1. RECEIVING PAYMENTS¶
There are two methods of accepting payments from customers. The first method (presented in subchapter Basic version) is intended for Sellers who do not have e-shops or services integrated with the Dotpay system.
The second method (presented in subchapter Advanced version) is designed for e-shops and services, at which the payment process begins (e.g. customer is ordering some item).
Dotpay payment gateway is located at:
production environment: https://ssl.dotpay.pl/t2/
test environment : https://ssl.dotpay.pl/test_payment/
Caution
Because of security policy, Dotpay payment gateway cannot be embedded in iframe (X-Frame-Options:SAMEORIGIN).
1.1. Basic version¶
To redirect the customer to payment, all data can be saved in the URL - link. In the example below, link_pre-id01| id sklepu, amount , currency and description is passed to the payment form:
https://ssl.dotpay.pl/t2/?id=123456&amount=123.00¤cy=PLN&description=Test
The above address redirects by the method: GET.
Other parameters that can be passed in this way to Dotpay payment form are listed in Table 1 and Table 2 of this document.
After logging to My Dotpay panel you can use menu . This menu allows to determine such data as: id , amount , currency , description and lang .. Generating a payment request means creating a special key which allows defining the given parameters thus prevent modification of payment data.
Links generated this way can be listed and modified (e.g. amount ), in the above mentioned menu.
Key example: rfhu4jb5ym657g3xluf4bbqfmbyj6t17
Using such a generated key you can elicit payment site from the link:
https://ssl.dotpay.pl/t2/?pid=rfhu4jb5ym657g3xluf4bbqfmbyj6t17
In case payment language was NOT specified or defined language was removed, parameter lang allows you to determine language on payment page.
Example of payment page with added parameter lang = en to present payment form in English:
https://ssl.dotpay.pl/t2/?pid=rfhu4jb5ym657g3xluf4bbqfmbyj6t17&lang=en
Additionally, you can attach the ignore_last_payment_channel = 1 parameter to the payment link in order to ignore the payment method recently chosen by the customer (stored in the browser’s memory), so that he will always see the full list of available payment methods.
https://ssl.dotpay.pl/t2/?pid=rfhu4jb5ym657g3xluf4bbqfmbyj6t17&ignore_last_payment_channel=1&lang=pl
Such a prepared link with a key can be sent for example by e-mail to a buyer.
Generated payment link with a key can be used repeatedly until erased by the Merchant in My Dotpay panel ().
Caution
By default for shop is also required sending the chk parameter. In the case of generating payment links from seller administration panel the chk parameter is automatically added to the link.
However for links generated manually or using seller administration panel API chk value has to be calculated and added separately.
Exemplary link is going to look like:
https://ssl.dotpay.pl/t2/?chk=c7dc9bb5d0c726a44cf478d3b78390011641f0f52c3db3c0ba6b9a658c6fb400&pid=poup7bulug5996r7fjc2jl056vfqbgp2
How to calculate chk has been described in Redirection parameters integrity protection (CHK) section. .
Note
If shop doesn’t use automatic notifications URLC and confirmation of each transaction is carried out after manual verification of correctness of booked amount and currency for a specific order, the maturity of the chk parameter may be disabled. For this purpose please contact us by email at the address administracja@dotpay.pl
1.1.1. Example forms of payments / donations¶
Caution
For proper functioning below forms require prior modification of parameters specified in section CONFIGURATION, for example inserting appropriate account id in which payment is to be made (id number can be found after logging in to the seller administration panel tab ,this is a 6-digit number placed after the sign # in column ). Otherwise, you will be redirected to the page with error message.
Customer after clicking button is redirected to the Dotpay payment form (https://ssl.dotpay.pl/t2/) to choose a payment method. Simultaneously with the POST method are sent the following parameters:
seller’s ID (e.g.
id= 123456)transaction’s amount (e.g.
amount= 12.42)transaction’s description (e.g.
description= Payment for invoice #12345/2014)redirection’s type (e.g.
type= 0)return address after payment (e.g.
url= https://www.example.com)return button text (e.g.
buttontext= Return)
Caution
The following forms don’t include a function to calculate the mandatory chk parameter. This functionality should be completed on its own or contact Dotpay administration department (administracja@dotpay.pl) in order to disable the verification of chk . Please read the Security of payment integration chapter before.
The form may also send other, optional parameters of which description can be found in the tables in the further parts of documentation.
1 <!DOCTYPE html>
2 <html>
3
4 <head>
5 <meta charset="UTF-8">
6 </head>
7
8 <body>
9 <!-----------------------------
10
11 Górna część strony
12
13 ------------------------------------->
14
15 <!--- copy start--->
16 <style>
17 div.dotpay_form_donation {
18 font-family: sans-serif;
19 text-align: center;
20 }
21
22
23 div.dp_temat {
24 font-size: 1.5em;
25 font-style: inherit;
26 font-weight: bold;
27 color: #334242;
28 }
29
30 input#dp_def_amount {
31 border: 1px solid #bbb;
32 border-radius: 3px;
33 height: 50px;
34 font-size: 1.3em;
35 background: #dae6ff;
36 text-align: center;
37 font-weight: 500;
38 cursor: pointer;
39 }
40
41 input#dp_kwota {
42 border: 1px solid #bbb;
43 border-radius: 3px;
44 font-size: 1.2em;
45 background: #f8f6fb;
46 text-align: center;
47
48 }
49
50 input#dp_other_amount {
51 font-size: 1em;
52 background: #daedff;
53 border: 1px solid #bbb;
54 border-radius: 3px;
55 padding: 5px;
56 text-align: center;
57 cursor: pointer;
58 }
59
60 button#dp_buttomDarowizna {
61 font-size: 1.3em;
62 background: #ae3131;
63 border: 1px solid #bbb;
64 border-radius: 3px;
65 padding: 5px;
66 text-align: center;
67 cursor: pointer;
68 color: #f3f0ed;
69 letter-spacing: 0.1em;
70 }
71
72 table.tbl_center {
73 margin-left: auto;
74 margin-right: auto;
75 }
76 </style>
77
78 <!-- poniżej wpisz prawdiłową ścieżkę do jquery -->
79 <script type="text/javascript" src="http://code.jquery.com/jquery-3.5.1.min.js"></script>
80
81 <script>
82 $(document).ready(function () {
83 $("#dp_buttomDarowizna").click(function () {
84 if ($('#dp_kwota').val().trim() === '') {
85 $("#dp_kwota_alert").text("Proszę wybrać lub wprowadzić kwotę darowizny.").show();
86 $('#dp_kwota_alert').css("display", "inline").fadeOut(5000);
87 return false;
88 }
89 });
90 });
91 </script>
92
93 <div class="dotpay_form_donation">
94 <form action="https://ssl.dotpay.pl/t2/" method="post" target="_parent">
95 <div class="dp_temat">Wybierz kwotę darowizny</div>
96 <p>
97 <input type="button" id="dp_def_amount"
98 onClick="$('#dp_kwota').val('10'); $('#dp_kwota').prop('readonly', true);$('#dp_kwota').attr('style','color:blue');$('#dp_other_amount_txt').html('Wybrana Kwota')"
99 value="10.00 zł" />
100 <input type="button" id="dp_def_amount"
101 onClick="$('#dp_kwota').val('20'); $('#dp_kwota').prop('readonly', true);$('#dp_kwota').attr('style','color:blue');$('#dp_other_amount_txt').html('Wybrana Kwota')"
102 value="20.00 zł" />
103 <input type="button" id="dp_def_amount"
104 onClick="$('#dp_kwota').val('50'); $('#dp_kwota').prop('readonly', true);$('#dp_kwota').attr('style','color:blue');$('#dp_other_amount_txt').html('Wybrana Kwota')"
105 value="50.00 zł" />
106 <input type="hidden" name="type" value="0" />
107 <input type="hidden" name="currency" value="PLN" />
108
109 <table class="tbl_center">
110 <tr>
111 <td>
112 <br><input type="button" id="dp_other_amount"
113 onClick="$('#dp_kwota').prop('readonly', false);$('#dp_kwota').attr('style','color:brown');$('#dp_other_amount_txt').html('<span style=\'color:brown\'>Wprowadź kwotę</span>')"
114 value="Inna kwota" />
115 </td>
116 <td>
117 <br><span id="dp_other_amount_txt">Wybrana Kwota</span>:
118 <input type="text" name="amount" id="dp_kwota" readonly
119 pattern="^([1-9])((\.\d{1,2})?)$|^((?!0)(\d){1,5})((\.\d{1,2})?)$|^(1(\d{5})(.\d{1,2})?)$|^(200000(.[0]{1,2})?)$"
120 placeholder="np. 100" maxlength="9" size="9"
121 title="Kwota powinna zawierać się w przedziale 1 - 200000 PLN. Dozwolony format to np: 100 lub 152.43"
122 oninput="this.value = this.value.replace(/[^0-9\.]/g, ''); this.value = this.value.replace(/(\..*)\./g, '$1');" />
123 PLN
124 <br />
125 </td>
126 </tr>
127 </table>
128
129 <!--------------------------------- KONFIGURACJA --------------------------------------->
130
131 <!---- zamiast 000000 nalezy podstawic numer ID w Dotpay -->
132 <input type="hidden" name="id" value="000000" />
133 <!--- Tytuł transakcji --->
134 <input type="hidden" name="description" value="Testowa płatność" />
135 <!--- Ardes URL powrotu --->
136 <input type="hidden" name="url" value="http://www.example.com" />
137 <!-- Tekst przycisku powrotu do sklepu --->
138 <input type="hidden" name="buttontext" id="buttontext" value="Powrót do sprzedawcy" />
139 </p>
140
141 <!--------------------------------- KONIEC KONFIGURACJI --------------------------------------->
142
143 <p><br><button class="dp_buttomDarowizna" id="dp_buttomDarowizna">Wpłać darowiznę</button></p>
144 </form>
145 <div id="dp_kwota_alert" style="color:red;"></div>
146 </div>
147
148 <!--- copy end--->
149
150 <!-----------------------------
151
152 Dolna część strony
153
154 ------------------------------------->
155 </body>
156
157 </html>
1 <!DOCTYPE html>
2 <html>
3
4 <head>
5 <meta charset="UTF-8">
6 </head>
7
8 <body>
9 <!-----------------------------
10
11 Górna część strony
12
13 ------------------------------------->
14
15 <!--- copy start--->
16
17 <div style="text-align: center;">
18 <form action="https://ssl.dotpay.pl/t2/" method="post" target="_parent">
19 <p style="font-size: 18px">Wybierz kwotę darowizny</p>
20 <input type="radio" name="amount" value="10.00" />10.00 zł
21 <input type="radio" name="amount" value="20.00" />20.00 zł
22 <input type="radio" name="amount" value="50.00" checked />50.00 zł<br />
23 <input type="hidden" name="type" value="0" />
24 <input type="hidden" name="currency" value="PLN" />
25
26 <!--------------------------------- KONFIGURACJA --------------------------------------->
27
28 <!---- zamiast 000000 nalezy podstawic numer ID w Dotpay -->
29 <input type="hidden" name="id" value="000000" />
30 <!--- Tytuł transakcji --->
31 <input type="hidden" name="description" value="Testowa płatność" />
32 <!--- Ardes URL powrotu do sklepu--->
33 <input type="hidden" name="url" value="http://www.example.com" />
34 <!-- Tekst przycisku powrotu do sklepu --->
35 <input type="hidden" name="buttontext" value="Powrót do sprzedawcy" />
36
37 <!--------------------------------- KONIEC KONFIGURACJI --------------------------------------->
38
39 <p><br><button class="buttomDarowizna">Wpłać darowiznę</button></p>
40 </form>
41 </div>
42
43 <!--- copy end--->
44
45 <!-----------------------------
46
47 Dolna część strony
48
49 ------------------------------------->
50 </body>
51
52 </html>
1 <!DOCTYPE html>
2 <html>
3
4 <head>
5 <meta charset="UTF-8">
6 </head>
7
8 <body>
9 <!-----------------------------
10
11 Górna część strony
12
13 ------------------------------------->
14
15 <!--- copy start--->
16
17 <div style="text-align: center;">
18 <form action="https://ssl.dotpay.pl/t2/" method="post" target="_parent">
19 <p style="font-size: 18px">Wybierz kwotę darowizny</p>
20 <input name="description" value="Darowizna na cele statutowe" type="hidden">
21 <input name="amount" id="kwota" size="6" value="" type="text" required
22 pattern="^([1-9])((\.\d{1,2})?)$|^((?!0)(\d){1,5})((\.\d{1,2})?)$|^(1(\d{5})(.\d{1,2})?)$|^(200000(.[0]{1,2})?)$"
23 placeholder="np. 10" maxlength="9" size="9"
24 title="Kwota powinna mieścić się w przedziale 1 - 200 000 PLN. Dozwolony format to np: 10 lub 10.00">
25
26 <input type="hidden" name="currency" value="PLN" /> PLN
27
28 <!--------------------------------- KONFIGURACJA --------------------------------------->
29
30 <!---- zamiast 000000 nalezy podstawic numer ID w Dotpay -->
31 <input name="id" value="000000" type="hidden">
32
33 <!--------------------------------- KONIEC KONFIGURACJI ---------------------------------->
34
35 <p><br><button class="buttomDarowizna">Wpłać darowiznę</button></p>
36 </form>
37 <br>
38 </div>
39
40 <!--- copy end--->
41
42 <!-----------------------------
43
44 Dolna część strony
45
46 ------------------------------------->
47 </body>
48
49 </html>
1.2. Advanced version¶
Direct version is based on direct integration with Dotpay payment system. In this version a customer after making an order will be redirected from the seller’s web site to Dotpay payment form. Client located on the Seller’s web page, after clicking on the button to confirm payment (e.g. pay by Dotpay) should be redirected to https://ssl.dotpay.pl/t2/.
In the next step the customer makes the payment with use of selected payment channel. If there is a defined return address and right parameter value of type , on the payment confirmation page will be displayed a button to return to the seller web page.
A seller may also specify URLC address on which information about the status of the transaction will be sent via POST method. The address can be defined by logging into Dotpay () or sent when you initiate the payment as a parameter named urlc .
In the second case you should unlock for your store getting the urlc parameters from external sources, ie deselect the option: Block external urlc () . With such a configuration a seller can define other URLC addresses for each payment.
The principle of URLC operation notifications is described in chapter URLC CONFIRMATION
1.2.1. Diagram 1. Example of the payment process in the following diagram and description:¶
Buyer places an order in shop
after completing shopping cart customer selects payment method with Dotpay and is redirected to the payment format
where presented is channel list.
Customer makes a choice
and is redirected to the bank.
The login page for banking is shown
where he enters credentials and confirms the transfer.
After logging out is following return to the Dotpay website.
During waiting for confirmation
the browser periodically inquires about the status of payment.
Bank informs Dotpay about the final status of payment
and this information is presented to payer.
Note
Steps 13 - 18 are optional (depending on the model of integration) and don’t have effect on payment process.
