I am having difficulty passing total amount from html to stripe. I have a cart whose total is calculated in cart.js. I am displaying it from index.php. I want to charge the total amount which is the cart total using Stripe. I am not sure how to pass in amount to checkout.php.
checkout.php
// Get the credit card details submitted by the form
$token = $_POST['stripeToken'];
// Create a Customer
$customer = \Stripe\Customer::create(array(
"source" => $token,
"description" => "Example customer")
);
// Charge the Customer instead of the card
\Stripe\Charge::create(array(
"amount" => $amount, // Amount in cents
"currency" => "usd",
"customer" => $customer->id)
);
index.php
<div class="total">
<p class="value">
<!-- value inserted by js -->
</p>
<p class="label">Total</p>
</div>
<form action="./checkout.php" method="post">
<script src="https://checkout.stripe.com/checkout.js"
class="stripe-button"
data-key="<?php echo $stripe['publishable_key']; ?>"
data-image="https://something.png"
data-name="nairteashop.org"
data-description="Send lots of love"
data-billing-address="true"
data-label="Checkout"> </script>
</form>
cart.js
var $bagTotal = $('.total .value');
$bagTotal.addClass('total_price');
$bagTotal.text('$' + getTotalPrice(items));
Computing the amount that needs to be charged client-side is a very bad idea. It would be trivial for a malicious customer to send a reduced amount to your server. The only scenario in which the amount should be provided by the customer's browser is when the amount is directly chosen by the customer (e.g. if you're accepting donations).
If you're writing your own cart system, you probably want to have the frontend send a list of product IDs and quantities to your backend, which can then compute the amount by retrieving each product's price from your local database.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments