Symphony.

I think I understand it now: the fingerprint is calculated before the form is sent to the user, right?

Yes, that could work.

The only problem with sending the fingerprint back to the user is that everybody can manipulate both the fingerprint and the price once they know your secret. So having a secure (read:long and random) secret is very important for this to work.

However (I know, I keep getting back at this), why not store the information in a session? That's what they are for. The flow would be something like this: scrape form looking for hidden inputs, store fingerprint in session, compare submitted with fingerprint, done.

Now, because you are not sharing the fingerprint with the user, he has no way of manipulating it, and you still have the flexibility to use whatever you want to calculate the prices.

I think this would be quite good as a separate extension (or event), as I'd find it useful in some cases:)

However (I know, I keep getting back at this), why not store the information in a session? That's what they are for. The flow would be something like this: scrape form looking for hidden inputs, store fingerprint in session, compare submitted with fingerprint, done.

I like your thinking. That is exactly what I've done along with a secret. Let me know what you think!

Thanks for your feedback!

@Lewis, how is this coming along?

Still testing. I need to push a couple bugs fixes to Github.

Realistically, another two weeks until I'm done with the current project that I built it for and I suspect there are still a few bugs to be squashed.

Going to check this out over the weekend. I have an unpaid (ie family) project which will be requiring integration with http://paymate.com (basically an Australian version of Stripe, but not quite as cool), so this sounds like it could be a good starting point.

It looks like I finally have a chance to use Stripe in a project so I'm looking forward to giving this extension a try. Just a few potential sticking points though...

1) Would it support UK currency/payments? I'm currently beta testing Stripe for the UK. This wasn't a supported country at the time you put this together but I wasn't sure how tied it was to currencies or how easy it would be to modify to include the UK?

2) Can this extension be used with any kind of shopping cart functionality or is it just intended to be more like a buy button which returns the payment form for individual items? I really don't need any complex cart functionality, just basically taking advantage of the session so a user can add things to a cart and buy all at once. If this extension doesn't support that kind of functionality can it be integrated with one such as one of the ones mentioned in this thread?

3) Does it support Stripe Connect? Or was this extension built prior to Connect being released. Particularly I need it to collect a transaction fee with each transaction.

Did it all go well with the project you were building it for? Can a see an example of it in action?

Thanks Lewis.

Would it support UK currency/payments? I'm currently beta testing Stripe for the UK. This wasn't a supported country at the time you put this together but I wasn't sure how tied it was to currencies or how easy it would be to modify to include the UK?

It can be added.

Can this extension be used with any kind of shopping cart functionality or is it just intended to be more like a buy button which returns the payment form for individual items?

Any shopping cart. You simple pass Stripe values via a form (i.e. Symphony event)

Does it support Stripe Connect?

Not currently.

It can be added.

Great. Shall I fork the repo and take a stab at it or is it something that you'd be looking to add in to your extension?

Any shopping cart. You simple pass Stripe values via a form (i.e. Symphony event)

Sounds good. Speaking completely in theory as I haven't used this extension or Nils and John's cart session extension, but could the two work together to provide basic cart functionality linking up with Stripe Payments? It's all new to me.

In your initial spec you mentioned being able to record members and orders to their own sections. Is this included with the finished version of this addon? That would certainly be a very nice bonus.

Regarding Stripe Connect that maybe something I can do without for the time being.

Thanks.

It's really Nils and Michael's. I am merely a tester. Credit where credit is due ;)

Great. Shall I fork the repo and take a stab at it or is it something that you'd be looking to add in to your extension?

I have a bunch of changes locally that I have not pushed to github yet. Let me go through a couple of things and push it to github this weekend. Probably best to wait till then before you start playing or forking.

Sounds good. Speaking completely in theory as I haven't used this extension or Nils and John's cart session extension, but could the two work together to provide basic cart functionality linking up with Stripe Payments? It's all new to me.

I'm not familiar with their pension but after taking a quick look it shouldn't be a problem.

In your initial spec you mentioned being able to record members and orders to their own sections. Is this included with the finished version of this addon? That would certainly be a very nice bonus.

At its core, this extension allows you to utilize Symphony filters on events to communicate with the Stripe API.

Keep in mind that this extension is still experimental and there are several issues with 0.3. I'm hoping to get these ironed out on the site that I'm using it but development is slow for other reasons.

@Lewis

I was wondering if you were planning on pushing your local changes to git anytime soon or at least making a development branch. I was planning on transitioning from paypal to stripe so users wouldn't have to leave the site to make a payment. Also i noticed many users are discouraged with paypal as they feel they have to create a paypal account in order to complete a purchase(even though they can check out as a guest on paypal).

Just wondering about the workflow of instalment payments which need a stripe customer id set up.

Would it be better to create a custom event that checks for a Stripe customer id (creating it if not found) or can a customer be created and the charge created "out of box" in one go?