Buyer clicks on return button
and is redirected to the store
During waiting for confirmation
the browser periodically inquires about the status of payment.
After receiving URLC notification
shop confirms that customer has paid for order.
1.2.2. Table 1. (Basic parameters)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Parameter required by default. API version - according to which the system sends URLC confirmation (see chapter RECEIVING PAYMENT CONFIRMATION (URLC CONFIRMATION)). Sending parameter overrides default shop ( Available values:
Important If the configuration store () indicates an API version other than next, than the checksum for the This does not apply to situations where the store configuration allowed to overwrite api settings in the store configuration ( Recommend setting in store configuration () API version next ! Otherwise, we recommend sending this parameter Example:
|
|
Account ID for which payment is made. ID can be found in the administration panel in tab, it is a 6-digit number after # . column.
Example:
|
|
The amount of the transaction given with centesimal part (always two places after the separator). Centesimal separator is a dot (.) type: string min length: 1 max length: 10 examplary regular expression (for amount in the range 0.01 - 200000.00) : ^0\.(0)([1-9])$|^0\.(([1-9])(\d)?)$|^([1-9])((\.\d{1,2})?)$|^((?!0)(\d){1,5})((\.\d{1,2})?)$|^(1(\d{5})(.\d{1,2})?)$|^(200000(.[0]{1,2})?)$
Example:
|
|
This parameter determines the currency in which the
Example:
|
|
Payment description.
|
|
Checksum used to verify sent data integrity. The description of functionality and the method of calculating the checksum can be found in the chapter: Redirection parameters integrity protection (CHK) . Important Required by default. The recommended method of calculating the checksum requires use of the appropriate version of the API:
Caution If the store configuration forces sending the In the logs available in the Dotpay seller administration panel, in the tab for such an event, an entry with the text “Didn’t receive chk. Chk is required for api version next” should appear. |
1.2.3. Table 2. (Additional parameters)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
This parameter defines which payment channel will be selected after redirecting client to Dotpay payment form. Numerical values only available (see ATTACHMENT 1 - PAYMENT CHANNELS) Example: Seller wishes 1 to select a mTransfer channel by default. List of available payment channels for given shop (
Example: https://ssl.dotpay.pl/t2/payment_api/channels/?id=123456&amount=301.00¤cy=PLN&lang=pl&format=json |
|
Forcing the channel specified in the The parameter Available values: 0 - channel will not be forced (default) 1 – force the selected Example: Sending parameters |
|
Sending parameter will cause Dotpay website to ignore last payment channel used by costomer (saved in their browser data), i.e. all available payment channels will be shown as if it was first payment. By default for consecutive payments last used channel is shown with an option to choose another one. Available values: 1– ignore last chosen channel Example:
|
|
This parameter defines which channel groups will be displayed after redirecting client to Dotpay payment form (by default all are presented). When using this parameter it is recommended to use Available values:
Parameter can have more than one group as a value, in this case letters have to be separated with commas. Example:
|
|
This parameter defines the Internet address (HTTP or HTTPS) to which buyer is expected to return after payment. Behavior of
Example:
Important Parameter status informs only about the payment process. Information about the current status of the transaction (new, completed, rejected, etc.) contains a variable Example:
|
|
This parameter defines a method of redirection to the seller’s web page. Parameter value influences
Important If direct redirection mechanism ( Example:
|
|
The content that appears on a button to return to the seller website. Default text is Back to shop.
Example:
|
|
Parameter informing that the customer has accepted the payment regulations and the cookies policy of PayPro S.A. If this parameter is used, seller should display a checkbox to the client with information as follows.
Example:
|
|
Parameter informing about displaying to the Payer information on the processing of personal data by PayPro S.A..
Example:
|
|
Web address (HTTP or HTTPS) to receive parameters confirming or denying completion of the transaction. A detailed description of URLC confirmation is described further in chapter RECEIVING PAYMENT CONFIRMATION (URLC CONFIRMATION). It is recommended for the address to lead directly to the receiving file. If any 301 or 302 redirections occur in the way (which allow HTTP method to change), notification from Dotpay might be empty. Another way is to use 307 / 308 redirections on the server, since they do not allow such behavior. Sending parameter overrides default shop ( Important If option Block external urlc (menu ) is checked, Important If option HTTPS verify (menu ) is checked, address has to use HTTPS protocol. type: string max length: 1000 Example:
|
|
Payment request expiration date, according to the Europa / Warsaw time zone. When using this parameter it is recommended to sign the request sent to Dotpay. Description of signature creation can be found in Redirection parameters integrity protection (CHK) section.
Example:
|
|
Control parameter allows you to store sequence of data. Unchanged parameter is sent to the Merchant’s service in URLC confirmation.
Example:
|
|
This parameter identifies the first name of the person making the payment.
Example:
|
|
This parameter identifies the surname of the person making the payment.
Example:
|
|
E-mail address of a person making the payment. Payment confirmation will be sent at this address.
Example: |
|
Street name. A part of the address of the buyer.
Example:
|
|
Building number. A part of the address of the buyer.
Example:
|
|
Flat number. A part of the address of the buyer.
Example:
|
|
Additional address data. A part of the address of the buyer.
Example:
|
|
Additional address data. A part of the address of the buyer.
|
|
City name. A part of the address of the buyer.
Example:
|
|
Postal code. A part of the address of the buyer.
Example:
|
|
Buyer’s phone number.
|
|
Country name. A part of the address of the buyer. The name should be given in accordance with the ISO 3166-1 (alfa-2 or alfa-3) or a text English short name (using title case).
Example:
|
|
Defines the language of web page and payment forms.
Example:
|
|
Recipient and shipping data. Parameter required for some channels (eg. 95 /PayPo/ ). This data should be in JSON a format and then encoded using Base64. List of data for this parameter and it’s encoding has been described in Shipping and payer data section.
type: string Example:
|
|
Delivery address. Parameter is used by Dotpay system only for informational purposes.
Example:
|
|
With use of this parameter a seller can define the name of a payment receiver which will be displayed on the payment Dotpay website. In case the name is not provided the default name will be displayed. Sending parameter overrides default shop ( type: string max length: 300 Example:
|
|
This parameter describes an e-mail address, which will be seen by a customer. It overwrites an email address provided during registration process. Sending parameter overrides default shop (
Example:
|
|
Payment link for a given store (
Example:
The
or with additional parameters:
|
|
BLIK code confirming payment with given channel. In standard procedure the code is entered by customer on payment provider website after choosing BLIK channel. Sending the parameter in redirection allows shortening payment process because code is entered on shop’s website with other order data.
Example:
|
|
Encoded using the Base64 function token received from Google Pay after the merchant’s implementation of the Google Pay API. It contains encrypted data of the tokenized pay card used to process the payment. Sending the parameter in redirection allows shortening payment process because the authentication of the payer’s card data is already on the seller’s store page.
Example:
|
|
Encoded using the Base64 function token received from Apple Pay after the merchant’s implementation of the Apple Pay. It contains encrypted data of the tokenized pay card used to process the payment. Sending the parameter in redirection allows shortening payment process because the authentication of the payer’s card data is already on the seller’s store page/payer device.
Example:
|
2. RECEIVING PAYMENT CONFIRMATION (URLC CONFIRMATION)¶
In order to inform the Seller about the executed operation (transaction) an URLC confirmation mechanism has been created (HTTP request asynchronous connection, callback) which is sent by POST method and fully independent from a buyer’s action.
Confirmations are directed to the seller’s address which can be set in settings of a given shop in Dotpay panel (menu ) or to the address read from urlc sent by the Seller’s system in redirection of a Buyer to the payment site (unless urlc parameter has been unblocked from external sources, i.e. uncheck Block external URLC option). If URLC notification address DON’T use HTTP secure protocol (i.e. HTTPS) remember to deactivate HTTPS verify and SSL certificate verify options in menu mentioned above.
Verifying whether transaction is unique in merchant’s system should NOT be based only on value of control == control parameter. If for some reason customer redirects multiple times between shop and Dotpay or Dotpay and bank, there is a possibility of receiving for example 2 notifications with contradicting status for the same control. Transaction should be identified by taking as well operation_number into account, transaction id given by Dotpay.
Caution
No verification of a amount == operation_original_amount , currency == operation_original_currency and signature parameters on a merchant’s site is unsecure and may cause financial loss.
Content and result of URLC notifications is available in Dotpay panel by showing given operation details (by clicking on its number) in list menu. In the same place there is also an option to resend those notifications.
Caution
For correctly received URLC confirmation by the Seller’s system Dotpay expects an answer
OK
(only two capital letters, nothing more – encoding UTF8 without BOM, HTTP response status code 200). OK is a correctly received and processed confirmation, for example:
echo \”OK\”;
When a different answer than OK is reversed by the Seller’s system Dotpay system will repeat confirmations (every few, several minutes). The X-Dotpay-URLC-Number parameter may be passed in the notification header, which will be one value higher than the previous one, counting from ‘0’ as the first message.
Parameters and optional values sent in URLC confirmations to the Seller’s system have been presented in the table below.
Note
Optional parameters are not returned by default. To activate them contact Dotpay tech support ( tech@dotpay.pl ).
Note
By default system sends notifications URLC only for payment operations for completed and rejected status (listed in table below). To enable notifications for other operations and statuses contact Technical Support at tech@dotpay.pl .
2.1. Table 3. (Parameters sent by Dotpay back to merchant’s system)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Account ID.
Example:
|
|
Transaction number.
Example:
|
|
Transaction type. Available values:
Example:
|
|
Transaction status. Available values:
Detailed description of operation statuses are presented in chapter ATTACHMENT II - OPERATION STATUSES DESCRIPTION Note completed and rejected status is final and will not change in the future. Example:
|
|
Transaction amount. The centesimal separator is a dot (.)
Example:
|
|
The currency in which the amount parameter is given. Format according to ISO 4217 standard. Example:
|
|
Optional parameter indicating the operation withdrawal amount. Example:
|
|
Optional parameter indicating the operation commission amount. The parameter is presented as a negative amount, and therefore contains a - sign. Example:
|
|
Optional parameter indicating the transaction marked as completed in the seller’s panel. Example:
|
|
The amount taken from typ: string min length: 1 max length: 10 Example:
Important No verification of a |
|
The currency taken from Example:
Important No verification of a |
|
Date and time of transaction’s status change. Format: YYYY-MM-DD hh:mm:ss Example:
|
|
Number of related transaction, if any exists (e.g. in case of a refund). Format according to regular expression:
Example:
If a confirmation regards refund number M9876-5432 executed for an original operation M1234-5678 the parameter will accept original transaction number value which is M1234-5678. |
|
This value corresponds with typ: string max length: 1000 Example:
|
|
This value corresponds with typ: string min length: 1 max length: 255 Example:
|
|
E-mail address of a person making the payment. typ: string max length: 100 Example: |
|
Name of a payment receiver which was displayed on the Dotpay payment website during Customer payment making. typ: string max length: 300 Example:
|
|
E-mail address which was displayed for customer as contact to Seller. typ: string max length: 100 Example:
|
|
Optional parameter. Masked payment card number with which payment has been made. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. Masked payment card number with which payment has been made. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. Year expiration date of a payment card, which payment has been made. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. Month expiration date of a payment card, which payment has been made. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. Payment card brand with which payment has been made. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. Payment card brand code with which payment has been made. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. The unique identifier of the card registered in Dotpay. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Example:
|
|
Optional parameter. Payment card ID given by Dotpay system. Important In order for parameter to be sent, options HTTPS verify and SSL certificate verify (menu ) have to be enabled. Additionally given account ( Example:
|
|
Payment channel (method) used by the buyer. For available values see ATTACHMENT 1 - PAYMENT CHANNELS . Example:
|
|
Optional parameter. Indicates the country of the payment instrument from which payment was made. Format: ISO 3166-1 (alpha-3). Example:
|
|
Optional parameter. Indicates the location of the country resulting from IP address from which the payment was made. Format: ISO 3166-1 (alpha-3). Example:
|
|
Optional parameter. Account owner name registered in the bank. Example:
|
|
Optional parameter. The bank account number from which the payment was made. Format compliant with the IBAN. Example:
|
|
Optional parameter. The original title of the operation registered in the payer’s bank. Example:
|
|
Optional parameter. PIN for the issued BLIK vouchers. Example:
|
|
Optional parameter. The nominal value of issued voucher BLIK. Example:
|
|
Optional parameter. Actual amount paid from the issued BLIK voucher. This amount may be equal to or less than the face value of the Example:
|
|
Optional parameter. Additional details of the operation, e.g. bank reference number. Example:
|
|
Optional parameter (only available by prior arrangement). A reply code for a rejected transaction that describes the possible reason for a transaction being refused. Sample codes are presented in table (equivalent to ‘seller_code’ in api seller). Example:
|
|
The checksum created by an acronym function SHA-256 being a concatenation of the above mentioned parameters according to the following formula: PIN + Important Sign + in the above formula has been used only for its readability. It is NOT used to calculate the checksum. If in sent notification some parameter is NOT present, should be considered as null value or omitted in the calculation. Note PIN used to calculate a signature parameter is a string of characters which should be generated by a Merchant ( It is only used to create the checksum and should NOT be sent along other payment data! Important No verification of a |
2.2. An example of calculating the signature parameter¶
An example of calculating parameter signature value is presented below in PHP.
1 <?php
2
3 $PIN = "Np3n4QmXxp6MOTrLCVs905fdrGf3QIGm";
4
5 $sign =
6 $PIN.
7 $_POST['id'].
8 $_POST['operation_number'].
9 $_POST['operation_type'].
10 $_POST['operation_status'].
11 $_POST['operation_amount'].
12 $_POST['operation_currency'].
13 $_POST['operation_withdrawal_amount'].
14 $_POST['operation_commission_amount'].
15 $_POST['is_completed'].
16 $_POST['operation_original_amount'].
17 $_POST['operation_original_currency'].
18 $_POST['operation_datetime'].
19 $_POST['operation_related_number'].
20 $_POST['control'].
21 $_POST['description'].
22 $_POST['email'].
23 $_POST['p_info'].
24 $_POST['p_email'].
25 $_POST['credit_card_issuer_identification_number'].
26 $_POST['credit_card_masked_number'].
27 $_POST['credit_card_expiration_year'].
28 $_POST['credit_card_expiration_month'].
29 $_POST['credit_card_brand_codename'].
30 $_POST['credit_card_brand_code'].
31 $_POST['credit_card_unique_identifier'].
32 $_POST['credit_card_id'].
33 $_POST['channel'].
34 $_POST['channel_country'].
35 $_POST['geoip_country'].
36 $_POST['payer_bank_account_name'].
37 $_POST['payer_bank_account'].
38 $_POST['payer_transfer_title'].
39 $_POST['blik_voucher_pin'].
40 $_POST['blik_voucher_amount'].
41 $_POST['blik_voucher_amount_used'].
42 $_POST['channel_reference_id'].
43 $_POST['operation_seller_code'];
44
45 $signature=hash('sha256', $sign);
46
47 ?>
3. ADDITIONAL FEATURES¶
3.1. Redirection parameters integrity protection (CHK)¶
In order to protect redirection parameters integrity Dotpay system allows to sign their values.
