Search code examples
phppostbraintree

Braintree Payment Gateway - processing orders

I am trying to create an ecommerce site using braintree payment gateway.

I have created the form with the dropin container as shown here https://www.youtube.com/watch?v=dUAk5kwKfjs

I am then trying to add process this data and send it to braintree as well as store everything in my DB. This is my PHP for processing:

<?php include_once("connection.php"); ?>

<?php
var_dump($_POST);
session_start();
require "boot.php";

$active_country_code = $_SESSION["active_country_code"];
$active_country_braintree = $_SESSION["active_country_braintree"];

$subtotal = $_POST['subtotal'];
$vat = $_POST['vat'];
$vat_percent = $_POST['vat_percent'];
$total = $_POST['total'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$nonce = $_POST['payment_method_nonce'];
$serialized_cart_array = $_POST['cart_array'];
$cart_array = unserialize($serialized_cart_array);
$currency = $active_country_currency;
$customer_id = $_POST['customer_id'];
$address = $_POST['address'];

$params = [$customer_id,$address,$active_country_braintree,$serialized_cart_array,$subtotal,$vat,$vat_percent,$total,$currency,$active_country_code];
$sql = "INSERT INTO orders (customer_id,address_id,braintree_account,cart_array,subtotal,vat,vat_percent,total,currency,country_id,date_created,status,date_last_status_change) VALUES (?,?,?,?,?,?,?,?,?,?,now(),'created',now())";
$stmt = DB::run($sql,$params);
$order_id = DB::lastInsertId();

if (!isset($_POST['payment_method_nonce']) || $_POST['payment_method_nonce']!="") {
    echo 'fail';
}

$result = Braintree_Transaction::sale([
    'amount' => $total,
    'orderId' => $order_id,
    'merchantAccountId' => $active_country_braintree,
    'paymentMethodNonce' => $nonce,
    'customer' => [
        'firstName' => $first_name,
        'lastName' => $last_name,
        'email' => $email
    ], 
    'options' => [
        'submitForSettlement' => true
    ]
]);

if ($result->success === true) {
    $transaction_id = $result->transaction->id;
    $params = [$transaction_id,$order_id];
    $sql = "UPDATE orders SET transaction_id=?, status='processing payment', date_last_status_change=now() WHERE id=?";
    $stmt = DB::run($sql,$params);
}else{
    $error = serialize($result->errors);
    $params = [$error,$order_id];
    $sql = "UPDATE orders SET errors=? WHERE id=?";
    $stmt = DB::run($sql,$params);
}
?>

This results in the following output:

array (size=12)
  'first_name' => string 'Paddy' (length=5)
  'last_name' => string 'Hallihan' (length=8)
  'email' => string 'it@sublift.ie' (length=13)
  'address' => string '2' (length=1)
  'customer_id' => string '2' (length=1)
  'subtotal' => string '196' (length=3)
  'vat' => string '45.08' (length=5)
  'vat_percent' => string '23' (length=2)
  'total' => string '241.08' (length=6)
  'guest_checkout' => string 'true' (length=4)
  'cart_array' => string 'a:1:{i:0;a:4:{s:7:"item_id";s:1:"1";s:8:"quantity";d:1;s:9:"attribute";s:10:"attribute1";s:15:"attribute_price";s:3:"196";}}' (length=124)
  'payment_method_nonce' => string '59698de8-8d4e-0a05-5d02-e8d512057712' (length=36)

fail

As you can see it is echoing 'fail' because $_POST['payment_method_nonce'] does not exist but I can also see that it is there though var_dump($_POST); which is really strange.

As it is, it is adding 2 orders to my table. The first one gets an error from braintree stating 'Cannot determine payment method', the second one gets processed correctly and gets the transaction ID back from Braintree.

It is like the page is not getting the nonce running without it and then refreshing and reading the posted variable correctly.

Commenting everything out except for the var_dump($_POST); results in :

array (size=12)
  'first_name' => string 'Paddy' (length=5)
  'last_name' => string 'Hallihan' (length=8)
  'email' => string 'it@sublift.ie' (length=13)
  'address' => string '5' (length=1)
  'customer_id' => string '5' (length=1)
  'subtotal' => string '196' (length=3)
  'vat' => string '45.08' (length=5)
  'vat_percent' => string '23' (length=2)
  'total' => string '241.08' (length=6)
  'guest_checkout' => string 'true' (length=4)
  'cart_array' => string 'a:1:{i:0;a:4:{s:7:"item_id";s:1:"1";s:8:"quantity";d:1;s:9:"attribute";s:10:"attribute1";s:15:"attribute_price";s:3:"196";}}' (length=124)
  'payment_method_nonce' => string '' (length=0)

Any help with this would be greatly appreciated.

Solution

  • The issue was how I was submitting to this page

    I was using:

    <button onclick=this.form.submit();>Pay Now</button>

    I'm now using:

    <input type="submit" value="Pay Now">

    However, I am not sure why this caused the issue in the first place. I thought these should both act the same.