Stripe API recurring payments with Php

1
votes

I'm using Stripe API for one time payments, which works perfectly fine using something like:

  $stripe = array("secret_key" => "MY_SECRET_KEY", "publishable_key" => "MY_PUBLISHABLE_KEY");
  Stripe::setApiKey($stripe['secret_key']); 

  try {
      $charge = Stripe_Charge::create(array(
          "amount" => round($_POST['amount'] * 100, 0),
          "currency" => "USD",
          "card" => array(
              "number" => 111111111111111111,
              "exp_month" => 10,
              "exp_year" => 2017,
              "cvc" => 321,
              ),
          "description" => $_POST['item_name']));
      $json = json_decode($charge);
      $amount_charged = round(($json->{'amount'} / 100), 2);
      //process payment here......

  }
  catch (Stripe_CardError $e) {
      $body = $e->getJsonBody();
      print json_encode($json);
  }

Now I want to be able to have recurring payments, by capturing user credit card info, and running cron job once a month. Will the above work fine, or do I need something else. I'm aware that Stripe has built in feature for recurring payments, but in my case payments for each month will have different amount.

2
phpstripe-payments
You should really NOT save the user's credit card info in your database. You can change the amount of a subscription using Strip's API.Dekel
storing the CC data on your end makes you subject to PCI compliance, and that's not something you want to get involved with. let stripe handle the storage.Marc B
All this is covered very well in their docs...rjdown

2 Answers

2
votes

The thing you're missing in your example is Customer records. You see, Stripe doesn't allow you to re-use a Token. They're one-time use. In order to build out the functionality you're looking for, you'd need to securely store the payment details somewhere. If you're PCI Compliant, that could, of course, be on your own local datastore; however, if you want to make it easy on yourself, you could build out Customer records for each user and their associated payment methods.

When you're constructing a charge normally, you'll use the Create a Charge API Request.

You're doing this now and passing the token id as the source-argument. What you would do instead, is first make a Customer and then attach that payment source by creating a Card. (I recommend doing them as two separate steps, so you can better manage customers with multiple payment sources.)

Then, to charge that record again, you would make your Create a Charge API Request again, but instead you would pass in the customer id in the customer-argument and (optionally) pass in the source id (card_xxx) into the source-argument. If you don't pass in a source-argument, but you pass a customer-argument, it will use the default payment source.

Hope that helps!

-1
votes

Can't you just run a charge using the card token every month? Instead of passing in the card using their card token would be more secure. But otherwise your code looks fine. You should just be able to run a charge like that every month.

EDIT

Forgot to mention that you will need to create a Stripe Customer and assign the CC token to that Stripe Customer since CC tokens are one time use only. After creating the Stripe Customer you will be able to just charge that customer every month.