The signature should be passed as an additional parameter chk (along with the rest of the parameters of the request directed to the Dotpay payment page).
Caution
All parameters used in the redirection to the Dotpay api must have exactly the name as described in this documentation. The use of alternative names for these parameters or a different case in the name will result in a mismatch in the calculated checksum.
The values of the parameters used should be treated as strings and UTF-8 encoded.
If the store configuration () indicates an API version other than next, then the checksum calculated for the parameter chk It will be treated as incorrectly calculated - not in accordance with this documentation. Thus, the request will be rejected, i.e. the system will respond with an error and will not further process such a request. In the logs available in the Dotpay seller administration panel, in the tab for such an event, an entry should appear with the following content “Required Chk obtained, but hash not equal.”
This does not apply to situations where the store configuration allowed to overwrite api settings in the store configuration ( id ) by sending a parameter in the request api_version = next .
Recommend setting in store configuration () API version next !
The method of calculating the checksum is described in the following example:
Examples of data collected in the process of creating a payment:
Sample array with parameters sent to Dotpay api¶Array ( [id] => 123456 [amount] => 98.53 [currency] => PLN [description] => Order123 [url] => https://www.example.com/thanks_page.php [type] => 0 )
To the parameter array we add an additional parameter named paramsList. The value of this parameter is determined as follows:
We prepare a string of characters consisting of an alphabetically sorted list of the names of all parameters prepared in the process of creating the payment
Separate the alphabetically sorted parameter names with a semicolon
We get the updated array:
Parameter array updated with additional parameter: paramsList¶Array ( [amount] => 98.53 [currency] => PLN [description] => Order123 [id] => 123456 [type] => 0 [url] => https://www.example.com/thanks_page.php [paramsList] => amount;currency;description;id;type;url )Caution
The paramsList parameter should not be added separately in a request sent directly to the dotpay api. The parameter paramsList is added only to the array built when creating the parameter itself
chkand does not occur separately.
Be sure to re-sort the list alphabetically the names of all the parameters involved in the new array:
Sorted alphabetically updated array of parameters¶Array ( [amount] => 98.53 [currency] => PLN [description] => Order123 [id] => 123456 [paramsList] => amount;currency;description;id;type;url [type] => 0 [url] => https://www.example.com/thanks_page.php )We serialize the prepared array to JSON (UTF-8 encoding), without additional white characters. We treat all parameters in the array as strings. We recommend using character escaping (e.g. JSON_UNESCAPED_SLASHES in PHP).
Array of data in JSON format¶{ "amount": "98.53", "currency": "PLN", "description": "Order123", "id": "123456", "paramsList": "amount;currency;description;id;type;url", "type": "0", "url": "https://www.example.com/thanks_page.php" }We calculate the signature using the hmac algorithm with a unique key ( PIN ) to the Dotpay account (id) as the key, with the sha256 hash function. The result is a hexadecimal encoded string that should be entered as the value of the parameter
chkCaution
PIN is only used to calculate the checksum and should not be given as a separate parameter in requests sent to Dotpay!
Function examples (in PHP) that generate the value of the parameterchkfrom the $ParametersArray array¶<?php $DotpayPin = "POlj9b2xIl87u1hCauuT4SFw6RmF01Tuy"; function GenerateChk($DotpayPin, $ParametersArray) { //sorting the parameter list ksort($ParametersArray); // Display the semicolon separated list $paramList = implode(';', array_keys($ParametersArray)); //adding the parameter 'paramList' with sorted list of parameters to the array $ParametersArray['paramsList'] = $paramList; //re-sorting the parameter list ksort($ParametersArray); //json encoding with JSON_UNESCAPED_SLASHES $json = json_encode($ParametersArray, JSON_UNESCAPED_SLASHES); // generate hash return hash_hmac('sha256', $json, $DotpayPin, false); } // Source data array with parameters to be redirected to api dotpay: /* Important! All values should be string. If you use a variable here, put a declaration (string) before the value. Other values should be enclosed in quotation marks, especially numerical ones. */ $ParametersArray = array( "id" => "123456", "amount" => "98.53", "currency" => "PLN", "description" => "Order123", "url" => "https://www.example.com/thanks_page.php", "type" => "0" ); //adding the chk parameter to the existing original array $ParametersArray['chk'] = GenerateChk($DotpayPin, $ParametersArray); //checking if everything works print_r($ParametersArray); ?>The result of the above script is an updated parameter array with an additional checksumchk¶Array ( [id] => 123456 [amount] => 98.53 [currency] => PLN [description] => Order123 [url] => https://www.example.com/thanks_page.php [type] => 0 [chk] => 129db88a7f18bbb813a8c9c43a4bc5857fcb2d65d56c7f97dd77bd09d7e9ae73 )In case of links generated using seller administration panel (
pid), calculation ofchkto be used, which takes place only parameterpid(according to the above formula), the parameters that generated the same should not be taken into accountpid.Sorted array of data in JSON format for a singlepidparameter¶{ "paramsList": "pid", "pid": "Yhhu4jb5ym987g3xluf4bbqfmbyj6t87" }If the redirection uses parameters other than
pid, add them to the enumeration, e.g .:Sorted data array in JSON format for thepidandlangparameters¶{ "lang": "en", "paramsList": "lang;pid", "pid": "rfhu4jb5ym657g3xluf4bbqfmbyj6t17" }
Note
PIN used to calculate a chk parameter is a string of characters which should be generated by a Merchant ( id ) in My Dotpay panel (menu ).
Caution
Default shop ( id ) configuration verifies chk parameter sent in payment request.
If it’s absent or its value is incorrect, error will be returned.
CHK verification isn’t the only payment security mechanism, in some cases it might prove to be unnecessary. chk verification allows to check parameters in the first step of payment: redirecting customer to Dotpay. The most important part is compare amount and currency from payment created in Dotpay with data saved in seller’s service - RECEIVING PAYMENT CONFIRMATION (URLC CONFIRMATION).
If your shop doesn’t have chk verification enabled (it’s optional or completely disabled), ask Dotpay to change your account’s settings.
If you are not sure your integration supports chk, please contact your service provider / programmer responsible for the implementation, or Doptay Tech support (email: tech@dotpay.pl ).
In case you don’t want to use this security measure and are aware of possible implications, you can disable chk for your account ( id ). To do so, send an email to administracja@dotpay.pl .
Below are exemplary functions (PHP) generating POST / GET request with chk .
3.1.1. Basic Example¶
The data collected by the seller during the ordering process by the payer should be placed in the array $ParametersArray. You have to remember to make sure that the names of the parameters used are correct (use only the necessary and described in this documentation). In this example, the seller must ensure the correct validation of the value of the transferred data so that the payer filling in his data on the seller form does not use forbidden characters in individual parameters.
Download this example (change extension to .php): Download example
1 <?php
2
3 ################### https://www.dotpay.pl/developer/doc/api_payment/ ######################################################################
4 #
5 # Exemplary function (PHP) generating the correct payment redirection (POST / GET) to Dotpay payment api with parametr 'chk' (checksum).
6 # You enter the payment data in the parameter: $ParametersArray.
7 #
8 #
9 # PayPro S.A.
10 # Tech Customer Service: tech@dotpay.pl
11 # Date: 2020-05-19
12 #
13 ##############################################################################################################################################
14
15
16 /** --------- BASE CONFIG --------- **/
17
18 // Your Dotpay ID shop (6 digits)
19 $DotpayId = "123456";
20
21 // PIN for Your Dotpay ID (copy this from your dotpay panel carefully, without space)
22 $DotpayPin = "MyDotpayPIN000000j7yytSgMPXlg200";
23
24 // Dotpay Environment, available: "test" or "production"
25 $Environment = "test";
26
27 //Redirection method: POST or GET ; recommended method is "POST"
28 $RedirectionMethod = "POST";
29
30 // Auto submit form: available: true or false:
31 // If true - you do not need to do a click to the form. Forwarding to the API will be automatically
32 $autosubmit = true;
33
34 /** --------- end config --------- **/
35
36
37
38 // ** ----------------------- SAMPLE DATA ------------------------- **/
39
40 /* ## SAMPLE PAYMENT DATA IN ## */
41 // Note! You can use more parameters if You need
42 // You must give at least: 'amount', 'currency', 'description' (and of course ID and PIN in the configuration of this script)
43 // see more: https://www.dotpay.pl/developer/doc/api_payment/en/index.html#tabela-1-podstawowe-parametry-przesylane-do-serwisu-dotpay
44 // and: https://www.dotpay.pl/developer/doc/api_payment/en/index.html#tabela-2-dodatkowe-parametry-przesylane-do-serwisu-dotpay
45
46
47 /* Important!
48
49 All values should be string.
50 If you use a variable here, put a declaration (string) before the value.
51 Other values should be enclosed in quotation marks, especially numerical ones.
52 */
53
54 $ParametersArray = array(
55 "id" => (string) $DotpayId,
56 "api_version" => "next",
57 "amount" => "345.12",
58 "currency" => "PLN",
59 "description" => "Order no. 8765GfdC6",
60 "url" => "https://www.example.com/thanks_page.php",
61 "type" => "0",
62 "urlc" => "https://www.example.com/urlc_receiver.php",
63 "control" => "8765GfdC6-dsgfdg-2342235",
64 "firstname" => "Jan",
65 "lastname" => "Nowak",
66 "email" => "jan.nowak@example.com"
67 );
68
69 // ** ----------------------- SAMPLE DATA end ------------------------- **/
70
71
72 // if you do not know what configuration is on your account, add this parameter safely
73
74 if(!(isset($ParametersArray['api_version']) && $ParametersArray['api_version'] == "next")){
75 $ParametersArray['api_version'] = "next";
76 }
77
78
79 ## function: counts the checksum from the defined array of all parameters
80
81 function GenerateChk($DotpayPin, $ParametersArray)
82 {
83
84 //sorting the parameter list
85 ksort($ParametersArray);
86
87 // Display the semicolon separated list
88 $paramList = implode(';', array_keys($ParametersArray));
89
90 //adding the parameter 'paramList' with sorted list of parameters to the array
91 $ParametersArray['paramsList'] = $paramList;
92
93 //re-sorting the parameter list
94 ksort($ParametersArray);
95
96 //json encoding
97 $json = json_encode($ParametersArray, JSON_UNESCAPED_SLASHES);
98
99
100 return hash_hmac('sha256', $json, $DotpayPin, false);
101
102 }
103
104
105 ## Function: Generate simple FORM to DOTPAY
106
107 function GenerateChkDotpayRedirection($DotpayPin, $Environment, $RedirectionMethod, $ParametersArray, $next_chk, $autosubmit)
108 {
109
110 if ($Environment == 'production') {
111 $EnvironmentAddress = 'https://ssl.dotpay.pl/t2/';
112 } elseif ($Environment == 'test') {
113 $EnvironmentAddress = 'https://ssl.dotpay.pl/test_payment/';
114 }
115
116
117
118 if ($RedirectionMethod == 'POST') {
119 $RedirectionCode = '<form action="' . $EnvironmentAddress . '" method="POST" id="dotpay_redirection_form" accept-charset="UTF-8">' . PHP_EOL;
120
121 foreach ($ParametersArray as $key => $value) {
122 $RedirectionCode .= "\t" . '<input name="' . $key . '" value="' . $value . '" type="hidden"/>' . PHP_EOL;
123 }
124 $RedirectionCode .= "\t" . '<input name="chk" value="' . $next_chk . '" type="hidden"/>' . PHP_EOL;
125 $RedirectionCode .= '</form>' . PHP_EOL . '<button id="dotpay_redirection_button" type="submit" form="dotpay_redirection_form" value="Submit">Confirm and Pay</button>' . PHP_EOL;
126
127 //auto submit form
128 if ($autosubmit == true) {
129 $RedirectionCode .= "<script type=\"text/javascript\">setTimeout(function(){document.getElementById('dotpay_redirection_form').submit();}, 10);</script>";
130 }
131
132 return $RedirectionCode;
133
134 } elseif ($RedirectionMethod == 'GET') {
135 $RedirectionCode = $EnvironmentAddress . '?';
136
137 foreach ($ParametersArray as $key => $value) {
138 $RedirectionCode .= $key . '=' . rawurlencode($value) . '&';
139 }
140
141 $RedirectionCode .= 'chk=' . $next_chk;
142
143 return '<a href="' . $RedirectionCode . '">Link to Pay</a>';
144 } else {
145 return 'configuration error';
146
147 }
148
149 }
150
151
152 ####
153
154 // Calculate checksum for 'chk' parameter:
155
156 $next_chk = GenerateChk($DotpayPin, $ParametersArray);
157
158 /*
159 Print the form according to the settings:
160 get form (POST method) or payment link (GET method)
161 ("account PIN","[test|production]","[POST|GET]","payment data","chk_value","[true|false]")
162
163 */
164
165 echo GenerateChkDotpayRedirection($DotpayPin, $Environment, $RedirectionMethod, $ParametersArray, $next_chk, $autosubmit);
166
167 ?>
3.1.2. Example 2 expanded¶
The script includes a validation and “cleaning” mechanism for some data used in particular parameters.
The data collected by the seller during the ordering process by the payer should be assigned to the created variables (e.g. $order_amount, $payer_firstname, $payer_lastname, $dp_description, e.t.c.). The variables are then used in an array $ParametersArray after being filtered out. Validation applies to the payer’s data as: firstname , lastname , and data on the address of the payer, where most often forms may be incorrectly filled in by payers with forbidden characters in individual fields. Appropriate functions (eg. CheckPaymentLang(), CheckPaymentCurrency(), CheckStreet(), CheckStreetN1(), CheckStreetN2(), CheckCountry(), CheckPostcode(), CheckCity(), CheckPhone(), CheckLastname(), CheckFirstname()) remove illegal characters from such a string. When passed to a variable, the value for currency other than allowed (function getAcceptCurrency()) – the script will not generate the form, it will throw an exception. When passed to a variable, the value for lang other than allowed (function getAcceptLang()) – the script will set the value of this parameter to en (English).
Similarly, if customer is to be used among parameters, you can also use a similar solution as above by assigning data to variables and then to array $customer .
You have to remember to make sure that the names of the parameters used are correct (use only the necessary and described in this documentation).
Download this example (change extension to .php): Download example
1 <?php
2
3 ################### https://www.dotpay.pl/developer/doc/api_payment/ ######################################################################
4 #
5 # Exemplary function (PHP) generating the correct payment redirection (POST / GET) to Dotpay payment api with parametr 'chk' (checksum).
6 # You enter the payment data in the parameter: $ParametersArray (and $customer if you need)
7 # Added some functions that prevent certain parameters from passing invalid characters to api dotpay
8 #
9 # PayPro S.A.
