Integrate With Payment Gateway
Integrate your PHP-based website with our SDK to start accepting payments using the Curlec Payment Gateway.
Start accepting domestic payments from customers on your website using the Curlec Payment Gateway.
Curlec has developed the Standard Checkout method and manages it. You can configure payment methods, orders, company logo and also select custom colour based on your convenience.
- Create a .
- Log in to the Curlec Dashboard and in test mode. To go live with the integration and start accepting real payments, generate Live Mode API Keys and replace them in the integration.
You can either download or run a composer command to install Razorpay PHP SDK.
Download the latest
from GitHub. Therazorpay-php.zip is pre-compiled to include all dependencies.Watch Out!
Ensure you are using 5.6 or a higher version of the
.Before you begin, we recommend you check the
, and verify that your project contains the following files:Handy Tips
You can also download the
directly from github.Follow these steps to integrate:
- : Use the sample codes to integrate the Curlec Razorpay PHP SDK with your PHP-based website.
- : Make a test payment using the payment methods configured at checkout to ensure the integration is working as expected.
- : Check the go-live checklist before taking the integration live.
Order is an important step in the payment process.
- An order should be created for every payment.
- You can create an order using the . It is a server-side API call. Know how to Orders API.
- The
order_idreceived in the response should be passed to the checkout. This ties the Order with the payment and secures the request from being tampered.
In the sample app, the index.php file contains the code for order creation using Orders API.
$api->order->create(array('receipt' => '123', 'amount' => 5000, 'currency' => 'MYR', 'notes'=> array('key1'=> 'value3','key2'=> 'value2')));
Here is the list of parameters for creating an order:
amount
mandatory
integer The amount to be paid by the customer in sen. For example, if the amount is MYR 500.00, enter 50000.
currency
mandatory
string The currency in which the payment should be made by the customer. Length must be of 3 characters.
receipt
optional
string Your receipt id for this order should be passed here. Maximum length is 40 characters.
notes
optional
json object Key-value pair that can be used to store additional information about the entity. Maximum 15 key-value pairs, 256 characters (maximum) each. For example, "note_key": "Beam me up Scotty”.
partial_payment
optional
boolean Indicates whether the customer can make a partial payment. Possible values:
true: The customer can make partial payments.false(default): The customer cannot make partial payments.
first_payment_min_amount
optional
integer Minimum amount that must be paid by the customer as the first partial payment. For example, if an amount of MYR 7,000.00 is to be received from the customer in two installments of #1 - MYR 5,000.00, #2 - MYR 2,000.00 then you can set this value as 500000. This parameter should be passed only if partial_payment is true.
Know more about
.Descriptions for the response parameters are present in the
table.The error response parameters are available in the
.Add the Curlec Checkout options to your project. For example, if you are using HTML for your front-end, create a page called pay.html and add the Pay button on your web page using the checkout code and either the callback URL or handler function.
Handy Tips
For FPX payments, you must use the Callback URL sample code for checkout. You should send the following parameters along with the other checkout parameters:
callback_urlwith the URL to which customers should be redirected after payment completion.redirectwith the value astrue.
Copy-paste the parameters as options in your code:
$data = ["key" => $YOUR_KEY_ID, // Enter the Key ID generated from the Dashboard"amount" => $5000, // Amount is in sen. Default currency is MYR. Hence, 50000 refers to 50000 sen"currency" => $MYR,"name" => "Acme Corp","description" => "Test transaction","image" => "https://cdn.razorpay.com/logos/GhRQcyean79PqE_medium.png","prefill" => ["name" => "Siti Aisyah","email" => "siti.aisyah@example.com","contact" => "+601113455567",],"notes" => ["address" => "Curlec Corporate Office","merchant_order_id" => "12312321",],"theme" => ["color" => "#3399cc"],"order_id" => $order_IluGWxBm9U8zJ8, // This is a sample Order ID. Pass the `id` obtained in the response of Step 1];$json = json_encode($data);require("checkout/{$checkout}.php");
Handy Tips
If you want to use this as your final code, follow the steps given below:
- Edit the
[KEY_ID]inside the html file. Use the test keys while testing your application.
