3

On my site, expiry.php script checks expiry date of member from cron job and if it is between 12 days from today, email is sent to member.

That email contains a renewal link with variables related to member.

I am using Instamojo payment gateway with API details on https://www.instamojo.com/developers/request-a-payment-api/

e.g. my code and current link for payment in expiry.php to send email is like

<?php
include("db.php");
$sql=".......";
$name = $data['name']; //fetched from database
$email = $data['email'];
$mobile = $data['mobile'];
$payment_fees = "520";
$url = "https://paymentgateway-website.com/myaccountname/?data_name=".$name."&data_email=".$email."&data_phone=".$mobile."&data_amount=".$payment_fees."&data_readonly=data_name&data_readonly=data_email&data_readonly=data_phone&data_readonly=data_amount";

$url = htmlentities($url);
ob_start();
?>


    <div>
Hello <?=$data['name']?>,
<a href="<?php $url;?>">Click Here</a> To pay Now.
    </div>

<?php 
   $body=ob_get_clean();


    $to = $data["email"];
    .
    .

 ?>

This email is sent perfectly with payment link specifically for member with included member name, email and mobile in it and payment form is populated in browser with readonly fields containing user name, email, mobile, amount.

This payment link has success redirect link with thanks.php on my site.

I want to update my database when user pays fees and get redirected to my site's thanks.php page.

I think , I can not create session as user is going to payment link from email and returning back to my site after successful payment.

What can be solution to put in thanks.php on my site to update my mysql database like 

$sql = "update tablename SET `payment_status` = "1" where reg_id = "????(what to enter)?"

How to get reg_id in mysql database when user pays successfully ?

Dr Manish Lataa-Manohar Joshi
  • 2,380
  • 5
  • 17
  • 38
  • I am not entirely sure if your approach here is correct or secure. Could you not create a transaction with a unique ID in your database for this customer? Then if the payment gateway returns payment success message, then just update the `payment_status` flag corresponding to that transaction in your database. – Maximus2012 Dec 14 '15 at 15:41
  • Is your payment gateway returning something? If yes then can you update your question to indicate what it is ? – Maximus2012 Dec 14 '15 at 15:42
  • @Maximus2012 Yes, we can use unique id only for that. But my question is as user is going to payment gateway site directly from his email and after successful payment, returning to my site, how to identify that usnique id to update mysql? We can create session if user is going to payment gateway site from my site. But here scenario is not like that. – Dr Manish Lataa-Manohar Joshi Dec 14 '15 at 15:44
  • In that case, on successful payment, your payment gateway should be returning you something via POST or GET which you then use to update information in your database. I don't think you need sessions here. You should probably refer to the API documentation of your payment gateway. – Maximus2012 Dec 14 '15 at 15:46
  • Another approach would be to change the way you are generating the URL in the email. Rather than including name, email, mobile in the URL, you should include the transaction ID and amount only. Then on successful payment, your payment gateway should return a success message along with the same transaction id which you can then use to update information in your database which is what you are looking for. That approach would be simpler too. – Maximus2012 Dec 14 '15 at 15:52
  • first, you could change the link in the email so it directs the user to your server, then forward from there. Or you could send some parameters that your payment provider passes back to the success url. – Burki Dec 14 '15 at 15:53
  • @Burki I don't think there is a need to redirect the user to the server but I agree that the URL parameters could be changed to include relevant information. – Maximus2012 Dec 14 '15 at 15:54
  • @Maximus2012 Ok Thank you for nice suggestions.. I am searching on payment gateway site now for what I am getting via POST or GET......I will update here as I got some relevant output... – Dr Manish Lataa-Manohar Joshi Dec 14 '15 at 15:56
  • @Maximus2012 I am using name, email and mobile as these fields are included in payment gateway's payment form by default. So i think I can use email field...but now confused how to use it...like "update tablename SET "payment_status`='1' where email =".$_POST['email'].; or what else ? – Dr Manish Lataa-Manohar Joshi Dec 14 '15 at 16:03
  • API link to my current payment gateway is https://www.instamojo.com/developers/request-a-payment-api/ – Dr Manish Lataa-Manohar Joshi Dec 14 '15 at 16:08
  • I think you should keep user information separate from user payment information. This will allow a user to make multiple payments which is what you are looking for. What you probably need is this DB structure: `User Table (user_id, name, mobile, email, )` and then `UserPayment table (payment_id, user_id, amount, payment_status)`. You create entry in `UserPayment` table first, pass the `payment_id` to gateway via email URL and the do `UPDATE UserPayment SET payment_status=1 WHERE payment_id=` on successful payment. – Maximus2012 Dec 14 '15 at 16:08
  • Please update your question with additional information about your payment gateway. – Maximus2012 Dec 14 '15 at 16:12
  • what information does the redirect link contain? Anything? You'd have to have that redirect link giving you some information as to who made the payment. Also in situations like this you cannot guarantee that the user will be redirected after payment. What if they close their browser, or somehow interrupt the process after they pay? Does your payment system have something along the lines of paypal's IPN? What it is is a url that it will post transaction data to EVEN IF THE USER DOESN'T GET REDIRECTED. If it does, i'd use that, and forget about the redirect. – danjfoley Dec 15 '15 at 21:54
  • It doesn't look like you're using request a payment here. From `$url` it looks like you're following the pay-what-you-want approach. Please confirm. – Ashwini Chaudhary Dec 16 '15 at 06:54
  • @AshwiniChaudhary I have emailed you on support@instamojo.com – Dr Manish Lataa-Manohar Joshi Dec 16 '15 at 07:07
  • @DrMJ did you get any solution for this issue? if yes , please share the solution. – Sajith Jan 24 '18 at 17:00

1 Answers1

-1

You can use the webhook url feature of instamojo. It will give all details of transaction and on that page you can write your MySQL query to store response.

Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
nilesh2293
  • 27
  • 5