10 # Tech Customer Service: tech@dotpay.pl
11 # Date: 2020-05-19
12 #
13 ##############################################################################################################################################
14
15
16 /** --------- BASE CONFIG --------- **/
17
18 // Your Dotpay ID shop (6 digits)
19 $DotpayId = "123456";
20
21 // PIN for Your Dotpay ID (copy this from your dotpay panel carefully, without space)
22 $DotpayPin = "MyDotpayPIN000000j4suuSgMPXlg100";
23
24 // Dotpay Environment, available: "test" or "production"
25 $Environment = "test";
26
27 //Redirection method: POST or GET ; recommended method is "POST"
28 $RedirectionMethod = "POST";
29
30 // Auto submit form: available: true or false (only if $RedirectionMethod = "POST")
31 // If true - you do not need to do a click to the form. Forwarding to the API will be automatically
32 $autosubmit = false;
33
34 ## ------------------------------------------------------------------------------------------------------------------------------------
35
36 /** --------- ORDER CONFIG --------- **/
37
38 /* ## sample order details for payment, used in array: $ParametersArray ## */
39
40 $order_amount = "4100.20";
41 $order_currency = "PLN";
42 $dp_description = "Order no. 003376483/33";
43 $dp_url = "https://www.example.com/thanks_page.php";
44 $dp_type = "0";
45 $dp_urlc = "https://www.example.com/urlc_receiver.php";
46 $dp_control = "KI87dLQWR3UIYT";
47 $payer_firstname = "Daniel";
48 $payer_lastname = "Nowak";
49 $payer_email = "daniel.nowak@example.com";
50 $payer_street = "Zielona";
51 $payer_street_n1 = "9a"; // Building number
52 $payer_street_n2 = "11"; // Flat number
53 $payer_city = "Pcim";
54 $payer_postcode = "00-345";
55 $payer_phone = "123456789";
56 $payer_country = "POL";
57 $payer_lang = "pl";
58 $dp_last_channel = "1";
59
60 /*
61 ... and other possible parameters if you need according to the documentation:
62 https://www.dotpay.pl/developer/doc/api_payment/pl/index.html#tabela-2-dodatkowe-parametry-przesylane-do-serwisu-dotpay
63
64 */
65
66
67
68 /*
69 ### SAMPLE CUSTOMER DATA IN with delivery address (optional), used in array: $customer ### You can remove it if You don't need it
70 manual: https://www.dotpay.pl/developer/doc/api_payment/pl/index.html#obsluga-danych-dostawy-oraz-placacego
71 */
72
73 $payer_first_name = "Adam";
74 $payer_last_name = "Kowal";
75 $payer_email = "mymail@example.com";
76 $customer_city = "Warszawa";
77 $customer_street = "Niebieska";
78 $customer_building = "52";
79 $customer_postcode = "00-953";
80
81
82
83 /** --------- end config --------- **/
84
85
86 ### Below are some functions that prevent certain parameters from passing invalid characters to api dotpay ###
87
88 /**
89 * checks and crops the size of a string
90 * the $special parameter means an estimate of how many urlencode characters can be used in a given field
91 * e.q. 'ż' (1 char) -> '%C5%BC' (6 chars)
92 * replacing removing double or more special characters that appear side by side by space from: firstname, lastname, city, street, p_info...
93 */
94 function encoded_substrParams($string, $from, $to, $special = 0)
95 {
96 $string2 = preg_replace('/(\s{2,}|\.{2,}|@{2,}|\-{2,}|\/{3,} | \'{2,}|\"{2,}|_{2,})/', ' ', $string);
97 $s = html_entity_decode($string2, ENT_QUOTES, 'UTF-8');
98 $sub = mb_substr($s, $from, $to, 'UTF-8');
99 $sum = strlen(urlencode($sub));
100 if ($sum > $to) {
101 $newsize = $to - $special;
102 $sub = mb_substr($s, $from, $newsize, 'UTF-8');
103 }
104 return trim($sub);
105 }
106
107 /**
108 * check, remove unnecessary characters and return customer firstname
109 * @return string
110 */
111 function CheckFirstname($firstName)
112 {
113 //allowed only: letters, digits, spaces, symbols _-.,'
114 $firstName = preg_replace('/[^\w _-]/u', '', $firstName);
115 $firstName1 = html_entity_decode($firstName, ENT_QUOTES, 'UTF-8');
116
117
118 $NewPersonName1 = preg_replace('/[^\p{L}0-9\s\-_]/u', ' ', $firstName1);
119 return encoded_substrParams($NewPersonName1, 0, 49, 24);
120 }
121
122 /**
123 * check, remove unnecessary characters and return customer lastname
124 * @return string
125 */
126 function CheckLastname($lastName)
127 {
128
129 //allowed only: letters, digits, spaces, symbols _-.,'
130 $lastName = preg_replace('/[^\w _-]/u', '', $lastName);
131 $lastName1 = html_entity_decode($lastName, ENT_QUOTES, 'UTF-8');
132
133 $NewPersonName2 = preg_replace('/[^\p{L}0-9\s\-_]/u', ' ', $lastName1);
134 return encoded_substrParams($NewPersonName2, 0, 49, 24);
135 }
136
137 /**
138 * check, remove unnecessary characters and return customer phone
139 * @return string
140 */
141 function CheckPhone($phone)
142 {
143 $phone = str_replace(' ', '', $phone);
144 $phone = str_replace('+', '', $phone);
145
146 $NewPhone1 = preg_replace('/[^\+\s0-9\-_]/', '', $phone);
147 return encoded_substrParams($NewPhone1, 0, 19, 6);
148 }
149
150 /**
151 * check, remove unnecessary characters and return customer city
152 * @return string
153 */
154 function CheckCity($city)
155 {
156 //allowed only: letters, digits, spaces, symbols _-.,'
157 $city = preg_replace('/[^.\w \'_-]/u', '', $city);
158 $city1 = html_entity_decode($city, ENT_QUOTES, 'UTF-8');
159
160 return encoded_substrParams($city1, 0, 49, 24);
161
162 }
163
164 /**
165 * check, remove unnecessary characters and return customer postcode
166 * @return string
167 */
168 function CheckPostcode($postcode, $country = null)
169 {
170
171 if (empty($postcode)) {
172 return $postcode;
173 }
174 if (preg_match('/^\d{2}\-\d{3}$/', $postcode) == 0 && strtolower($country == 'pl')) {
175 $postcode = str_replace('-', '', $postcode);
176 $postcode = substr($postcode, 0, 2) . '-' . substr($postcode, 2, 3);
177 }
178
179 $NewPostcode1 = preg_replace('/[^\d\w\s\-]/', '', $postcode);
180 return encoded_substrParams($NewPostcode1, 0, 19, 6);
181
182 }
183
184
185 /**
186 * check, remove unnecessary characters and return customer country
187 * @return string
188 */
189 function CheckCountry($country)
190 {
191
192 if (preg_match('/^[a-zA-Z]{2,3}$/', trim($country)) == 0) {
193 $country_check = null;
194 } else {
195 $country_check = trim($country);
196 }
197
198 return strtoupper($country_check);
199 }
200
201
202 /**
203 * check, remove unnecessary characters and return customer street
204 * @return string
205 */
206 function CheckStreet($street)
207 {
208
209 //allowed only: letters, digits, spaces, symbols _-.,'
210 $street = preg_replace('/[^.\w \'_-]/u', '', $street);
211 $street1 = html_entity_decode($street, ENT_QUOTES, 'UTF-8');
212
213 return encoded_substrParams($street1, 0, 99, 50);
214 }
215
216
217 /**
218 * check, remove unnecessary characters and return customer street_n1 - building number
219 * @return string
220 */
221 function CheckStreetN1($street_n1)
222 {
223
224 //allowed only: letters, digits, spaces, symbols _-.,'
225 $street_n1 = preg_replace('/[^\p{L}0-9\s\-_\/]/u', '', $street_n1);
226 $street1_n1 = html_entity_decode($street_n1, ENT_QUOTES, 'UTF-8');
227
228 return encoded_substrParams($street1_n1, 0, 29, 24);
229 }
230
231
232 /**
233 * check, remove unnecessary characters and return customer street_n2 - flat number.
234 * @return string
235 */
236 function CheckStreetN2($street_n2)
237 {
238
239 //allowed only: letters, digits, spaces, symbols _-.,'
240 $street_n2 = preg_replace('/[^\p{L}0-9\s\-_]/u', '', $street_n2);
241 $street1_n2 = html_entity_decode($street_n2, ENT_QUOTES, 'UTF-8');
242
243 return encoded_substrParams($street1_n2, 0, 29, 24);
244 }
245
246 /**
247 * Return array of languages that are accepted by Dotpay
248 * @return array
249 */
250 function getAcceptLang()
251 {
252 return array(
253 'pl',
254 'en',
255 'de',
256 'it',
257 'fr',
258 'es',
259 'cz',
260 'cs',
261 'ru',
262 'hu',
263 'ro',
264 'uk',
265 'lt',
266 'lv',
267 'sk'
268 );
269 }
270
271
272 /**
273 * Return array of Curriences that are accepted by Dotpay
274 * @return array
275 */
276 function getAcceptCurrency()
277 {
278 return array(
279 'EUR',
280 'USD',
281 'GBP',
282 'JPY',
283 'CZK',
284 'SEK',
285 'UAH',
286 'RON',
287 'PLN',
288 'NOK',
289 'BGN',
290 'CHF',
291 'HRK',
292 'HUF',
293 'RUB'
294 );
295 }
296
297
298
299 /**
300 * Return payment language name
301 * @return string
302 */
303 function CheckPaymentLang($language)
304 {
305 $f_dotpay_lang = '';
306
307 if (is_string($language)) {
308 $languageArray = explode('-', $language);
309 if (isset($languageArray[0])) {
310 $languageLower = strtolower($languageArray[0]);
311 $f_dotpay_lang = $languageLower;
312 }
313 }
314
315 if ($f_dotpay_lang == 'pl') {
316 $dotpay_lang = 'pl';
317 } elseif (!in_array($languageLower, getAcceptLang())) {
318 $dotpay_lang = 'en';
319 } else {
320 $dotpay_lang = $languageLower;
321 }
322
323 return $dotpay_lang;
324 }
325
326
327 /**
328 * Check a currency code by comparing allowed ( getAcceptCurrency() function)
329 * @param string $currency Currency code
330 * return false when the given currency code is incorrect
331 */
332 function CheckPaymentCurrency($currency)
333 {
334 $currency = strtoupper($currency);
335
336 if (!in_array($currency, getAcceptCurrency())) {
337 $dotpay_currency = false;
338 } else {
339 $dotpay_currency = (string) $currency;
340 }
341
342 return $dotpay_currency;
343 }
344
345
346
347 /**
348 * Convert original amount using a dot as a decimal place regardless of the locale.
349 * @param float $amount
350 * @return string
351 *
352 */
353
354 function normalizeDecimalAmount($val)
355 {
356
357 $input = str_replace(' ', '', $val);
358 $number = str_replace(',', '.', $input);
359 if (strpos($number, '.')) {
360 $groups = explode('.', str_replace(',', '.', $number));
361 $lastGroup = array_pop($groups);
362 $number = implode('', $groups) . '.' . $lastGroup;
363 }
364 return bcadd($number, 0, 2);
365 }
366
367
368 // ** ----------------------- SAMPLE DATA ------------------------- **/
369
370 /* ## SAMPLE PAYMENT DATA IN ##
371
372 Note! You can use more parameters if You need. Case sensitive in parameter names is important !
373 You must give at least: 'amount', 'currency', 'description' (and of course ID and PIN in the configuration of this script)
374 see more: https://www.dotpay.pl/developer/doc/api_payment/en/index.html#tabela-1-podstawowe-parametry-przesylane-do-serwisu-dotpay
375 and: https://www.dotpay.pl/developer/doc/api_payment/en/index.html#tabela-2-dodatkowe-parametry-przesylane-do-serwisu-dotpay
376
377 Filters were used to remove forbidden characters entered e.g. in the address by the payer from specific parameters.
378
379 */
380
381
382 /* Important!