Know how to . - Edit the
[KEY_ID]and[KEY_SECRET]in config.php.
key
mandatory
string API Key ID generated from the Curlec Dashboard.
amount
mandatory
integer The amount to be paid by the customer in sen. For example, if the amount is MYR 500.00, enter 50000.
currency
mandatory
string The currency in which the payment should be made by the customer. Length must be of 3 characters.
name
mandatory
string Your Business/Enterprise name shown on the Checkout form. For example, Acme Corp.
description
optional
string Description of the purchase item shown on the Checkout form. It should start with an alphanumeric character.
image
optional
string Link to an image (usually your business logo) shown on the Checkout form. Can also be a base64 string if you are not loading the image from a network.
order_id
mandatory
string Order ID generated via
prefill
object You can prefill the following details at Checkout.
Boost Conversions and Minimise Drop-offs
- Autofill customer contact details, especially phone number to ease form completion. Include customer’s phone number in the
contactparameter of the JSON request'sprefillobject. Format: +(country code)(phone number). Example: “contact": "+601113455567"). - This is not applicable if you do not collect customer contact details on your website before checkout, have Shopify stores or use any of the no-code apps.
name
optional
string Cardholder's name to be pre-filled if customer is to make card payments on Checkout. For example, Siti Aisyah.
optional
string Email address of the customer.
contact
optional
string Phone number of the customer. The expected format of the phone number is + {country code}{phone number}. If the country code is not specified, 60 will be used as the default value. This is particularly important while prefilling contact of customers with phone numbers issued outside Malaysia. Examples:
- +14155552671 (a valid non-Malaysian number)
- +601113455567 (a valid Malaysian number).
If 1113455567 is entered without the country code,+60is added to it as +601113455567.
method
optional
string Pre-selection of the payment method for the customer. Will only work if contact and email are also pre-filled.
Possible value is card.
notes
optional
object Set of key-value pairs that can be used to store additional information about the payment. It can hold a maximum of 15 key-value pairs, each 256 characters long (maximum).
theme
object Thematic options to modify the appearance of Checkout.
hide_topbar
optional
boolean Used to display or hide the top bar on the Checkout form. This bar shows the selected payment method, phone number and gives the customer the option to navigate back to the start of the Checkout form. Possible values:
true: Hides the top barfalse(default): Displays the top bar.
color
optional
string Enter your brand colour's HEX code to alter the text, payment method icons and CTA (call-to-action) button colour of the Checkout form.
backdrop_color
optional
string Enter a HEX code to change the Checkout's backdrop colour.
modal
object Options to handle the Checkout modal.
backdropclose
optional
boolean Indicates whether clicking the translucent blank space outside the Checkout form should close the form. Possible values:
true: Closes the form when your customer clicks outside the checkout form.false(default): Does not close the form when customer clicks outside the checkout form.
escape
optional
boolean Indicates whether pressing the escape key should close the Checkout form. Possible values:
true(default): Closes the form when the customer presses the escape key.false: Does not close the form when the customer presses the escape key.
handleback
optional
boolean Determines whether Checkout must behave similar to the browser when back button is pressed. Possible values:
true(default): Checkout behaves similarly to the browser. That is, when the browser's back button is pressed, the Checkout also simulates a back press. This happens as long as the Checkout modal is open.false: Checkout does not simulate a back press when browser's back button is pressed.
confirm_close
optional
boolean Determines whether a confirmation dialog box should be shown if customers attempts to close Checkout. Possible values:
true: Confirmation dialog box is shown.false(default): Confirmation dialog box is not shown.
ondismiss
optional
function Used to track the status of Checkout. You can pass a modal object with ondismiss: function()\{\} as options. This function is called when the modal is closed by the user.
