Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
PayTrace Client Side Encryption (PHP / IIS)
<!-- This is the PayTrace End-to-End Encryption library: -->
<script src=""></script>
// set the key from an AJAX call
paytrace.setKeyAjax('/public_key.pem') ;// set the key from an AJAX call (in this case via a relative URL)
$(document).ready( function(){
//To prevent the default action of the submit
// Do your validation and if all validations are met,
// Next is to submit the form with paytrace.submitEncrypted.
if ($("#ccNumber").val() && $("#ccCSC").val()) {
//if all validations are met, submit the form to Paytrace library for encyption.
alert("CCNumber and CSC number are required ! ");
$(document).ready( function(){
$.post($(this).attr('action'), $(this).serialize(), function(json) {
}, 'json');
return false;
<form name="DemoForm" id="DemoForm" action="checkoutResponse.php" method="post">
<label>Company Name:</label>
<input id="name" name="name" class="form-control" type="text" value="<?php echo $name ?>" />
<label>Address Line 1: </label>
<input id="street_address" name="street_address" class="form-control" type="text" value="<?php echo $addr1 ?>" />
<label>Address Line 2:</label>
<input id="street_address2" name="street_address2" class="form-control" type="text" value="<?php echo $addr2 ?>" />
<input id="city" name="city" type="text" class="form-control" value="<?php echo $city ?>" />
<input id="state" name="state" type="text" class="form-control" value="<?php echo $state ?>" />
<input id="zip" name="zip" type="text" class="form-control" value="<?php echo $zip ?>" />
<input id="country" name="country" type="hidden" class="form-control" value="US" />
<label>Payment Amount:</label>
<input id="amount" type="text" readonly name="amount" value="<?php echo $amount ?>" />">
<label>First Name:</label>
<input type="text" name="firstName" id="firstName" class="form-control" />
<label>Last Name:</label>
<input type="text" name="lastName" id="lastName" class="form-control" />
<label>Credit Card Number:</label>
<input id="ccNumber" type="text" class="form-control pt-encrypt" name="ccNumber" placeholder="Credit card number" />
<label>Expiration Month</label>
<select name="expiration_month" id="expiration_month" class="form-control">
<label>Expiration Year</label>
<select name="expiration_year" id="expiration_year" class="form-control">
<option> <?php echo date("Y")?> </option>
<option> <?php echo date("Y")+1 ?> </option>
<option> <?php echo date("Y")+2 ?> </option>
<option> <?php echo date("Y")+3 ?> </option>
<option> <?php echo date("Y")+4 ?> </option>
<option> <?php echo date("Y")+5 ?> </option>
<option> <?php echo date("Y")+6 ?> </option>
<option> <?php echo date("Y")+7 ?> </option>
<option> <?php echo date("Y")+8 ?> </option>
<option> <?php echo date("Y")+9 ?> </option>
<option> <?php echo date("Y")+10 ?> </option>
<option> <?php echo date("Y")+11 ?> </option>
<option> <?php echo date("Y")+12 ?> </option>
<option> <?php echo date("Y")+13 ?> </option>
<option> <?php echo date("Y")+14 ?> </option>
<option> <?php echo date("Y")+15 ?> </option>
<option> <?php echo date("Y")+16 ?> </option>
<option> <?php echo date("Y")+17 ?> </option>
<option> <?php echo date("Y")+18 ?> </option>
<option> <?php echo date("Y")+19 ?> </option>
<option> <?php echo date("Y")+20 ?> </option>
<label>Security code:</label>
<input id="ccCSC" type="text" class="form-control pt-encrypt" name="ccCSC" placeholder="Card security code" />
<input type="submit" id="enterPayment" value="Submit Your Payment" name="commit" />
<script src="/js/jquery.cardswipe.js"></script>
<script type="text/javascript">
// Called by plugin on a successful scan.
var complete = function (data) {
// Is it a payment card?
if (data.type == "generic")
// Copy data fields to form
$("#expiration_year").val("20" + data.expYear);
// Event handler for scanstart.cardswipe.
var scanstart = function () {
// Event handler for scanend.cardswipe.
var scanend = function () {
// Event handler for success.cardswipe. Displays returned data in a dialog
var success = function (event, data) {
// Iterate properties of parsed data
for (var key in data) {
if (data.hasOwnProperty(key)) {
var text = key + ': ' + data[key];
$("#properties").append('<div class="property">' + text + '</div>');
var failure = function () {
// Initialize the plugin with default parser and callbacks.
// Set debug to true to watch the characters get captured and the state machine transitions
// in the javascript console. This requires a browser that supports the console.log function.
// Set firstLineOnly to true to invoke the parser after scanning the first line. This will speed up the
// time from the start of the scan to invoking your success callback.
firstLineOnly: true,
success: complete,
parsers: ["visa", "amex", "mastercard", "discover", "generic"],
debug: false
// Bind event listeners to the document
.on("scanstart.cardswipe", scanstart)
.on("scanend.cardswipe", scanend)
.on("success.cardswipe", success)
.on("failure.cardswipe", failure)
include 'PhpApiSettings.php';
include 'Utilities.php';
include 'Json.php';
//call a function of Utilities.php to generate oAuth token
//This sample code doesn't use any 0Auth Library
$oauth_result = oAuthTokenGenerator();
//call a function of Utilities.php to verify if there is any error with OAuth token.
$oauth_moveforward = isFoundOAuthTokenError($oauth_result);
//If IsFoundOAuthTokenError results True, means no error
//next is to move forward for the actual request
//Decode the Raw Json response.
$json = jsonDecode($oauth_result['temp_json_response']);
//set Authentication value based on the successful oAuth response.
