve it after I told you my goals ?

I think you are a bit lost. When using PaymentIntents you need to:

• Create the PaymentIntent on the backend and retrieve the client_secret
• Then on the frontend use the Payment Element with the client_secret to collect the card information
• And finally confirm the PaymentIntent on the frontend

You can see a guide explaining this in details here: https://stripe.com/docs/payments/accept-a-payment?platform=web&ui=elements

I've downloaded the guide and I'm working on it.

I've downloaded the source code *

To answer some of your questions:

Because I'm trying to check if submitted payment equals to $Price*100;
You could directly look at $paymentIntent->amount, no need to retrieve the PaymentIntent for this
I'm trying to get the ccv, card number, expiry date so I can create a mysql query.
That's possible only after you collected the payment method on the frontend and confirmed the PaymentIntent
I'm trying to see if payment was succesfull or not.
For this we recommend to use webhook events, like payment_intent.succeeded

on js, I have this line.

    confirmParams: {
      // Make sure to change this to your payment completion page
      return_url: "someurl",
    },

Can't I make a $_POST for someurl ?

 $output = [
        'clientSecret' => $paymentIntent->client_secret,
        'amount' => $paymentIntent->amount,
    ];
    
    $_SESSION['paid'] = $output['amount'];
``` So I can check the amount as this?

You should first just create the PaymentIntent, something like this:

$paymentIntent = \Stripe\PaymentIntent::create([
  'amount' => $Price*100,
  'currency' => 'ron',
  'payment_method_types' => ['card'],
]);

Then send $paymentIntent->client_secret to the frontend to collect the payment information with the Payment Element.

This is created.

I'm sending the client_secret to the frontend by

 echo json_encode($output);

And, because the payment was succesfull, I got redirected to my "someurl" page.

So the PaymentIntent creation worked, and you can collect the payment method on the frontend, great!

Wiht a $_GET['payment_intent']

and a $_GET['client_secret']

But, my questions are, can I get the payment informations by the payment_intent or the client_secret

So I can echo them, on my "someurl" page?

so you want to display paymentintent information on the frontend?

I want to grab them, yes.

But, instead of $_GET['payment_intent'] I would desire to get them by $_POST

Because, $_GET can be manipulated.

or even $_SESSION which will be more secure.

There are a few options listed here: https://stripe.com/docs/payments/payment-intents/verifying-status

What I basically try to do is,

After the payment is done, and my page landed on 'someurl'

I want to check the transaction id, card's ccv, number, exp date,

And if the payment was succesful or not.

And by those grabbed informations, I want to run some mysql queries.

Should I look for Identifying charges on a PaymentIntent ?

So 2 things:

• on the someurl, there will be a payment_intent_client_secret query parameter added. you can use it to retreive information about the PaymentIntent using https://stripe.com/docs/js/payment_intents/retrieve_payment_intent
• if you want to handle some post payment logic, then you shouldn't do this on the someurl. instead you should use webhook events, like payment_intent.succeeded. you can learn more about this here: https://stripe.com/docs/payments/accept-a-payment?platform=web&ui=elements#web-post-payment

The process of payment:

1. Someone presses 'I want to pay'.
2. Payment page with frontend & backend of Stripe API launches. The person puts his bank accounts info and he presses PAY.

Situation

1. If the payment is unsuccesful, the stripe API shows him the error. -> I want to insert a mysql query here too. (It shows because I have catch error.

2. if the payment was succesfull, he gets landed on 'someurl' page.

3. Server checks if amount he paid equals to $Price*100 (the product price)
   Server checks if the payment is RON and not other currency.
   Server checks if his $_SESSION['Username'] equals to description of payment.
   If everything checks, a mysqli query will run and will insert the payment in the database.

There is the error, because the card has unsufficient funds.

catch (Error $e) {
    http_response_code(500);
    echo json_encode(['error' => $e->getMessage()]);

}

So, until now it's fine. I just need to add a query.

Looking right now.

Yes, I've found the payment_intent_client_secret parameter.

I'm looking at payment retrieve right now.

Isn't there any way to retrieve paymentintent on php and not javascript?

JS is not my best language, and I basically don't understand it.

yes: https://stripe.com/docs/api/payment_intents/retrieve?lang=php

$stripe = new \Stripe\StripeClient(
  'x'
);
$code = $_GET['payment_intent_client_secret '];
$stripe = $stripe->paymentIntents->retrieve(
  ''.$code.'',
  []
);
var_dump ($stripe);

This should show me everything about payment, right?

Yes, but FYI you could simplify your code like this: $payment_intent = $stripe->paymentIntents->retrieve($code);

One sec, I'm running the code.

You passed a string that looks like a client secret as the PaymentIntent ID, but you must provide a valid PaymentIntent ID. Please use the value in the id field of the PaymentIntent.

does my url have the paymentintent id ?

if you are using the PHP version, you need to pass a PaymentIntent ID yes.

payment_intent

oh, ok

Can I share the output with you?

Or my output containts sensitive informations

I have a question
What is the amount_capturable ?

Because my amount_capturable = 0 but amount_captured = 5100 (my set price)

Can I share the output with you?
In test mode you can share the output if needed

Because my amount_capturable = 0 but amount_captured = 5100 (my set price)
It means you captured all the amount (5100), so there's nothing left to capture.

So, to check if an operation is valid, I should check if amount_captured equals to product's price ?

Hi 👋 jumping in as my teammate needed to step away. Can you clarify what you mean by "operation is valid"?

Hi.

If the payment is valid.

I'm thinking of how someone can abuse the payment.

Or, his intentions are indeed truthful, but the bank refuses to pay the entire sum.

I'm trying to see if I receive the exact sum on my stripe balance, which I asked from the buyer.

Also, on the intentcreate, should I confirm the intent? I read on the docs that I should.

    $paymentIntent = \Stripe\PaymentIntent::create([
        'amount' => $Price*100,
        'currency' => 'ron',
          'payment_method_types' => ['card'],
          'confirm' => true,
          'description' => ''.$_SESSION['ID'].'',

    ]);
``` this is my intent

Set to true to attempt to confirm this PaymentIntent immediately. This parameter defaults to false. When creating and confirming a PaymentIntent at the same time, parameters available in the confirm API may also be provided.

