We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Help with On-line payment

xenoula asked
Medium Priority
Last Modified: 2013-11-29

I am working in a company where we are developing e-commerce sites which include online payment.
I am developing the website using PHP and database MySQL ,I have manage to create the shopping cart and the basket
and i don't know how to do the payment part.

I would really appreciate if you could explain to me how the online payment works and how i can manage to implement
online payment in the website.Do I need to create a script that will send the information to the bank?I am tottally confused even though I have search a lot in the internet but I still don't know how to do it.

Thank you in advance,
Watch Question

Ultimately, you need an internet enabled merchant account, a payment gateway, and a website with SSL. Then your website will either post data in an HTML form or use PHP Curl functions to post data to a server provided by a payment gateway service. The payment gateway will communicate the result either by sending an HTML form post to your own custom PHP script or through the Curl connection. If the transaction is approved, the funds are transferred to the merchant account.

I have chosen to focus on Verisign payment processing, since it has been relatively easy to implement at many of my clients sites and Verisign offers a fixed monthly price for up to 1000 transactions per month. Everyone else charges a per transaction fee, which adds up fast. I will share an overview of my implementation process for Verisign payment processing.

Your company needs an internet enabled merchant account, which is essentially a bank account set to receive funds from internet credit card processing. If you are processing credit cards already, check with your existing merchant account provider. You have to ask your provider what processor they use. Here are the list of Verisign compatible processors:
American Express
FDMS- Nashville
FDMS - South
Global Payments- Central
Global Payments - East

If you need a new account, I can recommend Wells Fargo, since they consistently offer a break on the published prices for Verisign accounts. Wells Fargo will set you up with a package deal on a merchant account and a Verisign payment processing account. You can also get the payment processing account directly from Verisign:

Verisign offers 2 levels of processing, Payflow Link and Payflow Pro. If you need to process less than 500 transactions a month, then the cheap and easy Payflow Link is the way to go. Payflow Pro offers a few more fraud prevention features, but Payflow Link has several, too. Payflow is slightly more complicated to implement and I think you have to have Curl installed on your server (which is pretty common). A Payflow Pro account will process the entire transaction without having the customer leave your website. You can set up Payflow Link to provide secure forms for the customer to use when checking out, or you can use your own forms and pass all the data in a form post to the Verisign server, but the customer will see one screen generated by Verisign before clicking the "Continue" button to return to your website. That one screen can be customized to match your website.

You can sign up for a free account at the above web page (click on "Try"). Then you can do all your testing on the 30 day trial account. Verisign offers some nice manuals from your account manager on the specifics to implementation.

The implementation for Payflow Link involves setting up your account at their website and adding a bunch of hidden form fields to an HTML form that gets posted to verisign (via https). Then you have a separate PHP script that is set just to receive Verisign reponses and turn the incoming data into orders to be fulfilled. So after the customer submits their info, Verisign transmits the order to your PHP script, and the customer gets sent to a Thank You page at your site. The Verisign documentation includes sample PHP scripts.

The implementation of Payflow Pro can be done with Curl functions or PHP has built in functions for handling Payflow Pro transactions.

Payflow Link is slightly susceptible to customers double clicking the "submit" button and getting double charged. Sometimes Verisign detects it as a duplicate and sometimes they don't. Use JavaScript to prevent double submits.

It takes about 2 days for funds to appear in the merchant account after they are processed (and batched every midnight). The Verisign account manager offers a full range of reports and a form for manually processing sales, credits, or voids.

There are a lot of ways to go, and this is just one. I've had clients processing through Verisign for 5 years now without any issues. Good luck.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

try this ready to use payment gateway


Thank you both.Thank you very much merwetta1 for the information and the whole analyses you made. I  am going to search a little bit and i mignt ask you more answers.What i would like to ask you if this process is the same for UK,because I am working in UK and the websites that we will create will be for UK companies.It can also be used for all the countries?

Thank you,
I don't know the specifics of UK card processing (I'm in U.S.), but the part that happens on your website will certainly be very similar. If you call Verisign (888-847-2747), I'm sure they could offer some insight.
Two other possiblities to look into are Authorize.NET and LinkPoint.  These are gateway products, which you would have to connect to a merchant account.  The gateway is similar to the "swipe terminal" at a retail store.  Most merchants that have online processing should support one or the other.  Both have an API that is very easy to program using CURL and both give full sample code for integration using PHP and other languages.  They are both VERY popular in the online payment community.

You can go to http://www.authorize.net or http://www.linkpoint.com to find merchant resellers that support each platform.



Apart from the merchant account ,the payment gateway and an SSLthat i will need.
What specific information do I have to put in the form that the user will put the details?
When the user will put the information and submit the button what is the process after that?

Could you please provide more information?

Thank you,


You can look at Authorize.NET's docs for a full list of what they can accept.  Others are similar.

The basics are: Name, Address + ZIP, Card number, Card code.  You need all of these for the Address Verification System (the gateway changes address number, zip, and card code).  You can also submit an order number with the authorization request, to tie the processor to your accounts easier.  It's very useful if you have to go look up a transaction on the processor's site.
The answer to your question about the form specifics depends on which payment gateway you use. The customer will put in their billing info and credit card info. Then there will be some hidden form fields that have the transaction amount, your merchant number, and anything else the payment gateway requires. For an example, just view the source of any checkout screen at any ecommerce website.

At the Verisign website, http://verisign.com/products-services/payment-processing/index.html , you can get a white paper called "Online Payment Processing - What You Need To Know" (look for a link on the right) that does a pretty good job of giving an overview of the whole process for any gateway. You'll have to give Verisign your email though (they've never abused mine).


I was away these days and I would like to leave it open as now I am doing the online payment and I might need some help.Could you please do that?I appreciate the help of all of the people who gave suggestions to me.

Thank you,

I suggest you post a new question in PHP area, with a link to this question. This has got old enough to be missed by many experts.
Read this as well: http://www.experts-exchange.com/help.jsp#hi5
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.