I connect the payment to the site. Immediately after the successful payment of the client throws on the site, where I check the transaction code and do everything necessary. But if he paid, where he was billed for payment, my site will not be redirected, he will pay the bill and that's it. How can I check what he paid for?

  • one
    On the account - if the money came, it means paid. - Mihanik71
  • 2
    check the fact of payment on the page where the client sends after payment - in the root is not true! do not do that! check, most likely, the payment system connected by you is able to report the result of the payment to the url specified by you. Request backend backend, without the participation of the client. - Ivan Pshenitsyn
  • @IvanPshenitsyn write a normal answer, please - strangeqargo

1 answer 1

First of all, I want to caution: do not implement the payment confirmation in the code of the page where the customer sends the payment system (hereinafter PS) after payment. This threatens with serious problems with payment, which will appear, most likely, only with a real stream of customers.

(retreat: our team quite recently faced a similar problem with one of the large regular customers. PayPal buyers were not regularly recorded. This lasted for about six months. Finally, it turned out that the programmer who implemented the PS connection had “a little” faked and conducted confirmation payments in exactly the wrong way ).

The fact is that the client’s return to the page you are expecting is absolutely not guaranteed: the Internet connection may be interrupted, the client simply closes the tab or there are plenty of options. This will lead to the fact that the client paid the money, and the payment on your site was not fixed and the goods were not provided to him. In addition, there are many issues with the security of such a request that need to be understood and monitored during implementation.

Instead, most of the PS (in my experience: out of about a dozen Russian and foreign PS, none are deprived of this functionality) can inform you about the result of the operation on the addresses you specified in the settings. Depending on the PS used, these settings can be in your personal account or installed exclusively through an appeal to those. support; can be used as one address, for successful and "feilovy" operations, and 2-3 different addresses.

For example, on the robokassa documentation page, I found a description of the store settings , where there is a Result URL field. Also, here you can select the method by which the request will be sent (GET | POST). Here, on adjacent pages, this request and its parameters are described in detail.

The same picture (with a fairly detailed description of all this functionality) is observed in all large PS. The smaller, often, this information is sent by managers in the connection process. They can ask you for all the necessary addresses.

You are required to implement, at a given address, a script that will accept a request from the subscriber, process the parameters and record / check the payment operation. Among the parameters of any PS, there is necessarily some kind of signatureKey (of course, the name can be any), which is a tricky hash. The PS documentation should indicate how and from what this hash is generated, and you, upon receipt of the request, should check this "request signature" for correctness. This ensures that no fake request is possible.

If you want to hear any specifics or you have additional questions - please, indicate which PS you are talking about.

  • one
    Ivan, and if in view of the unpredictable factors, the answer from PS to Result URL does not come? PS will seek confirmation of the arrival or how? - Sergey V.