383
384 All values should be string.
385 If you use a variable here, put a declaration (string) before the value.
386 Other values should be enclosed in quotation marks, especially numerical ones.
387 */
388
389 $ParametersArray = array(
390
391 "id" => (string) $DotpayId,
392 "api_version" => "next", // !important
393 "amount" => (string) normalizeDecimalAmount($order_amount),
394 "currency" => (string) CheckPaymentCurrency($order_currency),
395 "description" => (string) $dp_description,
396 "url" => (string) $dp_url,
397 "type" => (string) $dp_type,
398 "urlc" => (string) $dp_urlc,
399 "control" => (string) $dp_control,
400 "firstname" => (string) CheckFirstname($payer_firstname),
401 "lastname" => (string) CheckLastname($payer_lastname),
402 "email" => (string) $payer_email,
403 "street" => (string) CheckStreet($payer_street),
404 "street_n1" => (string) CheckStreetN1($payer_street_n1),
405 "street_n2" => (string) CheckStreetN2($payer_street_n2),
406 "city" => (string) CheckCity($payer_city),
407 "postcode" => (string) CheckPostcode($payer_postcode, strtolower($payer_lang)),
408 "phone" => (string) CheckPhone($payer_phone),
409 "country" => (string) CheckCountry($payer_country),
410 "lang" => (string) CheckPaymentLang($payer_lang),
411 "ignore_last_payment_channel" => (string) $dp_last_channel
412 );
413
414
415
416 /* ### SAMPLE CUSTOMER DATA IN with delivery address (optional) ###
417 You can remove it if You don't need it
418 */
419
420 // ------
421 $customer = array(
422
423 "payer" => array(
424 "first_name" => CheckFirstname($payer_first_name),
425 "last_name" => CheckLastname($payer_last_name),
426 "email" => $payer_email
427 ),
428 "order" => array(
429 "delivery_address" => array(
430 "city" => CheckCity($customer_city),
431 "street" => (string) CheckStreet($customer_street),
432 "building_number" => (string) CheckStreetN1($customer_building),
433 "postcode" => (string) CheckPostcode($customer_postcode)
434 )
435 )
436 );
437
438
439
440 if (empty($customer) || !isset($customer['payer']['first_name']) || !isset($customer['payer']['last_name']) || !isset($customer['payer']['email']) || !isset($customer['order']['delivery_address']['city']) || !isset($customer['order']['delivery_address']['street']) || !isset($customer['order']['delivery_address']['building_number']) || !isset($customer['order']['delivery_address']['postcode'])) {
441 $customer_base64 = null;
442 } else {
443 $customer_base64 = base64_encode(json_encode($customer, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
444 }
445
446
447 if ($customer_base64 != null) {
448 $ParametersArray["customer"] = $customer_base64;
449 }
450
451
452
453 // ** ----------------------- SAMPLE DATA end ------------------------- **/
454
455
456 // if you do not know what configuration is on your account, add this parameter safely
457
458 if(!(isset($ParametersArray['api_version']) && $ParametersArray['api_version'] == "next")){
459 $ParametersArray['api_version'] = "next";
460 }
461
462
463
464 ## function: counts the checksum from the defined array of all parameters
465
466 function GenerateChk($DotpayPin, $ParametersArray)
467 {
468 //sorting the parameter list
469 ksort($ParametersArray);
470
471 // Display the semicolon separated list
472 $paramList = implode(';', array_keys($ParametersArray));
473
474 //adding the parameter 'paramList' with sorted list of parameters to the array
475 $ParametersArray['paramsList'] = $paramList;
476
477 //re-sorting the parameter list
478 ksort($ParametersArray);
479
480 //json encoding
481 $json = json_encode($ParametersArray, JSON_UNESCAPED_SLASHES);
482
483 return hash_hmac('sha256', $json, $DotpayPin, false);
484
485 }
486
487
488
489
490 ## Function: Generate simple FORM to DOTPAY
491
492 function GenerateChkDotpayRedirection($DotpayPin, $Environment, $RedirectionMethod, $ParametersArray, $next_chk, $autosubmit)
493 {
494
495 //$ParametersArray = array_change_key_case($ParametersArray, CASE_LOWER);
496
497
498 if ($Environment == 'production') {
499 $EnvironmentAddress = 'https://ssl.dotpay.pl/t2/';
500 } elseif ($Environment == 'test') {
501 $EnvironmentAddress = 'https://ssl.dotpay.pl/test_payment/';
502 }
503
504
505
506 if ($RedirectionMethod == 'POST') {
507 $RedirectionCode = '<form action="' . $EnvironmentAddress . '" method="POST" id="dotpay_redirection_form" accept-charset="UTF-8">' . PHP_EOL;
508
509 foreach ($ParametersArray as $key => $value) {
510 $RedirectionCode .= "\t" . '<input name="' . $key . '" value="' . $value . '" type="hidden"/>' . PHP_EOL;
511 }
512 $RedirectionCode .= "\t" . '<input name="chk" value="' . $next_chk . '" type="hidden"/>' . PHP_EOL;
513 $RedirectionCode .= '</form>' . PHP_EOL . '<button id="dotpay_redirection_button" type="submit" form="dotpay_redirection_form" value="Submit">Confirm and Pay</button>' . PHP_EOL;
514
515 //auto submit form
516 if ($autosubmit == true) {
517 $RedirectionCode .= "<script type=\"text/javascript\">setTimeout(function(){document.getElementById('dotpay_redirection_form').submit();}, 10);</script>";
518 }
519
520 return $RedirectionCode;
521
522 } elseif ($RedirectionMethod == 'GET') {
523 $RedirectionCode = $EnvironmentAddress . '?';
524
525 foreach ($ParametersArray as $key => $value) {
526 $RedirectionCode .= $key . '=' . rawurlencode($value) . '&';
527 }
528
529 $RedirectionCode .= 'chk=' . $next_chk;
530
531 return '<a href="' . $RedirectionCode . '">Link to Pay</a>';
532 } else {
533 return 'configuration error';
534
535 }
536
537
538 }
539
540 ####
541
542 // Calculate checksum for 'chk' parameter:
543
544 $next_chk = GenerateChk($DotpayPin, $ParametersArray);
545
546
547
548 /*
549 Print the form according to the settings:
550 get form (POST method) or payment link (GET method)
551 ("account PIN","[test|production]","[POST|GET]","payment data","chk_value","[true|false]")
552 */
553 if (CheckPaymentCurrency($order_currency) != false) {
554
555 echo GenerateChkDotpayRedirection($DotpayPin, $Environment, $RedirectionMethod, $ParametersArray, $next_chk, $autosubmit);
556
557 } else {
558 echo "The currency of the payment you want to use (" . $order_currency . ") is not allowed in the Dotpay system!";
559 }
560
561
562 ?>
3.2. One-click and recurring payments¶
Note
Functionality is only available for shops ( id ) which were adequately configured by Dotpay, what is dependent on signed agreement.
Functionality is only available for payment card channel (number 248), allowing client to realize payments without entering complete card data in future transactions made via Dotpay.
In order to use the functionality seller’s system has to send additional parameters (described below) in payment request and client should allow his card information to be stored by Dotpay (all data is stored according to highest security standards – PCI DSS Level 1).
When using described functionality it is recommended for request sent to Dotpay to be signed as well as signature verification to be required on given shop ( id ). Description of signature creation can be found in Redirection parameters integrity protection (CHK) section.
In order to register client’s card data in Dotpay system additional parameters have to be sent:
3.2.1. Table 4. (Parameters for card registration)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Parameter defining whether client card data should be stored by Dotpay. Available values: 1 – Storing credit card data is accepted Example:
|
|
Unique buyer ID generated and stored by seller’s system. Required for future payments Important Dotpay does NOT return this information anywhere (i.e. URLC or API). type: string min length: 4 max length 1024 Example:
|
|
Optional parameter. Creates operation credit_card_registration instead of payment, what allows to register credit card without paying. Instead of charge temporary funds blockade will be issued, which is lifted when registration process is completed. Tip For operation credit_card_registration it’s required to use an amount of value 1.00 ( Available values: true – registration without payment Example:
|
In order to make payment with registered card additional parameters described below need to be sent:
3.2.2. Table 5. (Parameters for consecutive payments with previously registered card)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Unique buyer ID generated by seller’s system described in table above. |
|
Buyer’s registered card ID This information might be sent in URLC notification (special account configuration required, described in RECEIVING PAYMENT CONFIRMATION (URLC CONFIRMATION) section). It also might be received via API from operation details. |
Common parameters for both first and consecutive payments have been described in table below, all of them are optional. Standard account configuration doesn’t allow them to be used (default settings are applied, configurable by Dotpay), special agreement might be required in order to send them.
3.2.3. Table 6. (Common parameters for both first and consecutive payments)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Optional parameter. Operation type. Available values: e_commerce – first and consecutive payment in one-click model (default value), recurring_init – first transaction allowing later use of recurring payments, recurring – recurring payment (customer doesn’t have to be present in order to charge the registered card), Account ( Parameter is required when one account ( Tip A card registered through e_commerce cannot be used directly to perform recurring. To make this possible, you must first perform a recurring initiation, i.e. an operation of the recurring_init. If the card has already been registered in the e_commerce process, it is not necessary to provide full card details to perform the recurring_init, it is enough to enter the Card ID assigned by the Dotpay system ( Cards registered using recurring_init can be used for both recurring and e_commerce. |
|
Optional parameter. Allows to control whether CVV/CVV2 security code is required during payment. Applies only to consecutive e_commerce (one click). Available values: yes – required (default value), no – not required, option – field for security code will show up on payment form, but it won’t be mandatory. |
|
Optional parameter. Allows to control whether 3-D Secure authentication code is required during payment. Applies only to e_commerce model for enrolled cards. Available values: yes – required (default value, recommended for transaction security), no – not required, Tip Operation type recurring_init requires and recurring doesn’t require 3-D Secure authentication code, ignoring account settings or sent parameters. |
|
Optional parameter. Allows to control whether customer will be required to enter additional personal data on payment form (address and phone number). Available values: yes – required, no – not required (default value). |
3.2.4. Exemplary integration models and their corresponding requirements)¶
3.2.4.1. Integration model: 1 click¶
Card registration |
Consecutive payment |
|---|---|
Required parameters: - Payment process: - CVV - required - 3DS – required* |
Required parameters: Payment process: - CVV - optional - 3DS - required* |
* - recommended for transaction security
3.2.4.2. Integration model: recurring¶
Card registration |
Consecutive payment |
|---|---|
Required parameters: - Payment process: - CVV - required - 3DS - required |
Required parameters: Payment process: - CVV - not applicable - 3DS - not applicable |
* - recommended for transaction security
3.2.4.3. Mixed integration model: 1 click + recurring¶
Integration model |
Card registration |
Consecutive payment |
|---|---|---|
1 click |
Required parameters: - Payment process: - CVV - required - 3DS - required* |
Required parameters: Payment process: - CVV - optional - 3DS - required* |
recurring |
Required parameters: - - Payment process: - CVV - required - 3DS - required |
Required parameters: - Payment process: - CVV - not applicable - 3DS - not applicable |
* - recommended for transaction security
Integration model |
Card registration |
Consecutive payment |
|---|---|---|
1 click |
Required parameters: - - Payment process: - CVV - required - 3DS - required* |
Required parameters: - Payment process: - CVV - optional - 3DS - required* |
recurring |
Required parameters: - Payment process: - CVV - required - 3DS - required |
Required parameters: Payment process: - CVV - not applicable - 3DS - not applicable |
* - recommended for transaction security
Below are exemplary redirection forms for one-click payment realization.
Exemplary payment request with card registration:
1 <div>
2
3 <form action="https://ssl.dotpay.pl/t2/" method="post" id="dotpay_redirection_form">
4 <input name="api_version" value="next" type="hidden" />
5 <input name="id" value="123456" type="hidden" />
6 <input name="amount" value="320.00" type="hidden" />
7 <input name="currency" value="PLN" type="hidden" />
8 <input name="description" value="Płatność za 12345/2014" type="hidden" />
9 <input name="control" value="202cb962ac590" type="hidden" />
10 <input name="channel" value="248" type="hidden" />
11 <input name="ch_lock" value="1" type="hidden" />
12 <input name="firstname" value="John" type="hidden" />
13 <input name="lastname" value="Smith" type="hidden" />
14 <input name="email" value="john.smith@example.com" type="hidden" />
15 <input name="type" value="0" type="hidden" />
16 <input name="url" value="https://www.example.com/thanks_page.php" type="hidden" />
17 <input name="urlc" value="https://www.example.com/urlc_receiver.php" type="hidden" />
18 <input name="credit_card_store" value="1" type="hidden" />
19 <input name="credit_card_customer_id" value="f9c6a4-25473" type="hidden" />
20 <input name="chk" value="11ac1938ac47ddd53815b4aeb6230ab9fe4554d82ee11e39c41b9055f38f5c08" type="hidden" />
21 </form>
22 <p>
23 <button type="submit" form="dotpay_redirection_form" value="Submit">
24 Potwierdź zamówienie i zapłać</button>
25 </p>
26
27 </div>
Exemplary payment request using registered card data (one-click):
1 <div>
2 <form action="https://ssl.dotpay.pl/t2/" method="post" id="dotpay_redirection_form">
3
4 <input name="api_version" value="next" type="hidden" />
5 <input name="id" value="123456" type="hidden" />
6 <input name="amount" value="410.00" type="hidden" />
7 <input name="currency" value="PLN" type="hidden" />
8 <input name="description" value="Płatność za 12346/2014" type="hidden" />
9 <input name="control" value="31ee79b30dc39a9cbaa" type="hidden" />
10 <input name="channel" value="248" type="hidden" />
11 <input name="ch_lock" value="1" type="hidden" />
12 <input name="firstname" value="John" type="hidden" />
13 <input name="lastname" value="Smith" type="hidden" />
14 <input name="email" value="john.smith@example.com" type="hidden" />
15 <input name="type" value="4" type="hidden" />
16 <input name="url" value="https://www.example.com/thanks_page.php" type="hidden" />
17 <input name="urlc" value="https://www.example.com/urlc_receiver.php" type="hidden" />
18 <input name="credit_card_customer_id" value="f9c6a4-25473" type="hidden" />
19 <input name="credit_card_id" value="59f92e2bf8bedc36bec2219862448dd54d...1829a239eb7432d0easuxp2w158eb13d6333ce71369184eb7ab02ae" type="hidden" />
20 <input name="chk" value="ed0ef4e488ec2de3135b0a1ca226c31867f78bbcd8fe06506ae666210a78d68c" type="hidden" />
21
22 </form>
23
24 <p>
25 <button type="submit" form="dotpay_redirection_form" value="Submit">Potwierdź zamówienie i zapłać (płatność one-click)</button>
26 </p>
27 </div>
Note
For recurring payments it is recommended to use direct communication with Dotpay using REST API ( register order ).
Table below describes parameters which allow payment card data to be sent to Dotpay system if it is entered by client on seller’s website (for example on order summary page) instead of Dotpay.
Note
Processing payment card data by seller’s system requires – according to Payment Card Industry Data Security Standard (PCI DSS) – additional conditions to be met.
In order to receive more information about necessary formalities please contact Sales Department (handlowy@dotpay.pl).
Caution
Sending payment card data with parameters described below is only possible via POST method.
3.2.5. Table 11. (Parameters for credit card data)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Client’s payment card number. type: credit_card_number max length: 26 regular expression: ^[\d\s]{12,26}$
Example:
|
|
Year of client’s payment card expiration date. length: 4 regular expression: ^(20)((19)|([2-9][0-9]))$
Example:
|
|
Month of client’s payment card expiration date. length: 2 regular expression: ^(0[1-9])|(1[0-2])$
Example:
|
|
Client’s payment card security code (CVV2/CVC2). type: number max length: 4 regular expression: ^\d{3,4}$
Example:
|
Deleting registered card might be realized with methods below:
Client might use link given in payment confirmation emails.
Deregistration request might be sent to Dotpay from seller’s system via API.
Request should be sent using DELETE method to the https://ssl.dotpay.pl/t2/payment_api/v1/cards/{credit_card_id}/ address where {credit_card_id} is card ID which should be removed.
Below is exemplary request (in PHP) and response of card deregistration. Authorization data (user, password) is adequate to seller GUI login credentials.
Request:
1 <?php
2
3 $ch = curl_init();
4 curl_setopt($ch, CURLOPT_URL, "https://ssl.dotpay.pl/t2/payment_api/v1/cards/59f92e2bf8bedc36bec221...718c58eb13d6333ce71369184eb7ab02ae/");
5 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
6 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
7 curl_setopt($ch, CURLOPT_CAINFO, "ca-bundle.crt"); //http://curl.haxx.se/docs/caextract.html
8 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
9 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
10 curl_setopt($ch, CURLOPT_TIMEOUT, 100);
11 curl_setopt($ch, CURLOPT_USERPWD, 'user:password');
12 curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
13
14 $response = curl_exec($ch); // API response
15 $curl_info = curl_getinfo($ch); //curl info
16 curl_close($ch);
17
18 echo '<pre>';
19 echo 'HTTP status code: '.$curl_info[http_code];
20 echo PHP_EOL.'-------------------------'.PHP_EOL.PHP_EOL;
21 print_r(json_decode($response));
22 echo '</pre>';
Sample request to unregister the card:
- DELETE /cards/(string: credit_card_id)/¶
Response:
HTTP/1.1 204 No Content
HTTP status code meaning:
CODE |
MEANING / DESCRIPTION |
|---|---|
Deleted |
|
Credit Card not found |
|
Request processing error |
3.3. Split payment (Multimerchant)¶
Note
Functionality is only available for shops ( id ) which were adequately configured by Dotpay, what is dependent on signed agreement.
Functionality allows to split one payment into multiple amounts to be accounted on given shops ( id ). Request has to contain additional parameters (required id(n) , amount(n) , and optional currency(n) , description(n) , control(n) , where (n) is a greater than 0 integer defining consecutive ID, amounts etc.) alongside standard parameters described in ADVANCED VERSION section.
Caution
It is not possible to make a Multimerchant payment with different currencies at once, value of each currency(n) parameter has to be the same as currency .
