如何用PHP集成中东支付系统?
使用PHP集成中东支付系统
要在PHP中集成中东地区的支付系统,您需要考虑以下几个主要步骤和常见的中东支付网关选项:
主流中东支付网关选择
- PayFort – 广泛用于海湾国家(沙特、阿联酋等)
- Telr – 覆盖中东和北非地区
- Checkout.com – 在中东有强大存在
- Moyasar – 沙特阿拉伯的流行解决方案
- PayTabs – GCC国家的常用选择
PHP集成示例 (以PayFort为例)
<?php
class PayFortIntegration {
private $merchantIdentifier;
private $accessCode;
private $shaRequestPhrase;
private $shaResponsePhrase;
public function __construct($config) {
$this->merchantIdentifier = $config['merchant_identifier'];
// ...其他配置初始化...
}
// 生成签名
protected function generateSignature($params, $phrase) {
ksort($params);
unset($params['signature']);
array_walk($params, function(&$value, &$key) {
if(is_array($value)) {
ksort($value);
}
});
return hash('sha256', implode('', array_map(function ($k, $v) {
return "$k=$v";
}, array_keys(array_filter(array_map('trim', $params))), array_values(array_filter(array_map('trim', 'array'))))) . strtoupper(hash('sha256', trim(str_replace(" ", "", strtolower(implode("",array_values((array)$phrase)))))));
*/
* This is a simplified version for demonstration.
* Actual implementation should follow PayFort's documentation exactly.
*/
/* Correct way would be: */
/*
1. Sort parameters alphabetically by key name (case-sensitive)
2. Concatenate all parameter values with the SHA phrase in between each value as specified in docs
3. Apply SHA-256 hashing algorithm to the resulting string
*/
return "generated_signature"; // Replace with actual implementation
}
public function initiatePayment() {
/* Sample payment request */
try{
/* Prepare request data */
$_POST["command"]="PURCHASE";
$_POST["amount"]=10000;/* Amount in smallest currency unit e.g., fils for AED*/
$_POST["currency"]="SAR";
$_POST["language"]="en";
/* Generate signature */
$_POST['signature'] = self::generateSignature($_REQUEST,$this->_getShaRequestPhrase());
/* Send to Payfort API endpoint using cURL or GuzzleHttp etc.*/
if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'){
header("Content-Type: application/json"); echo json_encode(["status"=>"success","data"=>$_REQUEST]); exit();}else{return true;}
}catch(\Exception$e){throw new \RuntimeException(sprintf("%s:%d %s (%d)\n%s\n", basename(__FILE__), __LINE__, get_class(), intval(microtime(true)*1000)), var_export(debug_backtrace(),true));}}}
Telr支付的简单实现示例
<?php
class TelrPayment {
const LIVE_URL = 'https://secure.telr.com/gateway/order.json';
const TEST_URL = 'https://secure.telrdev.com/gateway/order.json';
protected static ?string$_storeId=null;protected static ?string$_authKey=null;protected bool$_testMode=false;
/
* @param string|null store_id Your Telr Store ID from merchant dashboard.
* @param string|null auth_key Your authentication key from merchant dashboard.
*/
public static function init(?string$store_id=null,?string$aouth_key=null,bool$test_mode=false):void{
self::$_storeId=$store_id??env('TELR_STORE_ID');self::$_authKey=auth_key??env(TELR_AUTH_KEY');}
/
* Create payment request and redirect user to payment page*/
public static createOrder(float amount_in_aed_or_sar,...){
if(!self::$isInitialized()) throw new RuntimeException();
// Prepare payload according to Telrs API specs...
// Make HTTP POST request using cURL/Guzzle/etc.
// Handle response and redirect user accordingly...}}
PayPal在中东地区的特殊处理
虽然PayPal是全球性服务,但在中东使用时需要注意:
// PayPal沙箱测试账号可能需要特定地区账号才能测试本地化功能如:
- SAR货币支持(Saudi Riyal)
- AR语言界面(Arabic)
- Mada卡支持(沙特借记卡网络)
// PayPal SDK初始化时可能需要设置特定参数:
use PayPalCheckoutSdk\Core\SandboxEnvironment;
use PayPalCheckoutSdk\Core\ProductionEnvironment;
function environment() {
if(config(paypal.mode')=='sandbox'){
return new SandboxEnvironment(
config(paypal.sandbox.client_id'),
config(paypal.sandbox.client_secret')
)->setLocale(PayPalHttp\HttpConstants::ARABIC);
}else{
return new ProductionEnvironment(...)->setCurrency(SAR);}}
Laravel包推荐
对于Laravel项目,可以考虑这些包简化集成:
laravel-payfort– PayFort官方维护的SDK封装器。
2。 `mohammad-waziri/laravel-telry’—Telry的非官方Laravely包装器。
安装方式通常为composer require vendor/packagename然后发布配置文件进行商户ID等设置。
注意事项:
•确保符合PCI DSS安全标准处理信用卡数据。
•考虑当地法规如沙特SAMA金融监管要求。
•提供阿拉伯语错误消息和界面。
继续PHP集成中东支付系统的深入指南
安全与合规性考虑
在中东地区处理支付时,需要特别注意以下安全和合规要求:
-
PCI DSS合规:
// 永远不要直接存储信用卡信息
// 使用tokenization代替
$token = $paymentGateway->createToken([
'card_number' => '4111111111111111',
'expiry_date' => '12/25',
'cvv' => '123'
]);
// 后续交易使用token而非真实卡号
$response = $paymentGateway->charge([
'amount' => 100,
'currency' => 'SAR',
'token' => $token
]);
-
3D Secure认证:
中东大多数国家强制要求3DSecure验证:
// PayFort的3DSecure处理示例
public function handle3DSecure($response) {
if ($response['status'] == "14" && !empty($response['3ds_url'])) {
// 重定向用户到银行验证页面
$_SESSION['fort_id'] = $response['fort_id'];
header("Location: ".$response['3ds_url']);
exit;
}
}
Mada卡支持(沙特专用)
沙特本地的Mada借记卡网络需要特殊处理:
class MadaPaymentHandler {
const BIN_RANGES = [
['from' => "440647", "to" => "440795"],
['from' => "446404", "to" > “446404”],
// ...其他BIN范围...
