How to integrate?
When a user successfully transfers money and that money reaches your account, Paysera requests your indicated address callbackurl and transfers all required information about the performed payment.
Parameter callbackurl is the address of the script on your website, which informs Paysera system about the request on the successful payment. The answer is generated in the following way:
1. Create a folder.
Create a folder named libwebtopay. It will contain all files related to the payment integration.
2. Download libwebtopay library.
Download WebToPay.php file to the created folder libwebtopay.
3. Create a callback.php file.
Create a file named callback.php in the folder libwebtopay. The content of this file has to be:
<?php require_once('libwebtopay/WebToPay.php'); try { $response = WebToPay::checkResponse($_GET, [ 'project_id' => 'project_id_example', 'sign_password' => 'project_password_example', // Path to file to which all requests will be logged. // If you plan to use this feature, make sure that log file is not accessible from outside. // 'log' => 'webtopay.log', ]); echo 'OK Thank you for sending'; } catch (Exception $e) { echo get_class($e) . ': ' . $e->getMessage(); }
It is necessary to transfer all data received from Paysera to the method WebToPay::checkResponse. It is required for the check of data integrity. If there is no parameter at all, or values of parameters are not equal, then WebToPayException exception will be invoked.
After checking $_GET data, if everything is correct, it is necessary to return the answer. An example is shown above (echo 'OK';). Possible variants of answers:
- OK <text>
- The text indicated after the keyword OK will be sent back as a responsive message.
- Example: "OK Thank you for sending" (the responsive message will be: "Thank you for sending").
- NOSMS
- The sender will not receive any answer in this case. You will be able to send it later, in one week.
- WAPPUSH <url> <text>
- The system will send the answer to the sender by the Wap Push method.
- Example: "WAPPUSH http://www.address.com/services/link service description".
4. Sending of the response message.
You can send the answer in one week with libwebtopay function, if you do not deliver it immediately through OK <text>:
<?php // Including libwebtopay library require_once('libwebtopay/WebToPay.php'); try { // Validating data of processed payment. WebToPay::smsAnswer([ // Unique message number in our system. You got it by message. 'id' => 0, // Responsive message 'msg' => 'Thank you for sending', // Generated project password from paysera.com system. 'sign_password' => 'secret', // Path to file to which all requests will be logged // If you plan to use this feature, make sure that log file // is not accessible from outside. //'log' => 'webtopay.log', ]); } catch (Exception $e) { echo get_class($e) . ': ' . $e->getMessage(); }
Libwebtopay
To integrate the system for Macro Payments we recommend using our prepared open source library. Library performs all required inspections of saveable, transmissible and receivable data.
-
WebToPay for PHP (from GitHub).
$ git clone https://github.com/paysera/lib-webtopay
-
WebToPay for .NET (from GitHub).
$ git clone https://github.com/evp/webtopay-lib-dotnet
For libwebtopay to work successfully, file libwebtopay/WebToPay.php from archives is enough. Other files are meant for tests, examples and explanations.
Attention: libwebtopay is suitable to use with both Micro Payments and Macro Payments.
You are able to test libwebtopay in demo mode. To run demo version in your web browser address bar add:
https://www.yourwebsiteurl.com/libwebtopay/demo/
Attention: mentioned path to demo folder would be different in address, if you extracted archive in other place.
Attention: to try demonstration, indicate your project ID from paysera.com website in projectid field. Demonstration wont work, if you try it from your computer (localhost).
Specification
Structure of the payment notification
Paysera sends the answer to your specified callbackurl. 3 additional GET parameters are added to the callbackurl:
-
data - encoded parameters from Paysera system. To parse the parameters, 3 actions must be performed:
- Change the symbols '-' to '+', '_' to '/'.
- Decode the string, using base64 encoding.
- Retrieve the array of parameters from the decoded string, which is an URL-encoded parameter string.
$params = []; parse_str(base64_decode(strtr($_GET['data'], ['-' => '+', '_' => '/'])), $params); //use $params
-
ss1 - sign of data parameter, without using private-public key scheme. Sign algorithm:
ss1 = md5(data + password)
- ss2 - sign of data parameter, using RSA private-public key scheme with SHA-1 hashing function. Public Paysera key, which should be used to verify the signature, can be found at https://www.paysera.com/download/public.key
When you get the callback, you must check at least one signature before confirming the order. If there is a possibility, always check the higher security ss2 signature.