When using this functionality parameter id defines shop (called multimerchant parent) where operation payment_multimerchant_parent will be created, only as an information about full payment amount (sent in amount parameter). Meanwhile on shops id(n) (called multimerchant child) amounts amount1 - amount(n) will be accounted as payment_multimerchant_child operation.
Information sent is URLC notifications is adequate to given payment_multimerchant_parent or payment_multimerchant_child created on each shop ( id ).
Caution
In order for URLC notifications to be sent on multimerchant child accounts, an address has to be entered in each id(n) configuration () as there is no option to define parameter like urlc(n) .
Caution
It is only possible to refund payment_multimerchant_child operation accounted on given id(n) . It is NOT possible to refund whole payment using payment_multimerchant_parent .
Below is an exemplary split payment form.
1 <div>
2
3 <form action="https://ssl.dotpay.pl/t2/" id="dotpay_redirection_form" method="POST" enctype="application/x-www-form-urlencoded">
4 <input type="hidden" name="api_version" value="next">
5
6 <input type="hidden" name="id" value="123456">
7 <input type="hidden" name="amount" value="320.00">
8 <input type="hidden" name="currency" value="PLN">
9 <input type="hidden" name="description" value="Płatność za zamówienie 01/2017 parent">
10 <input type="hidden" name="control" value="control_parent">
11
12 <input type="hidden" name="id1" value="456123">
13 <input type="hidden" name="amount1" value="120.00">
14 <input type="hidden" name="currency1" value="PLN">
15 <input type="hidden" name="description1" value="Płatność za zamówienie 01/2017 child1">
16 <input type="hidden" name="control1" value="control_child1">
17
18 <input type="hidden" name="id2" value="561423">
19 <input type="hidden" name="amount2" value="90.00">
20 <input type="hidden" name="currency2" value="PLN">
21 <input type="hidden" name="description2" value="Płatność za zamówienie 01/2017 child2">
22 <input type="hidden" name="control2" value="control_child2">
23
24 <input type="hidden" name="id3" value="642513">
25 <input type="hidden" name="amount3" value="110.00">
26 <input type="hidden" name="currency3" value="PLN">
27 <input type="hidden" name="description3" value="Płatność za zamówienie 01/2017 child3">
28 <input type="hidden" name="control3" value="control_child3">
29 </form>
30
31 <p>
32 <button type="submit" form="dotpay_redirection_form" value="Submit">
33 Potwierdź zamówienie i zapłać
34 </button>
35 </p>
36
37 </div>
Important
Sum of amounts sent in parameters amount1, amount2, …, amount(n) has to be equal to the total amount of payment, defined in parameter amount .
3.4. Masscollect¶
Note
Functionality is only available for shops ( id ) which were adequately configured by Dotpay, what is dependent on signed agreement.
Functionality allows to send recipient bank account number in transaction request, which Is going to be used in payout, that is default account number defined is account ( id ) configuration will be overwritten.
Depending on account configuration, payouts created by automatic payouts mechanism will either be aggregated by bank account numbers or in 1:1 for where every payment creates separate payout. Payouts of any amount are always aggregated.
Caution
Using described functionality requires request sent to Dotpay to be signed as well as signature verification to be required on given shop ( id ). Description of signature creation can be found in Redirection parameters integrity protection (CHK) section.
In order to make Masscollect payments, additional parameters described in the table below should be sent in the order. Only the recipient_account_number parameter is required, however, it is also recommended to provide the recipient’s name using the parameter recipient_company or recipient_first_name and recipient_last_name .
3.4.1. Table 12. (Additional parameters used in the Masscollect service)¶
PARAMETER |
MEANING / DESCRIPTION |
|---|---|
Recipient account number in BBAN format.
Example:
|
|
Recipient company name
Example:
|
|
Recipient first name
Example:
|
|
Recipient last name
Example:
|
|
Street – recipient address
Example:
|
|
Building number – recipient address
Example:
|
|
Flat number – recipient address
Example:
|
|
Postcode – recipient address
Example:
|
|
City – recipient address
Example:
|
Below is an exemplary Masscollect payment form.
1 <div>
2
3 <form action="https://ssl.dotpay.pl/t2/" id="dotpay_redirection_form" method="POST" enctype="application/x-www-form-urlencoded">
4
5 <input type="hidden" name="id" value="123456">
6 <input type="hidden" name="amount" value="123.45">
7 <input type="hidden" name="currency" value="PLN">
8 <input type="hidden" name="api_version" value="next">
9 <input type="hidden" name="description" value="Płatność za zamówienie 07/2017">
10 <input type="hidden" name="recipient_account_number" value="32249000896640389235035459">
11 <input type="hidden" name="recipient_company" value="Moja Firma S.A.">
12 <input type="hidden" name="recipient_first_name" value="Jan">
13 <input type="hidden" name="recipient_last_name" value="Kowalski">
14 <input type="hidden" name="recipient_address_street" value="Wielicka">
15 <input type="hidden" name="recipient_address_building" value="72">
16 <input type="hidden" name="recipient_address_apartment" value="1">
17 <input type="hidden" name="recipient_address_postcode" value="30-552">
18 <input type="hidden" name="recipient_address_city" value="Kraków">
19 <input type="hidden" name="chk" value="3135b6debcd8fe4e488ec2easux506c31867f78bed0ef0a1ca2266210a78d68c" />
20 </form>
21
22 <p>
23 <button type="submit" form="dotpay_redirection_form" value="Submit">
24 Potwierdź zamówienie i zapłać
25 </button>
26 </p>
27
28 </div>
3.5. Shipping and payer data¶
In order for channel provider to evaluate customer’s credit score, new additional parameters have been added.
Below is the list of those parameters with their description and requirements.
Sending more data than just required minimum might have big impact on credit score. If it is possible, it’s recommended to send complete data.
In order to process a given payment method, a new customer parameter has been added for integration with Dotpay. This parameter should contain specific information according to the following Table 13. Some payment channels may require less data, such as PayPo or Raty Alior.
3.5.1. Table 13. (Data handled by customer parameter)¶
FIELD NAME |
TYPE |
DESCRIPTION |
|---|---|---|
|
string |
Payer name |
|
string |
Payer lastname |
|
string |
Payer email address |
|
string |
Payer phone number |
|
- |
Payer address |
|
string |
Payer address: city |
|
string |
Payer address: street |
|
string |
Payer address: building number |
|
string |
Payer address: flat number |
|
string |
Payer address: post code |
|
string |
Payer address: (ISO 3166-1 alpha2) or (ISO 3166-1 alpha3) country code |
|
boolean |
Whether payer has register an account before placing an order |
|
string |
Payer’s registration date on the seller’s website, format YYYY-MM-DD or YYYY-MM-DD hh:mm:ss Optional, if it’s sent, |
|
string (indicator) |
Payer’s registration date on the seller’s website, indicator for the Optional, if it’s sent, |
|
string |
Date of last change of paying account on the seller’s website, format YYYY-MM-DD |
|
string (indicator) |
Date of last change of paying account on the seller’s website, indicator for the field |
|
string |
Date of last password change for the paying account on the seller’s website, format YYYY-MM-DD |
|
string (indicator) |
Date of last change of password for the paying account on the seller’s website, indicator for the field |
|
string |
Date from when the payer’s delivery address is used, format YYYY-MM-DD |
|
string (indicator) |
Date from which the payer’s delivery address is used, the indicator for the field |
|
int |
How many orders the payer has made made since registration Optional, if it’s sent, |
|
int |
The number of orders placed by the paying seller on the same day |
|
int |
Number of orders placed by the paying seller in the same year |
|
boolean |
Has the store ever seen suspicious activity on this buyer’s account |
|
- |
Current payer order history |
|
string |
n-order place date in YYYY-MM-DD format |
|
decimal (10,2) |
Gross price of n-product |
|
- |
Order |
|
string |
The value of the entire order |
|
string |
Order ID in the seller’s system. Corresponds to the ID number of the entire order in the store database |
|
- |
The contents of the shopping cart. We recommend that you do not exceed the number 100 articles in the list |
|
string |
ID of given shop product |
|
string |
The name of a single product in the seller’s system. Corresponds to the name of the product in the store database.
[\w\s\-_. ,'?@\\\/ąćęłńóśźżĄĆĘŁÓŃŚŹŻ]+$
|
|
int |
Number of items in the customer’s order (n * Goods = total number of items)
|
|
string |
Item measurement unit, eg. quantity, kg, liters, meters and so on. |
|
decimal(10,2) |
Gross price of n-product. Corresponds to the price of the product in the store database. |
|
string |
Order type (eg. product, payment, delivery, discount) |
|
boolean |
Product is virtual (doesn’t require a delivery) |
|
string |
The category of a single product in the seller’s system. the category should match one of the elements listed in the dictionary. List of available categories: Dictionary of available sales categories |
|
string |
Delivery method Available values:
|
|
- |
Delivery address If the package is delivered to a point / parcel locker / etc, such address and name should be given, not the details of the actual recipient. |
|
string |
Delivery address: city |
|
string |
Delivery address: street |
|
string |
Delivery address: building number |
|
string |
Delivery address: flat number |
|
string |
Delivery address: post code |
|
string |
Delivery address: (ISO 3166-1 alpha2) or (ISO 3166-1 alpha3) country code |
|
string |
Name of recipient / collection point.
|
|
string |
Recipient’s phone number |
|
bool |
Delivery address: Whether the delivery address is verified |
Note
If the store does not want to provide the correct date, it is possible to use an indicator field of replacement type for selected parameters.
3.5.2. Values used for indicator field replacement for selected fields:¶
VALUE |
DESCRIPTION |
|---|---|
01 |
The payer’s account does not exist on the seller’s website |
02 |
Date of the transaction just ordered |
03 |
Date not older than 30 days ago |
04 |
Date in the range 30 - 60 days ago |
05 |
Date older than 60 days ago |
Exemplary use of parameters described above:
1 {
2 "payer": {
3 "first_name": "Jan",
4 "last_name": "Kowal",
5 "email": "jankowal@example.com",
6 "phone": "123456789",
7 "address": {
8 "city": "Warszawa",
9 "street": "Krucza",
10 "building_number": "1a",
11 "flat_number": "4",
12 "postcode": "00-950",
13 "country": "POL"
14 }
15 },
16 "is_logged_in": true,
17 "registered_since": "2017-02-11",
18 "order_count": 2,
19 "order_history": [
20 {
21 "date": "2017-02-11",
22 "amount": "456.21",
23 "delivery_type": "COURIER"
24 },
25 {
26 "date": "2018-05-21",
27 "amount": "879.67",
28 "delivery_type": "POCZTA_POLSKA"
29 }
30 ],
31 "order": {
32 "id": "MHH67HF8DS",
33 "items": [
34 {
35 "id": "3245623",
36 "name": "Super Phone 1",
37 "quantity": 1,
38 "unit_type": "szt.",
39 "gross_price": "856.52",
40 "type": "towar",
41 "is_virtual": false
42 },
43 {
44 "id": "3245625",
45 "name": "Dostawa",
46 "quantity": 1,
47 "unit_type": "szt.",
48 "gross_price": "15.00",
49 "type": "dostawa",
50 "is_virtual": false
51 }
52 ],
53 "delivery_type": "POCZTA_POLSKA",
54 "delivery_address": {
55 "city": "Kraków",
56 "street": "Wielicka",
57 "building_number": "28b",
58 "flat_number": "5",
59 "postcode": "30-552",
60 "country": "POL"
61 }
62 }
63 }
3.5.3. Dictionary of article categories for the parameter order.items.category¶
VALUE |
DESCRIPTION |
|---|---|
ART_ANTIQUES |
Works of art, antiques |
BOOKS_EDUCATIONAL |
Books, educational materials |
BUILDING_MATERIALS |
Building Materials |
CARS_MOTORBIKES_SCOOTERS |
Cars, motorbikes, mopeds, scooters |
CLOTHING_SHOES |
Clothing, shoes |
COMP_COMPONENTS |
Computer components and accessories including monitors, printers and scanners |
COMPUTERS |
Computers |
CONSOLES_GAMES |
Consoles and games |
DEVOTIONAL |
Devotional articles |
DOORS_WINDOWS |
Windows and doors |
ECO_SYSTEMS |
Ecological systems |
FOR_CHILDREN |
Baby carriages, car seats and others |
FUEL_COAL |
Fuel and coal |
FURNITURE |
Furniture |
GARDENING |
Seeds, fertilizers, plants |
GIFT_VOUCHERS |
Gift vouchers, packages (other than medical) |
HEATING |
Central heating boilers, JUNKERS |
HOME_FURNISHINGS |
Home furnishings |
HOME_TEXTILES |
Home textiles, bedding and blankets |
HOUSEHOLD_GOODS_BIG |
Household appliances large |
HOUSEHOLD_GOODS_SMALL |
Household appliances small |
INSURANCE |
Insurance services |
JEWELRY_WATCHES |
Jewelry, watches |
LAPTOPS_TABLETS |
Laptops and tablets |
MUSICAL_INSTRUMENTS |
Musical instruments |
OTHER_MOTORIZATION |
Other motorization |
PHONES_GPS |
Telephones and GPS |
PHOTO_CAMERA |
Photo and Camera |
RTV |
RTV |
SERVICES |
Services |
SOFTWARE |
Software and other computer components |
SPORTS_REHABILITATION |
Sporting / rehabilitation / tourist articles |
TOOLS_DEVICES |
Tools and devices |
VEHICLE_ACCESSORIES_EQUIPMENT |
Vehicle accessories and equipment |
3.5.4. Data required in customer parameter for PayPo channel¶
To make a payment with PayPo channel, specific data is required, which has been described in Table 13 :
1 {
2 "payer": {
3 "first_name": "Jan",
4 "last_name": "Kowal",
5 "email": "jankowal@example.com"
6 },
7 "order": {
8 "delivery_address": {
9 "city": "Kraków",
10 "street": "Wielicka",
11 "building_number": "28B",
12 "postcode": "30-552"
13 }
14 }
15 }
1 {
2 "payer": {
3 "first_name": "Jan",
4 "last_name": "Kowal",
5 "email": "jankowal@example.com",
6 "phone": "+48126882600"
7 },
8 "registered_since": "2017-02-11",
9 "order_count": 2,
10 "order": {
11 "id": "MHH67HF8DS",
12 "delivery_type": "POCZTA_POLSKA",
13 "delivery_address": {
14 "city": "Kraków",
15 "street": "Wielicka",
16 "building_number": "28b",
17 "flat_number": "5",
18 "postcode": "30-552",
19 "country": "POL"
20 }
21 }
22 }
Optional parameters for PayPo have been colored, their absence might negatively impact payer’s credit score.