animation
optional
boolean Shows an animation before loading of Checkout. Possible values:
true(default): Animation appears.false: Animation does not appear.
subscription_id
optional
string If you are accepting recurring payments using Curlec Checkout, you should pass the relevant subscription_id to the Checkout. Know more about
subscription_card_change
optional
boolean Permit or restrict customer from changing the card linked to the subscription. You can also do this from the
true: Allow the customer to change the card from Checkout.false(default): Do not allow the customer to change the card from Checkout.
callback_url
optional
string Customers will be redirected to this URL on successful payment. Ensure that the domain of the Callback URL is allowlisted. This parameter is mandatory for FPX payments.
redirect
optional
boolean Determines whether to post a response to the event handler post payment completion or redirect to Callback URL. callback_url and redirect parameters are mandatory for FPX payments. Possible values:
true: Customer is redirected to the specified callback URL in case of payment failure. For FPX payments, theredirectparameter should always be sent astrue.false(default): Customer is shown the Checkout popup to retry the payment.
customer_id
optional
string Unique identifier of customer.
remember_customer
optional
boolean Determines whether to allow saving of cards. Can also be configured via the
true: Enables card saving feature.false(default): Disables card saving feature.
timeout
optional
integer Sets a timeout on Checkout, in seconds. After the specified time limit, the customer will not be able to use Checkout.
readonly
object Marks fields as read-only.
contact
optional
boolean Used to set the contact field as readonly. Possible values:
true: Customer will not be able to edit this field.false(default): Customer will be able to edit this field.
optional
boolean Used to set the email field as readonly. Possible values:
true: Customer will not be able to edit this field.false(default): Customer will be able to edit this field.
name
optional
boolean Used to set the name field as readonly. Possible values:
true: Customer will not be able to edit this field.false(default): Customer will be able to edit this field.
hidden
object Hides the contact details.
contact
optional
boolean Used to set the contact field as optional. Possible values:
true: Customer will not be able to view this field.false(default): Customer will be able to view this field.
optional
boolean Used to set the email field as optional. Possible values:
true: Customer will not be able to view this field.false(default): Customer will be able to view this field.
allow_rotation
optional
boolean Used to rotate payment page as per screen orientation. Applicable from Android SDK version 1.6.4 and above. Possible values:
true: Payment page can be rotated.false(default): Payment page cannot be rotated.
config
optional
object Parameters that enable configuration of checkout display language.
display
object Child parameter that enables configuration of checkout display language.
language
string The language in which checkout should be displayed. Possible value is en: English.
Handy Tips
The open method of Razorpay object (rzp1.open()) must be invoked by your site's JavaScript, which may or may not be a user-driven action such as a click.
The way the Payment Success and Failure scenarios are handled depends on the
you used in the last step.If you used the sample code with the callback URL:
Razorpay makes a POST call to the callback URL with the razorpay_payment_id, razorpay_order_id and razorpay_signature in the response object of the successful payment. Only successful authorisations are auto-submitted.
If you used the sample code with the handler function:
The customer sees your website page. The checkout returns the response object of the successful payment (razorpay_payment_id, razorpay_order_id and razorpay_signature). Collect these and send them to your server.
Use the Success/Failure Handling code given below:
"handler": function (response){alert(response.razorpay_payment_id);alert(response.razorpay_order_id);alert(response.razorpay_signature)}
Multiple payment methods are available on Curlec Standard Checkout.
- The payment methods are fixed and cannot be changed.
- You can configure the order or make certain payment methods prominent. Know more about configuring payment methods. Know more about .
A successful payment returns the following fields to the Checkout form.
- You need to store these fields in your server.
- You can confirm the authenticity of these details by verifying the signature in the next step.
razorpay_payment_id
string Unique identifier for the payment returned by Checkout only for successful payments.
razorpay_order_id
string Unique identifier for the order returned by Checkout.
razorpay_signature
string Signature returned by the Checkout. This is used to verify the payment.
