Examples
HTML, PHP, and JavaScript code examples for the Payments API
Working example implementations of the WiPay Payments API using the minimum set of parameters. Use any modern, Web API-capable library of your choice.
Note: These examples are for reference only. Do not use them as-is in production environments.
For API-style integrations, send Accept: application/json so the endpoint returns a JSON bootstrap response containing the hosted checkout url and, when available, the transaction_id.
HTML Form
The simplest integration method. Upon clicking "Checkout", the customer is automatically redirected to the Hosted Payment Page (no JSON response).
<form action="https://ttsb.wipayfinancial.com/plugins/payments/request"
method="POST">
<input type="hidden" name="account_number" value="1234567890">
<input type="hidden" name="avs" value="0">
<input type="hidden" name="country_code" value="TT">
<input type="hidden" name="currency" value="USD">
<input type="hidden" name="data" value="{"a":"b"}">
<input type="hidden" name="environment" value="sandbox">
<input type="hidden" name="fee_structure" value="customer_pay">
<input type="hidden" name="method" value="credit_card">
<input type="hidden" name="order_id" value="oid_123-aBc">
<input type="hidden" name="origin" value="WiPay-example_app">
<input type="hidden" name="response_url"
value="https://example.com/response">
<input type="hidden" name="total" value="10.00">
<!-- Redirect occurs after clicking Checkout -->
<input type="submit" value="Checkout">
</form>PHP (cURL)
Server-side implementation using PHP's cURL library. The API returns JSON, and you redirect the customer to the hosted page URL.
$curl = curl_init('https://ttsb.wipayfinancial.com/plugins/payments/request');
curl_setopt_array($curl, [
CURLOPT_FOLLOWLOCATION => false,
CURLOPT_HEADER => false,
CURLOPT_HTTPHEADER => [
'Accept: application/json',
'Content-Type: application/x-www-form-urlencoded'
],
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => http_build_query([
'account_number' => '1234567890',
'avs' => '0',
'country_code' => 'TT',
'currency' => 'USD',
'data' => '{"a":"b"}',
'environment' => 'sandbox',
'fee_structure' => 'customer_pay',
'method' => 'credit_card',
'order_id' => 'oid_123-aBc',
'origin' => 'WiPay-example_app',
'response_url' => 'https://example.com/response',
'total' => '10.00'
]),
CURLOPT_RETURNTRANSFER => true
]);
$result = curl_exec($curl);
curl_close($curl);
// Parse JSON response
$result = json_decode($result);
// Redirect customer to the Hosted Payment Page
header("Location: {$result->url}");
die();JavaScript (Fetch API)
Client-side implementation using the Fetch API. After receiving the JSON response, redirect the customer to the hosted page URL.
const headers = new Headers();
headers.append('Accept', 'application/json');
const parameters = new URLSearchParams();
parameters.append('account_number', '1234567890');
parameters.append('avs', '0');
parameters.append('country_code', 'TT');
parameters.append('currency', 'USD');
parameters.append('data', '{"a":"b"}');
parameters.append('environment', 'sandbox');
parameters.append('fee_structure', 'customer_pay');
parameters.append('method', 'credit_card');
parameters.append('order_id', 'oid_123-aBc');
parameters.append('origin', 'WiPay-example_app');
parameters.append('response_url', 'https://example.com/response');
parameters.append('total', '10.00');
const options = {
method: 'POST',
headers: headers,
body: parameters,
redirect: 'follow'
};
fetch('https://ttsb.wipayfinancial.com/plugins/payments/request', options)
.then(response => response.json())
.then(result => {
if (!result.url) {
throw new Error(result.message || 'Missing hosted checkout URL');
}
// Redirect customer to the Hosted Payment Page
window.location.href = result.url;
})
.catch(error => console.log('error', error));Handling the Response
Regardless of which integration method you use, after the customer completes the payment on the Hosted Payment Page, they are redirected to your response_url with transaction response parameters appended as a query string.
PHP Response Handler Example
// minimal response_url endpoint handler
$status = $_GET['status'] ?? null;
$transaction_id = $_GET['transaction_id'] ?? null;
$hash = $_GET['hash'] ?? null;
if ($status === 'success') {
// Verify the hash using the original total from your order record,
// not the customer-facing total returned in the redirect parameters.
$api_key = 'your_api_key_here';
$original_total = '10.00';
$expected_hash = md5($transaction_id . $original_total . $api_key);
if ($hash === $expected_hash) {
// Transaction verified — update your order status
} else {
// Hash mismatch — possible tampering
}
} else {
// Transaction failed or error — handle accordingly
}The redirect total parameter is still useful for display and reconciliation, but hash verification must use the original total you submitted in the Payment Request.