In order for this information to be passed to Dotpay in customer parameter, it has to be formatted correctly. First it needs to be encoded in JSON format and then encoded using Base64.
customer parameter value (minimum) for PayPo channel in PHP:¶ 1 <?php
2
3 $customer = array (
4
5 "registered_since" => "2017-12-31",
6 "order_count" => 12,
7
8
9 "payer" => array(
10 "first_name" => "Jan",
11 "last_name" => "Kowal",
12 "email" => "jan@example.com"
13 ),
14 "order" => array(
15 "delivery_type" => "COURIER",
16 "delivery_address" => array(
17
18 "city" => "Krakow",
19 "street" => "Wielicka",
20 "building_number" => "11",
21 "flat_number" => "7",
22 "postcode" => "30-553",
23 "country" => "POL"
24 )
25 )
26
27 );
28
29
30
31 $customer_base64 = base64_encode(json_encode($customer));
32
33 ?>
3.5.5. Data required in customer parameter for Raty Alior channel¶
To make a payment with Raty Alior channel, specific data is required, which has been described in Table 13 :
1 {
2 "payer":{
3 "first_name":"Jan",
4 "last_name":"Kowal",
5 "email":"jankowal@example.com"
6 },
7 "order":{
8 "items":[
9 {
10 "name":"Super Phone 1",
11 "quantity":1,
12 "gross_price":"1200.00",
13 "category":"PHONES_GPS"
14 },
15 {
16 "name":"Pendrive 64GB",
17 "quantity":4,
18 "gross_price":"50.00",
19 "category":"COMP_COMPONENTS"
20 }
21 ]
22 }
23 }
The value of the order.items.category parameter should be filled in according to the category dictionary.
The number of products in the order.items parameter is limited and should not be more than 500 items.
In order for this information to be passed to Dotpay in customer parameter, it has to be formatted correctly. First it needs to be encoded in JSON format and then encoded using Base64.
customer parameter value (minimum) for Raty Alior channel in PHP:¶ 1 <?php
2
3 $customer = array(
4 "payer" => array(
5 "first_name" => "Jan",
6 "last_name" => "Kowal",
7 "email" => "jankowal@example.com",
8 ),
9
10 "order" => array(
11 "items" => [
12 array(
13 "name" => "Super Phone 1",
14 "quantity" => 1,
15 "gross_price" => "1200.00",
16 "category" => "PHONES_GPS"
17 ),
18
19 array(
20 "name" => "Pendrive 64GB",
21 "quantity" => 4,
22 "gross_price" => "50.00",
23 "category" => "COMP_COMPONENTS"
24 )
25
26 ],
27 )
28
29
30 );
31
32
33 $customer_base64 = base64_encode(json_encode($customer));
34
35 ?>
3.5.6. Data required in customer parameter for PayPal channel (only with PayPal SPP)¶
The technical requirements necessary to obtain the “Extended Seller Protection Policy (SPP)” from PayPal to buy online - shop or reception point.
If you use the seller protection program on your PayPal account and you have an appropriate agreement in this regard with PayPal, in integration with Dotpay it is necessary to send additional information.
To make a payment with PayPal in SPP channel, specific data is required, which has been described in Table 13 :
1 {
2 "payer":{
3 "first_name":"Jan",
4 "last_name":"Kowal",
5 "email":"jankowal@example.com"
6 },
7 "order":{
8 "delivery_address":{
9 "name":"PPP:6252652",
10 "city":"Kraków",
11 "street":"Wielicka",
12 "building_number":"28B",
13 "postcode":"30-552",
14 "phone":"+48126880000",
15 "country":"PL"
16 }
17 }
18 }
In order for this information to be passed to Dotpay in customer parameter, it has to be formatted correctly. First it needs to be encoded in JSON format and then encoded using Base64.
customer parameter value (minimum) for PayPal (SPP) channel in PHP:¶ 1 <?php
2
3 $customer = array(
4 "payer" => array(
5 "first_name" => "Jan",
6 "last_name" => "Kowal",
7 "email" => "jan@example.com"
8 ) ,
9 "order" => array(
10 "delivery_address" => array(
11
12 "name" => "PPP:6252652",
13 "city" => "Krakow",
14 "street" => "Wielicka",
15 "building_number" => "28B",
16 "postcode" => "30-552",
17 "phone" => "+48126880000",
18 "country" => "PL"
19 )
20 )
21
22 );
23
24 $customer_base64 = base64_encode(json_encode($customer));
25
26 ?>
Note
In order for the sent data to be correctly interpreted and sent from Dotpay to PayPal, such fact must be reported to Dotpay (tech@dotpay.pl) in advance for the correct configuration of the account.
3.6. Faulty redirections from the merchant’s system¶
On Dotpay’s side a shop ( id ) may be configured in such a way that in case of a faulty redirection to Dotpay (caused by e.g. a faulty parameters passed by the merchant’s system) an automated redirection will be made to the address from the url parameter (sent by merchant’s system) along with a faulty code.
When an error occurs a redirection to the address from url parameter will be made error_code parameter with a proper value will be added.
Note
In order to activate functionality enable Handling error codes in URL option available in seller administration panel in .
For example, while redirecting from a merchant’s system to unknown payment channel number in Dotpay, for passed in the redirection parameter url : url = https://example.com/
redirection will be to: https://example.com/?error_code=UNKNOWN_CHANNEL
error_code values are listed below:
PAYMENT_EXPIRED - payment link expired or datetime defined in expiration_date parameter has been exceeded
UNKNOWN_CHANNEL – invalid value of parameter channel
DISABLED_CHANNEL – payment channel is unavailable
UNKNOWN_CURRENCY – currency code is invalid
BLOCKED_ACCOUNT – account ( id ) is blocked
INACTIVE_SELLER – account ( id ) is inactive
AMOUNT_TOO_LOW - amount is lower than minimum defined for shop
AMOUNT_TOO_HIGH - amount is higher than maximum defined for shop
BAD_DATA_FORMAT - invalid request data, e.g. invalid expiration_date format
URLC_INVALID - account ( id ) settings require the URLC to contain SSL (the address starts with: ‘https: // ‘)
REQUIRED_PARAMETERS_NOT_PRESENT – one of the required parameters is missing
MULTIMERCHANT_INVALID_ACCOUNT_CONFIGURATION – one of the accounts is not properly configured for Multimerchant payments
MULTIMERCHANT_INSUFFICIENT_AMOUNT – sum of amount(n) parameters is not equal to amount value
MULTIMERCHANT_WRONG_CURRENCY – values of parameters currency and currency(n) are not equal
CREDIT_CARD_NOT_ACCEPTED – credit card data has been sent, but account ( id ) configuration doesn’t allow processing it
CREDIT_CARD_OPERATION_TYPE_NOT_ACCEPTED_CODE – parameter sent credit_card_operation_type , but account serrings ( id ) does not allow its processing
CREDIT_CARD_SECURITY_CODE_REQUIRED_NOT_ACCEPTED_CODE – parameter sent credit_card_security_code_required , but account serrings ( id ) does not allow its processing
CREDIT_CARD_3DS_NOT_ACCEPTED_CODE – parameter sent credit_card_threeds , but account serrings ( id ) does not allow its processing
CREDIT_CARD_AVS_NOT_ACCEPTED_CODE – parameter sent credit_card_avs , but account serrings ( id ) does not allow its processing
UNKNOWN_ERROR - returned value in other case than the above mentioned
4. TEST ENVIRONMENT¶
It is possible to create a test environment (independently on production environment) which allows to make a simulation payment (transaction) in order to test the shop integration with Dotpay payment system.
Note
In order to receive Dotpay test environment access fill in registration form available at : https://ssl.dotpay.pl/test_seller/test/registration/
The address of a test environment has been placed below. Any action which should be taken in order to integrate with Dotpay payment system is analogical to the above described.
https://ssl.dotpay.pl/test_payment/ - address of the payment form
https://ssl.dotpay.pl/test_seller/ - address of the administration panel
https://ssl.dotpay.pl/test_payment/payment_api/channels/ - payment API address (channel list)
Simulating card payment (channel 248) requires valid card data.
Table below contains few exemplary cards which might be used for that purpose. Expiration date is anything from current date to December 2030.
4.1. Table 14. (List of sample card numbers that can be used in the process of testing card payments)¶
TYPE |
NUMBER |
CVV2 / CVC2 |
3DS |
|---|---|---|---|
Visa* |
4916 9715 6289 1025 |
025 |
No |
Visa* |
4929 5320 2788 7670 |
670 |
Yes |
MasterCard* |
5498 5400 7907 4343 |
343 |
No |
MasterCard* |
5344 6642 8071 1026 |
026 |
Yes |
Visa |
4111 1111 1111 1111 |
111 |
No |
Visa |
4444 4444 4444 4448 |
448 |
Yes |
MasterCard |
5500 0055 5555 5559 |
559 |
No |
* for One-click or recurring payment testing
5. ADDITIONAL INFORMATION¶
5.1. Verification of the IP address¶
Dotpay IP addresses:
195.150.9.37 and 91.216.191.181 – 91.216.191.185 and 5.252.202.254 - 5.252.202.255
Using the above-mentioned IP service Dotpay sends all confirmation to the merchant’s system. For proper communication, the merchant should accept connections from this addresses.
Caution
Merchant’s system should always verify IP address from which a confirmation has been sent for security reasons.
Because of PCI DSS requirement the only SSL version used by Dotpay server is TLSv1.2 and TLSv1.3, with other protocol versions encrypted connection with host ssl.dotpay.pl will not be possible.
5.2. Security of payment integration¶
In order to provide the highest security standards for your transactions we recommend using all available security mechanisms.
Note
Transaction security should be handled in two places:
5.2.1. Redirecting customer from shop to Dotpay¶
Redirecting customer to Dotpay involves sending parameters defining payment details. To prevent unauthorized data manipulation in this step we recommend using data integrity protection. Parameters can be signed, this signature is passed as an additional chk parameter along other standard parameters.
A description of this functionality can be found in the chapter Redirection parameters integrity protection (CHK).
If your service is ready to send chk parameter for all of the transactions please contact Dotpay to enforce its verification.
Caution
Keep in mind minimal amount of payment parameters sent to Dotpay is: id , amount , currency , description .
Please verify whether your integration send those parameters correctly, according to format defined in this payment implementation manual.
5.2.2. Receiving confirmation of the posted payment in Dotpay¶
In order to send operation (transaction) confirmation to shop URLC (HTTP request, callback), mechanism is used, which using POST method passes all parameters.
If you are using this automatic notifications URLC, please make sure for every order received data is verified, especially when it comes to operation type ( operation_type ), it’s status ( operation_status ) and: - operation_original_amount - The amount taken from amount parameter which has been sent by merchant’s system.- operation_original_currency - The currency taken from currency parameter which has been sent by merchant’s system. - signature - checksum created by SHA‑256 function from concatenated notification parameters
We also recommend to verify URLC notification origin, so in this case if IP belongs to Dotpay and is made using POST method. The IP address from which Dotpay sends notifications is listed in the chapter Verification of the IP address.
Caution
After receiving the confirmation of payment in the Dotpay service, the store should absolutely compare the value of the amount and currency paid with the expected amount registered when placing the order by the buyer in the store’s database.
The order should be processed by the store only when it checks whether the value due for the order stored in the store’s database is equal to the value posted in Dotpay assigned to the order!
6. ATTACHMENT I - PAYMENT CHANNELS¶
In the following table all channels which are available in Dotpay system are presented. Availability of payment method in a given account ( id ) depends on signed contract.
In the table the following are presented channel names, their providers and numbers, logotypes and remarks. Channel numbers are values which are accepted by channel parameter described in the above chapters.
6.1. Table 15. (Payment channels available in Dotpay system)¶
6.1.1. PAYMENT CARDS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
71 |
MasterPass |
- |
|
24/7 |
Available only for business accounts. |
246 |
Payment cards |
- |
|
24/7 |
Available only for business accounts. |
248 |
Payment cards |
- |
|
24/7 |
Available only for business accounts. Available for currency: PLN, EUR, USD, GBP |
249 |
Visa SRC |
- |
|
24/7 |
Available only for business accounts. |
260 |
Google Pay |
Google LLC |
|
24/7 |
Available only for business accounts. Required separate agreement. |
262 |
Apple Pay |
Apple Inc. |
|
24/7 |
Available only for business accounts. |
6.1.2. FAST TRANSFERS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
1 |
mTransfer |
mBank S.A. |
|
24/7 |
|
2 |
Płacę z Inteligo |
Bank PKO BP |
|
24/7 |
|
4 |
Płacę z iPKO |
Bank PKO BP |
|
24/7 |
|
6 |
Przelew24 |
Santander Bank Polska SA (previously Bank Zachodni WBK SA) |
|
24/7 |
|
36 |
Pekao24Przelew |
Bank Pekao S.A. |
|
24/7 |
|
38 |
Płać z ING |
ING Bank Śląski S.A. |
|
24/7 |
|
44 |
Millennium - Płatności Internetowe |
Millennium Bank S.A. |
|
24/7 |
|
45 |
Pay with Alior Bank |
Alior Bank S.A. |
|
24/7 |
|
46 |
Płacę z Citi Handlowy |
Citi Bank Handlowy S.A. |
|
24/7 |
|
50 |
Pay Way Toyota Bank |
Toyota Bank Polska |
|
24/7 |
|
51 |
Płać z BOŚ |
BOŚ Bank S.A. |
|
24/7 |
|
66 |
Bank Nowy S.A. |
Bank Nowy Spółka Akcyjna z siedzibą w Poznaniu |
|
24/7 |
|
70 |
Pocztowy24 |
Bank Pocztowy S.A. |
|
24/7 |
|
73 |
BLIK |
Polski Standard Płatności Sp. z o.o. |
|
24/7 |
|
74 |
Banki Spółdzielcze |
Krajowa Izba Rozliczeniowa S.A. |
|
24/7 |
|
75 |
Płacę z Plus Bank |
Krajowa Izba Rozliczeniowa S.A. |
|
24/7 |
|
76 |
VeloBank PBL |
Krajowa Izba Rozliczeniowa S.A. |
|
24/7 |
|
86 |
TrustPay |
Trust Pay |
|
24/7 |
Available only for business accounts. Available for currency: CZK, EUR |
87 |
Credit Agricole PBL |
Credit Agricole Bank Polska S.A. |
|
24/7 |
Available only for business accounts. |
90 |
BNP Paribas – płacę z Pl@net |
Krajowa Izba Rozliczeniowa S.A. |
|
24/7 |
Available only for business accounts. |
91 |
Nest Bank |
Krajowa Izba Rozliczeniowa S.A. |
|
24/7 |
Available only for business accounts. |
92 |
Bank Spółdzielczy w Brodnicy |
Krajowa Izba Rozliczeniowa S.A. |
|
24/7 |
Available only for business accounts. |
93 |
Kasa Stefczyka |
Spółdzielcza Kasa Oszczędnościowo-Kredytowa im. F. Stefczyka |
|
24/7 |
6.1.3. TRANSFERS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
7 |
ING Corporate customers |
ING Bank Śląski S.A. |
|
Mon - Sat 8:00am - 8:00pm |
|
10 |
Millennium Corporate customers |
Millennium Bank S.A. |
|
Mon - Fri 8:00am - 8:00pm |
|
15 |
iPKO |
Bank PKO BP |
|
0:00am – 11:00pm / 7 |
|
16 |
Credit Agricole |
Credit Agricole Bank Polska S.A. |
|
4:00am – 11:00pm / 7 |
|
32 |
BNP Paribas |
BNP Paribas Bank Polska SA |
|
Mon - Fri 8:00am – 9:00pm |
|
89 |
Santander |
Santander Bank Polska SA (previously Bank Zachodni WBK SA) |
|
Mon - Fri 8:00am – 9:00pm |
6.1.4. CASH¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
11 |
Bank transfer / postal |
- |
|
Mon - Fri 3 Elixir sessions |
|
82 |
SEPA transfer |
- |
|
Mon - Fri 3 Elixir sessions |
Available only for business accounts. Available for currency: EUR |
6.1.5. PURSES AND VOUCHERS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
52 |
SkyCash |
SkyCash Poland S.A. |
|
24/7 |
|
59 |
CinkciarzPAY |
Conotoxia Sp. z o.o. |
|
24/7 |
|
218 |
paysafecard |
Paysafecard |
|
24/7 |
Available for currency: PLN WARNING: refunds are not available on this channel |
6.1.6. INSTALLMENTS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
55 |
Raty z Alior Bankiem |
Alior Bank S.A. |
|
24/7 |
Available only for business accounts, for orders between 300.00 PLN and amount defined in the agreement. |
68 |
mRaty |
mBank S.A. |
|
24/7 |
Available only for business accounts, for orders between 300.00 PLN and amount defined in the agreement. |
6.1.7. OTHERS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
212 |
PayPal |
PayPal |
|
24/7 |
Available for currency: PLN Gateway model, Dotpay doesn’t send funds to the seller. |
6.1.8. POSTPONED PAYMENTS¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
94 |
Kupuj teraz, zapłać później [Buy now, pay later] |
Aiqlabs Sp. z o.o. |
|
24/7 |
Available only for business accounts, for orders between 100.00 PLN and 2000.00 PLN or amount defined in the agreement. |
92 |
PayPo |
PayPo Sp. z o.o. |
|
24/7 |
Available only for business accounts. for orders between 10.00PLN and 2000.00PLN. Required separate agreement. Requires |
6.1.9. MOBILE TRANSFERS - Direct Carrier Billing type¶
NUMBER |
NAME |
PROVIDER |
LOGO |
POSTING PAYMENTS |
REMARKS |
|---|---|---|---|---|---|
231 |
Orange |
Orange Polska S.A. |
|
24/7 |
Available only for business accounts. Required separate agreement with Dotpay partner. |
232 |
T-Mobile |
T-Mobile Polska S.A. |
|
24/7 |
Available only for business accounts. Required separate agreement with Dotpay partner. |
233 |
PLAY |
P4 Sp. z o.o. |
|
24/7 |
Available only for business accounts. Required separate agreement with Dotpay partner. |
234 |
Plus |
Polkomtel Sp. z o.o. |
|
24/7 |
Available only for business accounts. Required separate agreement with Dotpay partner. |
6.2. Payment Channel List - available for download¶
Note
Listed channels and their logos are available for download at:
Channel logos: ( zip format )
Available payment methods : ( format xlsx )
Available payment methods: ( format json )
7. ATTACHMENT II - OPERATION STATUSES DESCRIPTION¶
In the following table are presented description of operation statuses which are created in system.
