Level 27
Session::get(...) is just one of the way to save the $charge_id
- Is it a temporary token or transaction ID?
- If it is a transaction ID, yes you should save it for future refunds.
Oct 10, 2020
6
Level 2
stripe fund
hello guys , i integrate stripe successfully ,one question , when i create payment it generate token, which is $charge_id.
my question is should i save $charge_id in my database ?
b/c when i request refund it askes $charge_id, where can i get it ? the documentation $charge_id = Session::get('charge_id');
session part is not clear for me
any help, thanks
Level 2
@laracoft it is transaction id
$token = $stripe->tokens()->create([
'card' => [
'number' => $strip['card_no'],
'exp_month' => $strip['exp_month'],
'exp_year' => $strip['exp_year'],
'cvc' => $strip['cvv'],
],
]);
my issue is what about security ?? and did you use Cartalyst\Stripe before ??
Level 27
- As long as you don't save the credit card #, it is ok.
- A transaction ID is just a reference number.
- No, I have not used Cartalyst\Stripe
Level 2
@laracoft which means i dont need to fill a form(number,exp_month...) for refund ?
call saved token and run ??
Level 27
@aronaman Use your transaction ID to issue a refund
Level 80
@aronaman You should not be creating a token using input data like that. If you’re using a customer’s card number, expiry data and CVV in a PHP file, then that data is touching your server, and you then need to worry about PCI compliance—which defeats the point of using a payment processor like Stripe.
Instead, follow Stripe’s documentation and example and instead use their JavaScript SDK to capture card details. The card details will only ever touch Stripe’s servers then (meaning you no longer need to worry about PCI compliance) and Stripe will issue you a token which you can then use to create charges. After creating a charge, if you need to save the charge ID to perform refunds in the future, then do so.
Please or to participate in this conversation.