Error says:
An error occurred: Sending credit card numbers directly to the Stripe API is generally unsafe. To continue processing use Stripe.js, the Stripe mobile bindings, or Stripe Elements. For more information, see https://dashboard.stripe.com/account/integration/settings. If you are qualified to handle card data directly, see https://support.stripe.com/questions/enabling-access-to-raw-card-data-apis. File: /home/wlms/webapps/wlms-apiv2/vendor/stripe/stripe-php/lib/Exception/ApiErrorException.php Line: 38
My backend code is:
public function doPayment($paymentRequest)
{
try {
$payment_transaction_id = $paymentRequest['payment_transaction_id'];
$zeroDecimalCurrencies = array('BIF', 'CLP', 'DJF', 'GNF', 'JPY', 'KMF', 'KRW', 'MGA', 'PYG', 'RWF', 'UGX', 'VND', 'VUV', 'XAF', 'XOF', 'XPF');
if (!in_array($paymentRequest['currency'], $zeroDecimalCurrencies)) {
$payment_amount = ($paymentRequest['total_value']) * 100;
} else {
$payment_amount = $paymentRequest['total_value'];
}
$paymentIntentCreate = $this->stripe->paymentIntents->create([
"amount" => $payment_amount,
"currency" => $paymentRequest['currency'],
'payment_method_types' => ['card'],
'customer' => $paymentRequest['stripe_customer_id']
]);
$paymentIntentConfirm = $this->stripe->paymentIntents->confirm(
$paymentIntentCreate->id,
['payment_method' => $paymentRequest['payment_method_id']]
);
$gateWayResponse = PaymentGatewayResponse::create(array('transaction_id' => $payment_transaction_id, 'response' => $paymentIntentConfirm));
return $paymentIntentConfirm;
} catch (StripeExceptionCardException $e) {
ErrorLogger::logError($e);
return false;
// Since it's a decline, StripeExceptionCardException will be caught
} catch (StripeExceptionRateLimitException $e) {
ErrorLogger::logError($e);
return false;
// Too many requests made to the API too quickly
} catch (StripeExceptionInvalidRequestException $e) {
ErrorLogger::logError($e);
return false;
// Invalid parameters were supplied to Stripe's API
} catch (StripeExceptionAuthenticationException $e) {
ErrorLogger::logError($e);
return false;
// Authentication with Stripe's API failed
// (maybe you changed API keys recently)
} catch (StripeExceptionApiConnectionException $e) {
ErrorLogger::logError($e);
return false;
// Network communication with Stripe failed
} catch (StripeExceptionApiErrorException $e) {
ErrorLogger::logError($e);
return false;
// Display a very generic error to the user, and maybe send
// yourself an email
} catch (Exception $e) {
ErrorLogger::logError($e);
return false;
// Something else happened, completely unrelated to Stripe
}
$gateWayResponse = PaymentGatewayResponse::create(array('transaction_id' => $payment_transaction_id, 'response' => $e->getMessage()));
return ['status' => 0, 'data' => $e->getMessage(), 'message' => 'Payment Failed'];
}
Chat GPT says error is in frontend
Ensure that your frontend correctly tokenizes the card data and sends only the tokenized payment_method_id to the backend.
Any solutions ?
2
Answers
Stripe provides its card form.
you can use that from here
https://docs.stripe.com/payments/quickstart
Hope this will help.
The page that the error message links to explains this in detail – it mentions that unless you are PCI compliant, you should use Stripe Checkout, Elements or their mobile SDKs to collect payment method information.
You can start off from https://docs.stripe.com/payments/accept-a-payment to select a integration path that suits your needs.