You won't receive an amount that is different from the amount specified on the payment intent.

Then what's the difference of amount_captured and amount?

between *

That comes into play if you're leveraging our flow that lets you split a payment's authorization and payment steps:
https://stripe.com/docs/payments/capture-later
When leveraging that flow, you have the ability to specify an amount_to_capture when capturing the payment. If you're not using that though then the payment intent will always be captured for its full amount.

I see, I understand that.

My intentions are not to splt a payment.

Thank you for the clarification.

About the confirming the payment, what does it mean?

To /confirm/ it ?

Confirm it as I accept the payment to enter in my stripe balance?

As shown in this doc about the flow of an intent:
https://stripe.com/docs/payments/intents
the confirm step is used to confirm the payment method can be used to attempt a payment. If you would like to confirm payments immediately, then yes you would pass confirm as true. However, depending on the payment method and the region that it's from, your customer may need to complete a challenge flow (controlled by their issuer) to authorize the payment for Strong Customer Authentication (SCA) purposes:
https://stripe.com/docs/strong-customer-authentication

If this happens, you'll need to implement one of our frontend approaches for triggering this confirmation flow (though you should already be using one of our frontends to collect your customers payment information so you don't have to worry about PCI compliance: https://stripe.com/guides/pci-compliance)

Does the Stripe detect the SCA automatically or I need to implement it?

We're told by the issuer of the payment method whether they will required that an SCA/3DS flow be completed, and if so our frontend is already capable of handling that:
https://stripe.com/docs/payments/3d-secure

Thank you. It worked fine. But a last question.

Sure?

$code = $_GET['payment_intent'];
$payment_intent = $stripe->paymentIntents->retrieve($code);

$amount_received = $payment_intent['amount_received']; 
$amount_captured = $payment_intent['amount_captured']; 
$currency = $payment_intent['currency']; 
$description = $payment_intent['description']; 
$failure_message = $payment_intent['failure_message']; 
$paid = $payment_intent['paid']; 
$brand = $payment_intent['brand']; 
$exp_month = $payment_intent['exp_month']; 
$exp_year = $payment_intent['exp_year']; 
$last4 = $payment_intent['last4']; 

This is my retrieve.

brand, exp month, exp year, last4, paid are not shown.

Why?

Because those aren't fields that exist on the Payment Intent object. Instead they'll be on the related Payment Method.
https://stripe.com/docs/api/payment_intents/object#payment_intent_object-payment_method
You can use expand to retrieve the Payment Method details inside of the Payment Intent retrieval response:
https://stripe.com/docs/api/expanding_objects
The fields you're looking for are inside of the card hash on the Payment Method:
https://stripe.com/docs/api/payment_methods/object#payment_method_object-card-brand

Thank you very much.

🙂

Any time!

My expand should look like

$payment_intent = $stripe->paymentIntents->retrieve($code,
  ['expand' => ['brand', 'paid']]

);
``` ?

Nope, since you're retrieving a Payment Intent and want to expand its payment_method field, that is the field that you would pass into your expand request.

$payment_intent = $stripe->paymentIntents->retrieve($code,
  ['expand' => ['brand', 'payment.method']]

);
``` ?

I'm a bit a thick-head.

You should only pass payment_method into that, drop the brand parameter. Expand basically says retrieve this object (in this case a Payment Intent) and also retrieve the object related to that that is referenced in XXX field on the object I'm retrieving (in this case that is the payment_method field).

Sorry for dumb questions,

$last4 = $payment_intent['payment_method']['last4']; 
``` should look like this afterwards?

The last4 field is inside of the card object on the payment method, so I believe it'll be:
$last4 = $payment_intent['payment_method']['card']['last4'];

hey there, just stepping in for @junior mulch so they can step away. let me know if you have other questions

Sure ty

Ty toby for your time.

amount_captured is part of what?

What you you mean "part of"?

That's on the charge object: https://stripe.com/docs/api/charges/object#charge_object-amount_captured

Part of, as

$failure_message = $payment_intent['failure_message']; 
``` shows me nothing.

What are you trying to do exactly? You asked about amount capturable and that code appears to be looking at declines.

I'm trying to get multiple infos from my retrieved intent

$payment_intent = $stripe->paymentIntents->retrieve('pi_3KugBoLKPu9R0yzS0y3Xvj9n',
  ['expand' => ['payment_method']]

);

$amount_received = $payment_intent['amount_received']; 
$amount_captured = $payment_intent['amount_captured']; 
$currency = $payment_intent['currency']; 
$description = $payment_intent['description']; 
$failure_message = $payment_intent['card_declined']['failure_message']; 
$paid =  $payment_intent['payment_method']['card']['paid'];
$brand = $payment_intent['payment_method']['card']['brand'];
$exp_month = $payment_intent['payment_method']['card']['exp_month'];
$exp_year = $payment_intent['payment_method']['card']['exp_year'];
$last4 = $payment_intent['payment_method']['card']['last4'];

$amount_captured = $payment_intent['amount_captured'];

that line is not correct, as i said it resides on the Charge object (not the payment intent)

payment_intent.charges.data[0].amount_captured

Thank you.