//Add a space between 'Bearer' and access _token
$oauth_token = sprintf("Bearer %s",$json['access_token']);
// Build the transaction
//end of main script
function buildTransaction($oauth_token){
// Build the request data
$request_data = buildRequestData();
//call to make the actual request
$result = processTransaction($oauth_token,$request_data, URL_KEYED_SALE );
/*echo "<br>json_response : " . $result['json_response'];
echo "<BR>curl_error : ".$result['curl_error'];
echo "<br>http_status_code :". $result['http_status_code'];
//check the result
function buildRequestData(){
//you can assign the values from any input source fields instead of hard coded values.
$request_data = array(
"amount" => $_POST['amount'],
"credit_card" => array(
"encrypted_number" => $_POST['ccNumber'],
"expiration_month" => $_POST['expiration_month'],
"expiration_year" => $_POST['expiration_year']
"encrypted_csc" => $_POST['ccCSC'],
"billing_address" => array(
"name" => $_POST['name'],
"street_address" => $_POST['street_address'],
"street_address2" => $_POST['street_address2'],
"city" => $_POST['city'],
"state" => $_POST['state'],
"zip" => $_POST['zip'],
"country" => $_POST['country']
$request_data = json_encode($request_data);
//optional : Display the Jason response - this may be helpful during initial testing.
echo "<h5>";
echo "<BR><BR></h5>";
return $request_data ;
//This function is to verify the Transaction result
function verifyTransactionResult($trans_result){
//Handle curl level error, ExitOnCurlError
if($trans_result['curl_error'] ){
echo "<img src = '/img/xmark.png'>";
echo "<br>Error occcured : ";
echo '<br>curl error with Transaction request: ' . $trans_result['curl_error'] ;
//If we reach here, we have been able to communicate with the service,
//next is decode the json response and then review Http Status code, response_code and success of the response
$json = jsonDecode($trans_result['temp_json_response']);
if($trans_result['http_status_code'] != 200){
if($json['success'] === false){
echo "<img src = '/img/xmark.png'>";
//echo "<br><br>Transaction Error occurred : ";
//Optional : display Http status code and message
//Optional :to display raw json response
echo "<H1>Payment : FAILED !</h1>";
//to display individual keys of unsuccessful Transaction Json response
displayKeyedTransactionError($json) ;
else {
//In case of some other error occurred, next is to just utilize the http code and message.
echo "<img src = '/img/xmark.png'>";
echo "<br><br> Request Error occurred !" ;
// Optional : to display raw json response - this may be helpful with initial testing.
// Do your code when Response is available and based on the response_code.
// Please refer PayTrace-Error page for possible errors and Response Codes
// For transation successfully approved
if($json['success']== true && $json['response_code'] == 101){
echo "<img src = '/img/checkmark.png'>";
//echo "<br><br>Keyed sale : Success !";
//to display individual keys of successful OAuth Json response
//Do you code here for any additional verification such as - Avs-response and CSC_response as needed.
//Please refer PayTrace-Error page for possible errors and Response Codes
//success = true and response_code == 103 approved but voided because of CSC did not match.
//This function displays keyed transaction successful response.
function displayKeyedTransactionResponse($json_string){
//optional : Display the output
//echo "<br><br> Keyed Sale Response : ";
//since php interprets boolean value as 1 for true and 0 for false when accessed.
echo "<br>PAYMENT : ";
echo $json_string['success'] ? 'SUCCESS' : 'FAILED';
//echo "<br>response_code : ".$json_string['response_code'] ;
echo "<br>status_message : ".$json_string['status_message'] ;
echo "<br>transaction_id : ".$json_string['transaction_id'] ;
echo "<br>approval_code : ".$json_string['approval_code'] ;
//echo "<br>approval_message : ".$json_string['approval_message'] ;
//echo "<br>avs_response : ".$json_string['avs_response'] ;
//echo "<br>csc_response : ".$json_string['csc_response'] ;
//echo "<br>external_transaction_id: ".$json_string['external_transaction_id'] ;
echo "<br>masked_card_number : ".$json_string['masked_card_number'] ;
//This function displays keyed transaction error response.
function displayKeyedTransactionError($json_string){
//optional : Display the output
//echo "<br><br> Keyed Sale Response : ";
//since php interprets boolean value as 1 for true and 0 for false when accessed.
echo "<br>success : ";
echo $json_string['success'] ? 'true' : 'false';
echo "<br>response_code : ".$json_string['response_code'] ;
echo "<br>status_message : ".$json_string['status_message'] ;
//echo "<br>external_transaction_id: ".$json_string['external_transaction_id'] ;
echo "<br>masked_card_number : ".$json_string['masked_card_number'] ;
//to check the actual API errors and get the individual error keys
//echo "<br>API Errors : " ;
foreach($json_string['errors'] as $error =>$no_of_errors )
//Do you code here as an action based on the particular error number
//you can access the error key with $error in the loop as shown below.
echo "<br>". $error;
// to access the error message in array assosicated with each key.
foreach($no_of_errors as $item)
//Optional - error message with each individual error key.
echo " " . $item ;
This is a quick for-developers-only guide of how to everything working from PHP (Windows native) to PayTrace’s API. I chose the Client Side Encryption as being our first time out, I am trying to duck some PCI compliance (Client Side Encryption is less strict). This assumes you know PHP, JS, JQuery, a little of what an API does, enough to paste some JSON together and of course your HTML, CSS, etc. You’re a developer, you have all the code provided open source, but this is a quick A-B-C of how I got it working on Windows (IIS7) and hurdles I ran into.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.