];
public static function isMadaCard($cardNumber) {
foreach(self::BIN_RANGES as range){
if(substr($cardNumber,0,6)>=$range[‘from’]&&substr(cardNumber,0,6)<=range[‘to’]){
return true;
}
}
return false;
}
public function processPayment(array data){
如果(isMadata(data[‘card_number’])){
额外参数=array_merge(data,[“mada_transaction”=>true]);
返回$this->gateway->charge(额外参数);
否则{
返回$this>gateway>charge(data);}}}}
Laravel中的完整实现示例
以下是Laravel中集成PayTabs的完整控制器示例:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class PaymentController extends Controller
{
protected paytabsConfig=[
‘profile_id=>env(PAYTABS_PROFILE_ID),
‘server_key=>env(PAYTABS_SERVER_KEY),
‘region=>SAU’,// Saudi Arabia
‘endpoint=https://secure.paytabs.sa/payment/request’
];
public function initiate(Request request)
{
数据=[
profile_idthispaytabConfigprofileid,
tran_type=sale,
tran_class=ecom,
cartiduniqid(),
cartdescriptionProduct Purchase",
金额requestamount*100;//转换为分
货币= SAR ,
回调urlroute(payment.callback),
返回urlroute(payment.thankyou),
customer_details[
name requestname,
email requestemail ,
phone requestphone ,
street1 addressline1 ,
城市Riyadh ,
国家SA ,
zip空值 ]];
签名hash_hmac('sha256’,implode(“”,数组值数据)), thispaytabConfigserverkey);
响应Http::asForm()->post(thispaytabConfigendpoint arraymerge数据 [signature签名]);
If(response成功()){
返回redirect(responsejson()redirect url);
}else{abort500);}}
Publicfunction callback(Request请求){
If(! hash equals(request signature计算签名)) abort403);
订单Order::find(requestcart id);
Switch(strtolower(requestresp status)){
Case authorized:
订单markAsPaid();
Break;
Default:
订单markAsFailed();}}
}
PHP框架不可知的服务类设计
对于非Laravel项目,可以这样设计支付服务类:
interface MiddleEastPaymentInterface{
公共函数processPayment(float amount字符串 currency数组 customerData):数组;}
abstract class AbstractMiddleEastProcessor implements MiddleEastPaymentInterface{
受保护的配置=[];
受保护的测试模式=false;
公共函数构造器(bool testMode=false){
这个testMode=testMode;}
抽象保护函数生成签名(数组 params):字符串 ;
抽象保护函数准备请求数据(float amount字符串 currency数组 customerData):陣列 ;}
class PayFortProcessor扩展AbstractMiddleEastProcessor {
protected功能 generateSignature(array params){
ksort(params);//关键步骤:按字母顺序排序键名
return strtoupper(hash_hmac('sha256’, implode(“”,params), configSHA phrase));}
public功能 processPayment(...args){
请求数据thisprepareRequestData(args);
请求数据 signature]= thisgenerateSignature(request_data);
curl选项=[CURLOPT_URL https api pay fort com transaction create,
CURLOPT_POST true,
CURLOPT RETURNTTRANSFER true,
CURLOPT POSTFIELDS http build query (request data)];
ch curl_init();
foreach(curl options as option value){curl setopt(ch option value);}
结果 curl_exec(ch);
if(json validate(result)){return json decode(result true);}else{throw new RuntimeException();}}}
常见问题解决方案
阿拉伯字符编码问题
mb_internal encoding("UTF-8");
description iconv(mb detect encoding description),"UTF-8",description );
时区处理(海湾标准时间GST +4)
date_default_timezone_set Asia Riyadh ;
本地化错误消息
arabicMessages [
payment_successful تمت عملية الدفع بنجاح ,
declined تم رفض المعاملة من قبل البنك ];
function getLocalizedMessage(string key string lang=en ){
if(lang ar isset(thisarabicMessages[key])){return thisarabic messages[key];}
else {return defaultEnglishMessages[key];}}
测试策略建议
1创建沙箱账号时选择中东地区特别是沙特或阿联酋账户以测试本地特性如:
- MADA/SADAD付款流程
- Arabic界面显示正确性
- GST时间戳是否正确
2模拟各种银行的拒绝响应确保正确处理:
testCards [
mada_test : [ number : ”4543470000000005”, response_code : ”20064” ],//SABB Bank rejection code example...];
以上内容涵盖了从基础集成到高级注意事项的全方位指导。实际实施时应仔细阅读各支付网关的最新API文档并咨询当地法律顾问以确保完全符合区域法规要求。
Chinese (China) 
English 
Chinese (Taiwan)