Jump to content

Store CC Details / Token with Third Party Gateway


Recommended Posts

We are making a module for a payment gateway that is a third party gateway, CC information is entered on the gateways site not WHMCS.


The gateway however allows us to store CC information in a form of subscription type for future payments. Then returns to us a Token and the last 4 digits of the CC that we must use for future requests. It returns this info to the callback file.


According to WHMCS documentation though Token storage only works with Capture/Merchant solutions.



Is there any way to make token storage work with Third Party gateways that anyone knows of? Short of manually entering the Token into the 'tblclients' table manually, which it seems the information is encrypted. Not sure in what form they encrypt or we could do it manually.


But then manually I think we would have the problem of _capture vs. _link which we use now.


Any thoughts?

Link to comment
Share on other sites

Figured out how to do this myself using the guide here:



Basically I have to do two things.


One, manually save the CC details to the Database myself when I get them back from the processor, making sure to encrypt them using the salt, and AES_ENCRYPT from MySQL.


Once that's done, then secondly I have to create a _capture function "AS WELL" as the _link function from before. WHMCS allows both _capture and _link to exist in one Module.


Problem is when you activate a payment module WHMCS checks your code to see if you have a _capture or _link command in it, then it sets the DB to either CC or Invoices, Invoices being for third party gateways. The trick was to de-activate my payment module, add the _capture function before the _link function in my code, then re-activate the payment module. (Or just manually change Invoices to CC in the tblpaymentgateways table in the DB)


This then set the DB to CC instead of Invoices.


The _link function still works alongside the _capture function as long as the _capture function comes before the _link. So in this way when someone goes to the Invoice in the client view it shows them what is under the _link function. But the cron and from the backend view invoice the "Attempt Capture" now works if the CC information is saved.


The final code I used to the save the CC information in my callback file was:


$hashed = md5($cc_encryption_hash.$cusid);
mysql_query("UPDATE tblclients SET 
cardnum = '',
startdate = '',
expdate = AES_ENCRYPT('{$response[sAVED_PMT_EXPDATE]}', '$hashed'),
issuenumber = '',
gatewayid = '{$response[sAVED_PMT_REF]}',
cardtype = '".ucfirst(strtolower($response['SAVED_PMT_TYPE']))."',
cardlastfour = '{$four}'
WHERE id = {$cusid}
LIMIT 1");


This correctly encrypts and then saves to the DB the correct CC information for later Capturing. Effectively allowing me to use both _capture and _link in the same payment module. So a third party gateway with CC capture functionality.


- - - Updated - - -


It would really be nice if WHMCS would tell people in their documentation that they can do this and use both _capture and _link in the same module file. It would of saved me hours of work.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated