[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: checkout.php
<?php // This is just for very basic implementation reference, in production, you should validate the incoming requests and implement your backend more securely. // Please refer to this docs: // https://docs.midtrans.com/en/core-api/credit-card?id=_1-getting-the-card-token namespace Midtrans; require_once dirname(__FILE__) . '/../../Midtrans.php'; // Set Your server key // can find in Merchant Portal -> Settings -> Access keys Config::$clientKey = '<your client key>'; // non-relevant function only used for demo/example purpose printExampleWarningMessage(); function printExampleWarningMessage() { if (strpos(Config::$clientKey, 'your ') != false ) { echo "<code>"; echo "<h4>Please set your client key from sandbox</h4>"; echo "In file: " . __FILE__; echo "<br>"; echo "<br>"; echo htmlspecialchars('Config::$clientKey = \'<your client key>\';'); die(); } } ?> <html> <head> <title>Checkout</title> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.12/featherlight.min.css"> </head> <body> <script id="midtrans-script" type="text/javascript" src="https://api.midtrans.com/v2/assets/js/midtrans-new-3ds.min.js" data-environment="sandbox" data-client-key="<?php echo Config::$clientKey;?>"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/featherlight/1.7.12/featherlight.min.js"></script> <h1>Checkout</h1> <form action="checkout-process.php" method="POST" id="payment-form"> <fieldset> <legend>Checkout</legend> <small><strong>Field that may be presented to customer:</strong></small> <p> <label>Card Number</label> <input class="card-number" name="card-number" value="4811 1111 1111 1114" size="23" type="text" autocomplete="off" /> </p> <p> <label>Expiration (MM/YYYY)</label> <input class="card-expiry-month" name="card-expiry-month" value="12" placeholder="MM" size="2" type="text" /> <span> / </span> <input class="card-expiry-year" name="card-expiry-year" value="2025" placeholder="YYYY" size="4" type="text" /> </p> <p> <label>CVV</label> <input class="card-cvv" name="card-cvv" value="123" size="4" type="password" autocomplete="off" /> </p> <p> <label>Save credit card</label> <input type="checkbox" id="save_cc" name="save_cc" value="true"> </p> <small><strong>Fields that shouldn't be presented to the customer:</strong></small> <p> <label>3D Secure</label> <input type="checkbox" id="secure" name="secure" value="true" checked> </p> <input id="token_id" name="token_id" type="hidden" /> <button class="submit-button" type="submit">Submit Payment</button> </fieldset> </form> <code> <pre> <b>Testing cards:</b> <b>For 3D Secure:</b> Visa 4811 1111 1111 1114 MasterCard 5211 1111 1111 1117 <b>For Non 3D Secure:</b> Visa success 4011 1111 1111 1112 Visa challenge 4111 1111 1111 1111 Visa deny by FDS 4211 1111 1111 1110 MasterCard success 5481 1611 1111 1081 MasterCard challenge 5110 1111 1111 1119 MasterCard deny by FDS 5210 1111 1111 1118 </pre> </code> <!-- Javascript for token generation --> <script type="text/javascript"> $(function () { // open the console log to check the flow // 3ds new flow: // 1. get token_id // 2. send token_id to backend // 3. initial charge from backend to midtrans api // 4. open redirect_url var options = { performAuthentication: function(redirect_url){ openDialog(redirect_url); }, onSuccess: function(response){ console.log('success'); console.log('response:',response); closeDialog(); }, onFailure: function(response){ console.log('fail'); console.log('response:',response); closeDialog(); alert(response.status_message); $('button').removeAttr("disabled"); }, onPending: function(response){ console.log('pending'); console.log('response:',response); closeDialog(); } }; function openDialog(url) { $.featherlight({ iframe: url, iframeMaxWidth: '80%', iframeWidth: 700, iframeHeight: 500, closeOnClick: false, closeOnEsc: false, closeIcon:'' }); } function closeDialog() { $.featherlight.close(); } $(".submit-button").click(function (event) { var card = { "card_number": $(".card-number").val(), "card_exp_month": $(".card-expiry-month").val(), "card_exp_year": $(".card-expiry-year").val(), "card_cvv": $(".card-cvv").val() }; event.preventDefault(); $(this).attr("disabled", "disabled"); console.log('1. get token_id'); MidtransNew3ds.getCardToken(card, getCardTokenCallback); return false; }); // callback functions var getCardTokenCallback = { onSuccess: function(response) { // Success to get card token_id, implement as you wish here console.log('Success to get card token_id, response:', response); var token_id = response.token_id; $("#token_id").val(token_id); console.log('This is the card token_id:', token_id); // Implement sending the token_id to backend to proceed to next step console.log('2. send token_id to backend'); // send token_id, save_cc and secure params // we send secure param for sample, in production, you should define transaction is secure/not in backend // we recommend always use secure=true // data: $("#token_id, #save_cc, #secure").serialize() $.ajax({ type: 'POST', url: 'checkout-process.php', data: $("#token_id, #save_cc, #secure").serialize(), success: function(response){ console.log('3. response charge from backend:', response); if (response.redirect_url){ console.log('4. open redirect_url'); MidtransNew3ds.authenticate(response.redirect_url, options); } }, error: function(xhr, status, error){ console.error(xhr); } }); }, onFailure: function(response) { // Fail to get card token_id, implement as you wish here console.log('Fail to get card token_id, response:', response); closeDialog(); $('button').removeAttr("disabled"); } }; }); </script> </body> </html>
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: server1.winmanyltd.com
Server IP: 203.161.60.52
PHP Version: 8.3.27
Server Software: Apache
System: Linux server1.winmanyltd.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64
HDD Total: 117.98 GB
HDD Free: 59.67 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
Yes
pkexec:
Yes
git:
Yes
User Info
Username: eliosofonline
User ID (UID): 1002
Group ID (GID): 1003
Script Owner UID: 1002
Current Dir Owner: 1002