This is a mandatory step that allows you to confirm the authenticity of the details returned to the checkout for successful payments.
To verify the razorpay_signature returned to you by the checkout:
-
Create a signature in your server using the following attributes:
-
Use the SHA256 algorithm, the
razorpay_payment_idand theorder_idto construct an HMAC hex digest as shown below:generated_signature = hmac_sha256(order_id + "|" + razorpay_payment_id, secret);if (generated_signature == razorpay_signature) {payment is successful} -
If the signature you generate on your server matches the
razorpay_signaturereturned to you by the checkout, the payment received is from an authentic source.Use the code given below to generate signature on your server:
$api = new Api($key_id, $secret);$api->utility->verifyPaymentSignature(array('razorpay_order_id' => $razorpayOrderId, 'razorpay_payment_id' => $razorpayPaymentId, 'razorpay_signature' => $razorpaySignature));
Handy Tips
On the Dashboard, ensure that the payment status is captured. Refer to the payment capture settings page to know how to
You can track the payment status in three ways:
To verify the payment status from the Dashboard:
- Log in to the and navigate to Transactions → Payments.
- Check if a Payment Id has been generated and note the status. In case of a successful payment, the status is marked as Captured.
After the integration is complete, a Pay button appears on your webpage/app.
Click the button and make a test transaction to ensure the integration is working as expected. You can start accepting actual payments from your customers once the test transaction is successful.
You can make test payments using one of the payment methods configured at the Checkout.
Watch Out!
This is a mock payment page that uses your test API keys, test card and payment details.
- Ensure you have entered only your in the Checkout code.
- No real money is deducted due to the usage of test API keys. This is a simulated transaction.
Following are all the payment modes that the customer can use to complete the payment on the Checkout.
Following are the payment methods supported as configured at Curlec Checkout.
You can select any of the listed banks. After choosing a bank, Curlec will redirect to a mock page where you can make the payment a success or a failure. Since this is Test Mode, we will not redirect you to the bank login portals.
You can select any of the listed wallets. After choosing a wallet, you will be redirected to a mock page where you can make the payment success or a failure. Since this is Test Mode, we will not redirect you to the wallet login portals.
We support
wallet.Watch Out!
iOS integration for Touch'n Go wallet is currently unavailable. We will be adding support for it soon.
You can use one of the following test cards to test transactions for your integration in Test Mode.
- Use any valid expiration date in the future in the MM/YY format.
- Use any random CVV to create a successful payment.
Check the list of
.Check the go-live checklist for Curlec Web Standard Checkout integration. Consider these steps before taking the integration live.
You can perform an end-to-end simulation of funds flow in the Test Mode. Once confident that the integration is working as expected, switch to the Live Mode and start accepting payments from customers.
Watch Out!
Ensure you are switching your test API keys with API keys generated in Live Mode.
To generate API Keys in Live Mode on your Curlec Dashboard:
- Log in to the and switch to Live Mode on the menu.
- Navigate to Account & Settings → API Keys → Generate Key to generate the API Key for Live Mode.
- Download the keys and save them securely.
- Replace the Test API Key with the Live Key in the Checkout code and start accepting actual payments.
After payment is authorized, you need to capture it to settle the amount to your bank account as per the settlement schedule. Payments that are not captured are auto-refunded after a fixed time.
Watch Out
- You should deliver the products or services to your customers only after the payment is captured. Curlec automatically refunds all the uncaptured payments.
- You can track the payment status using our or webhooks.
- Auto-capture payments (recommended)
Authorized payments can be automatically captured. You can auto-capture all payments on the Curlec Dashboard.
Watch Out!
Payment capture settings work only if you have integrated with Orders API on your server side. Know more about the
.- Manually capture payments
Each authorized payment can also be captured individually. You can manually capture payments using:
Know more about
.Ensure you have
in the live mode and configured the events for which you want to receive notifications.Is this integration guide useful?