Jump to content

How to save the credit card_data and in whmcs database using stripe payment gateway.


Mohit Sharma

Recommended Posts

It probably depends on which payment gateway you are using, but this works for me for saving Stripe customer ids and payment ids I created outside of WHMCS so I can relate them to a customer in WHMCS.

set block_encryption_mode = 'aes-256-cbc';

update tblcreditcards set card_data = hex(aes_encrypt('{"remoteToken":"{\"customer\":\"' . $stripeCustomerId . '\",\"method\":\"' . $stripePaymentMethodId . '\"}"}', md5($creditCardHash . $clientId), unhex('00000000000000000000000000000000'))) where id= $rowId;

Requires MySQL (not Maria) 5.7 or greater.

In your case to get the format of the value that's encrypted in card_data, I'd save a credit card through WHMCS first and then read what's in the card_data value:

SELECT AES_DECRYPT(UNHEX(card_data),md5($creditCardHash . $clientId),unhex('00000000000000000000000000000000')) AS card_data FROM tblcreditcards where id = $rowId;

Bests,
Carl

Link to comment
Share on other sites

On 1/3/2020 at 12:04 PM, Mohit Sharma said:


I want to save the credit card last four digit and card_data in whmcs database in blob format manually so we can add the add payment method from other page.

Beware: to do this, your company and your system are required to be PCI compliant (over 300 different security checks, external auditing...).

It's a nightmare, and costs a lot of money early...

Link to comment
Share on other sites

  • 3 years later...
On 1/9/2020 at 7:26 PM, Carl H said:

It probably depends on which payment gateway you are using, but this works for me for saving Stripe customer ids and payment ids I created outside of WHMCS so I can relate them to a customer in WHMCS.

set block_encryption_mode = 'aes-256-cbc';

update tblcreditcards set card_data = hex(aes_encrypt('{"remoteToken":"{\"customer\":\"' . $stripeCustomerId . '\",\"method\":\"' . $stripePaymentMethodId . '\"}"}', md5($creditCardHash . $clientId), unhex('00000000000000000000000000000000'))) where id= $rowId;

Requires MySQL (not Maria) 5.7 or greater.

In your case to get the format of the value that's encrypted in card_data, I'd save a credit card through WHMCS first and then read what's in the card_data value:

SELECT AES_DECRYPT(UNHEX(card_data),md5($creditCardHash . $clientId),unhex('00000000000000000000000000000000')) AS card_data FROM tblcreditcards where id = $rowId;

Bests,
Carl

Hmm... how / where do I find that $creditCardHash variable to run something like this manually in phpMyAdmin?

I'm trying to update the card_data data to use the new JSON format that stores customer/method data like this for Stripe payments:
 

{"customer":"cus_XYZ","method":"pm_XYZ"}

instead of the old 3rd party Stripe plugin that just stored it like this

cus_XYZ,pm_XYZ

without having to force all hundred+ of my clients to log in manually, every single one of them, and to update the credit cards on record. 

Link to comment
Share on other sites

  • 2 months later...
On 10/7/2023 at 4:10 PM, CrazySerb said:

Hmm... how / where do I find that $creditCardHash variable to run something like this manually in phpMyAdmin?

I'm trying to update the card_data data to use the new JSON format that stores customer/method data like this for Stripe payments:
 

{"customer":"cus_XYZ","method":"pm_XYZ"}

instead of the old 3rd party Stripe plugin that just stored it like this

cus_XYZ,pm_XYZ

without having to force all hundred+ of my clients to log in manually, every single one of them, and to update the credit cards on record. 

A couple of things as I am going through this right now....  

 

$creditcardhash is stored in configuration.php.   I found a script on GitHub that provides a working example on how to decrypt.   Right here:  https://gist.github.com/harryspink/82c095a89e39d3a077cd2d7dc640fddb

I'm checking out on how to encrypt as Carl is doing via SQL, but using WHMCS phpseclib as shown in the decrypt example above.  

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated