I have a pricing table that includes 3 plans with different prices.
I'm trying to charge the user the amount related to the plan they select. Is there a way to dynamically fetch the amount on the server side using PHP when the user selects a plan and the form is submitted? I'm not sure how to pass the dollar amount safely and charge them.
Edit: added PHP code
Here is the PHP i'm working with which pulls the dollar amount from the form which is inside a value. eg. "value='20'. My problem with the current setup is anyone can change that value.
<?php
require 'lib/Stripe.php';
if ($_POST) {
Stripe::setApiKey("insert_key_here");
try {
if (empty($_POST['email']))
throw new Exception("Fill out all required fields.");
if (!isset($_POST['stripeToken']))
throw new Exception("The Stripe Token was not generated correctly");
Stripe_Charge::create(array("amount" => $_POST['posted'] * 100,
"currency" => "usd",
"card" => $_POST['stripeToken'],
"description" => $_POST['email']));
$success = '<div class="alert alert-success">
<strong>Success!</strong> Your payment was successful.
</div>';
}
}
?>
I would recommend passing a an additional <input type="hidden">-field or a drop-down along with your form that contains the tier name. This can map to an enumeration (or map) on your backend that has the actual amounts associated with each tier. Then you don't run the risk of someone screwing with your Javascript and changing what they have to pay.