In reality, PCI is a set of security guidelines drawn up by a consortium of credit card companies and industry security experts to govern how applications should behave when handling credit or debit card information. The card companies impose these standards on the banks who then impose them on those of us who operate e-commerce sites and the like. In this article we will dispel a couple of persistent myths about PCI, take a 20,000-foot look at what PCI encompasses, and then zero in on those requirements that are most closely associated with coding in general and PHP specifically.

He starts with some common myths about PCI (Payment Card Industry) compliance, including that it only applies to "the big guys" taking payments on the web. He then goes through some of the major points of the PCI requirements and talks about a few of them that specifically relate to the backend code side of things.

• Static page caching support in the routing configuration
• Payment validators with docblock assertions, including error messages for failures.

These features are all a part of the upcoming Symfony 2.2 release that's planned to be moved in the "stabilization" status in early 2013. It should be able two months following that when the stable version will be released.

In this, the second episode of PHP Cloud Development Casts, we go through how to creating charges with the Stripe.com libraries. We use a simple Kohana based PHP setup to create a token and an accompanying charge. We then login to our account and look at the details that Stripe stores about the transaction from tokens, charges, events and other logged data.

You can view the video either on their site or by heading to Vimeo for a bit larger version. He shows how to use Stripe's own Javascript and PHP scripts to connect to the API. He does it as a part of a Kohana-based application, but it can be easily adapted to any framework (or non-framework) site out there.

Online payments are increasingly becoming more and more popular. GoCardless is yet another payment service, which currently works in the UK, allowing you to accept payments online.

Most of the tutorial is used to explain what the service is, getting you set up with an account (complete with screenshots) and how you can work with their API via an SSL connection. Included are examples of this using their PHP Library and what the results look like in their interface.

As an Authorize.Net blogger, I decided to write a series of articles that outlined not only the basics of handling an ecommerce transaction, but also included some best practices as well. These were demonstrated using a web-based payment form that when complete forms a real-world, production ready solution. Since there was a lot of ground to cover, I broke the tutorial into eleven parts.

Parts of the series cover topics like:

• reading/sanitizing data
• handling validation errors
• preventing duplicate submissions
• preventing automated form submissions

For those that want to jump straight into the code, he also links to his sample payment form and the Authorize.net PHP SDK.

PayPal is the most popular platform for receiving online payments. The relative ease of opening a PayPal account and receiving payments compared to opening a merchant account for a traditional payment gateway is the number one reason, and another is the comprehensive API they provide for their payment services. [...] There doesn't seem to be any better alternatives currently, so hopefully this guide will help ease the pain for some of you out there taking your lumps working the API into your applications.

Eran starts with a look at some of the different payment options, express, direct, recurring and mass, and what they're good for. From there, it's off to the code with his tool of choice being curl to make it simpler to make requests with headers, content and fetch the response message. He's put together a little custom function to make it easier to reuse. As an example, he shows how to make an Express Checkout request by grabbing a token and redirecting to the PayPal site for handling.

I received a tutorial requests from my reader that asked to me how to implement payment gateway system with Paypal API. In this post I want to explain how to work with Paypal Sandbox test accounts for payment system development and sending arguments while click buy now button. It's simple and very easy to integrate in your web projects.

He includes the SQL to create a basic database for storing product and sales information (as well as a bit of user data linked to them) as well as instructions on creating the accounts you'll need on the PayPal side. The script creates a form that takes the payment information and pushes it to a script on the PayPal side for validation and charging.

PayPal has a huge API reference to integrate it's services into any website. But from personal experience I found that the theory is far more simple than the practice. There are various methods to implement PayPal's services including Soap webservices with 'Express Checkout' and 'Website Payment Pro'. This tutorial will focus on 'Website Payment Pro' and the 'IPN' event listener.

He shows how to send the information as a POST request in one of two ways - as a standard form submission kind of POST and from a script opening a direct socket to the PayPal server and sending over a well-formed request.

Features mentioned in this post include:

• Customer Store Credits Feature
• Integrated with Amazon Payments
• Gift Certificates/Cards (Physical and Virtual)
• Integrated with Google Checkout
• Accept Purchase Orders
• Payment Extensions Available through Magento Connect

Check out the full post for more and descriptions of each.

In my situation, PayPal is only used to pay for orders - cart and order setup is done in our shop, so I do not want to have additional problems with users changing orders numbers, amount to be paid, etc. [...] Only PayPal knows how to decrypt it, because it uses public key encryption technology (you need to upload your certificate in PayPal account).

Some sample usage code is included as is a link to the class itself. His example takes a payment transaction including the item name, amount and currency type and sends it off to the PayPal servers in a connection protected by certificates.