7.1. Table 16. (Operation statuses created in the Dotpay system)¶
STATUS |
MEANING / DESCRIPTION |
|---|---|
new (new) |
A new operation. It means establishment of the operation. |
processing (waiting for deposit) |
The operation is being processed, e.g. for payment type it means that a payer came back to Dotpay from a payment channel provider or a provider has informed Dotpay about this fact. payment and payment_multimerchant_child operations don’t have the accounting in the processing state. Complaint operation in this state means that a complaint procedure has been started. |
completed (completed) |
For payment, payment_multimerchant_child types it means that Dotpay has already had (or is sure to have) funds from the payment made by a customer. For release_rollback type it means that locked funds from rollback were released to the shop’s account ( For payout, refund and complaint types it means that funds have been transferred to a merchant, to a payer or a payment channel provider. This is the final status which means the operation will not change its status. For this operation additional accounting may be written but only those that are as a result of e.g. correction or correction incorrectly calculated. |
rejected (rejected) |
For payment, payment_multimerchant_child types it means that Dotpay has NOT received funds from a payer and is sure that won’t receive those funds. This means that e.g. a payer has cancelled a payment or doesn’t have enough funds at a payment channel provider (e.g. bank) to execute the payment. For payout, refund and complaint types it means that the operation was cancelled - funds were refunded to a shop’s account ( For this operation additional accounting may be written but only those that are as a result of e.g. correction or correction incorrectly calculated. |
processing_realization_waiting (waiting for realization) |
Operation in this state expects execution, e.g. for payout operation it means a withdrawal request (manually by a merchant or by auto withdrawal mechanism). Operation in this state expects execution in “n” business days where “n” is specified in the agreement signed by a merchant. |
processing_realization (realisation) |
This status means start of withdrawal execution procedure, for payout type operation it means payout transfer to the merchant’s account, for refund type operation funds transfer to a payer’s account. If possible (e.g. card payment channels), instead of funds transfer, a refund is executed on a given channel. |
8. CHANGELOG¶
VERSION |
DATE |
CHANGES DESCRIPTION |
|---|---|---|
1.95.6.0 |
2023-06-05 |
logo change for the channel: 74 (Banki Spółdzielcze) |
1.94.1.0 |
2022-12-02 |
change of logo and name for channel: 76 ‘Getin Bank PBL’ to ‘VeloBank PBL’ remove channel 80 ‘Noble Pay’ |
1.93.1.0 |
2022-08-22 |
adding new IP addresses from which Dotpay can send notifications to merchants’ services |
1.90.2.2 |
2022-05-10 |
logo change for the channel: 70 (Pocztowy24) |
1.90.2.1 |
2022-04-27 |
logo change for the channel: 66 (Bank Nowy S.A.) |
1.90.1.1 |
2022-04-25 |
changed channels logo 246 (Payment cards via Payeezy) and 248 (Payment cards) logo change for the channel: 91 (Nest Bank) |
1.87.9.1 |
2022-01-05 |
name and logo change for the channel: 66 (Bank Nowy S.A.) |
1.86.1.1 |
2021-11-20 |
removed channel 81 ‘Idea Cloud’ |
1.84.3.1 |
2021-09-24 |
change of the amount range for the channel 95 ‘PayPo’ |
1.84.2.1 |
2021-09-17 |
removed channel 83 ‘EnveloBank’ |
1.81.8.1 |
2021-08-03 |
adding new IP addresses from which Dotpay can send notifications to merchants’ services |
1.79.20.1 |
2021-05-25 |
adding a new api version Change in the method of calculating the checksum used to verify the correctness of the data sent - Redirection parameters integrity protection (CHK) : changing the content of the displayed information using the parameters |
1.78.22.1 |
2021-04-26 |
adding an additional optional parameter to Receiving confirmation of the posted payment in Dotpay updating the list of available payment channels |
1.77.10.1 |
2021-02-22 |
changed channels logo: 71 ‘MasterPass’, 246, ‘Payment cards’, 248 (Payment cards) removed channel 35 ‘Kantor Polski’ |
1.75.7.1 |
2020-11-30 |
logo change for the channel: 1 (mTransfer) adding new values for removed channel 60 (Płacę z T-Mobile Usługi Bankowe’) |
1.74.2.1 |
2020-11-16 |
adding an additional optional parameter to URLC notification: add new channel group in |
1.73.13.1 |
2020-10-16 |
logo change for the channel: 50 (Pay Way Toyota Bank) |
1.72.3.1 |
2020-09-15 |
removed channel 21 ‘VIA - Moje Rachunki’ adding a new parameters adding data requirements sent in the parameter |
1.71.10.1 |
2020-08-18 |
removed channel 84 ‘Volkswagen Bank direct’ adding an additional optional parameter to URLC notification: |
1.70.0.1 |
2020-07-27 |
logo change for the channel 55 (Raty z Alior Bankiem) and channel 249 (Visa SRC) |
1.69.18.2 |
2020-06-26 |
changed channels logo and and provider name for 249 ‘Visa SRC’ (before: ‘Visa Checkout’) |
1.69.18.1 |
2020-06-19 |
logo change for the channel: 94 (Kupuj teraz, zapłać później) |
1.67.18.2 |
2020-04-22 |
removed channel 65 (Płacę z Idea Bank) |
1.67.18.1 |
2020-04-22 |
adding a new parameter adding data requirements sent in the parameter adding additional optional parameters to URLC CONFIRMATION: |
1.65.2.1 |
2020-02-11 |
changed channels logo and and provider name for 66 ‘Bank Nowy BFG S.A.’ (before: ‘Płacę z PBS’) |
1.62.2.1 |
2019-11-08 |
remove channels 48 (BNP Paribas – Płacę z Żółty), 88 (BNP Paribas dawni Klienci Raiffeisen), 56 (eurobank - płatność online) added channel 262 (Apple Pay) logo change for the channel 90 (BNP Paribas – płacę z Pl@net) extension of the added parameter |
1.60.16.1 |
2019-09-19 |
removed channel 33 (Volkswagen Bank) |
1.59.10.2 |
2019-08-12 |
adding a new parameter |
1.59.10.1 |
2019-07-12 |
logo change for the channel 51 (Płać z BOŚ) and channel 95 (PayPo) |
1.58.2.1 |
2019-06-10 |
changed channels logo and and provider name for 55 ‘Raty z Alior Bankiem’ (before: ‘erata - raty z dotpay’) |
1.58.0.2 |
2019-06-03 |
changed channels logo and and provider name for 93 ‘Kasa Stefczyka’ (before: ‘eSKOK’) adding a new Chapter: Security of payment integration; typographical corrections |
1.58.0.1 |
2019-05-23 |
typographical corrections |
1.56.14.1 |
2019-04-24 |
added new value for parameter |
1.56.11.3 |
2019-04-10 |
removed channel 72 (Płacę z Orange) added parameter |
1.56.11.2 |
2019-04-01 |
changed names and logos for channels: 32 (previously: BGŻ BNP Paribas), 48 (previously: R - Przelew), 88 (previously: Raiffeisen), 90 (previously: BGŻ BNP Paribas) added parameter |
1.56.11.1 |
2019-03-28 |
added channel 95 (PayPo) added channel 260 (Google Pay) added current channel list in xlsx file for download changed names and logos for channels: 32 (previously: BGŻ BNP Paribas), 48 (previously: R - Przelew), 88 (previously: Raiffeisen), 90 (previously: BGŻ BNP Paribas) |
1.55.8.1 |
2019-03-22 |
removed channel 31 (Zapłać w Żabce i we Freshmarket) removed channel 24 (mPay) |
1.55.7.1 |
2019-02-15 |
added new value for parameter added new value for parameter added new value for parameter removed alternative payment parameters names: |
1.53.5.1 |
2018-12-10 |
typographical corrections added parameter |
1.52.6.1 |
2018-11-13 |
removed channel 58 („Szybkie Płatności Internetowe z Deutsche Bank PBC”) added a regular expression for the parameter amount |
1.51.0.1 |
2018-10-03 |
added parameters in URLC notifications: |
1.50.11.1 |
2018-09-27 |
added channel 59 („CinkciarzPAY”) change of channel provider name from Volkswagen Bank Polska S.A. to Volkswagen Bank GmbH |
1.50.8.2 |
2018-09-07 |
logo change for the channel 6 (Przelew24) and channel 89 (BZWBK) |
1.50.8.1 |
2018-09-05 |
Newly created accounts now require changes in descriptions regarding verification of order amount and currency |
1.49.11.1 |
2018-06-26 |
added values
|
1.45.2.1 |
2018-03-30 |
changed name of section One-click payments to One-click and recurring payments added new parameters to the section mentioned above and included them in Redirection parameters integrity protection ( added new values for |
1.44.12.2 |
2018-03-08 |
added channel 93 (eSKOK) |
1.44.12.1 |
2018-02-20 |
logo change for the channel 48 (R-Przelew) and 246, 248 (Payment cards) |
1.44.10 |
2018-02-13 |
added new values for parameter added new values for parameter added exemplary cards to TEST ENVIRONMENT chapter |
1.39.2.1 |
2017-09-03 |
added channel 83 (EnveloBank) added channel 249 (Visa Checkout) changed channels logo 246 (Payment cards via Payeezy) and 248 (Payment cards) |
1.38.1.1 |
2017-08-21 |
added channel 15 (iPKO) |
1.37.3.3 |
2017-07-10 |
added parameter in URLC notifications: |
1.37.3.2 |
2017-06-28 |
added Masscollect subchapter |
1.37.3.1 |
2017-06-27 |
added Split payment (Multimerchant) subchapter added Multimerchant and Surcharge parameters to Redirection parameters integrity protection ( updated Faulty redirections from the merchant’s system subchapter added parameter |
1.36.10.1 |
2017-06-12 |
logo change for the channel 36 („Pekao24Przelew”) |
1.36.7.1 |
2017-06-01 |
added channel 90 (BGŻ BNP Paribas) added channel 91 (Nest Bank) added channel 92 (Bank Spółdzielczy w Brodnicy) added information about dowloading payment |
1.35.4.2 |
2017-04-05 |
added value UAH for parameter added channel 88 (Raiffeisen) added channel 89 (BZWBK) |
1.35.4.1 |
2017-03-28 |
removed kanału 18 (Przelew z BPH) |
1.34.9.3 |
2017-01-26 |
added parameter in URLC notifications: |
1.34.9.2 |
2017-01-11 |
added regular expressions changed channels logo: 71 („MasterPass”), 246 („Payment cards via Payeezy”), 248 (Payment cards) |
1.34.9.1 |
2017-01-02 |
removed channel 77 (FerBuy) removed value O – postponed payments from parameter |
1.33.4.2 |
2016-12-06 |
added channel 218 (paysafecard) |
1.33.4.1 |
2016-11-14 |
removed channel 27 (BGŻ) |
1.32.6.2 |
2016-11-07 |
added removed channel 63 (Płacę z IKO) |
1.32.6.1 |
2016-09-23 |
added channel 84 (Volkswagen Bank direct) added channel 86 (TrustPay) added channel 87 (Credit Agricole PBL) |
1.30.6.3 |
2016-06-22 |
added |
1.30.6.2 |
2016-06-17 |
typographical corrections added added new way of receiving test environment access (added registration link) |
1.30.6.1 |
2016-06-01 |
typographical corrections added One-click payments section added added value HASH_NOT_EQUAL_CHK for parameter |
1.29.11.1 |
2016-03-21 |
added chapter ADDITIONAL FEATURES added subchapter Redirection parameters integrity protection ( moved subchapter Faulty redirections from the merchant’s system to chapter ADDITIONAL FEATURES |
1.29.8.1 |
2016-02-26 |
added parameter added information about HTTPS verify and SSL certificate verify in II. RECEIVING PAYMENT CONFIRMATION (URLC CONFIRMATION) chapter added channel 82 (Przelew SEPA) added channel 248 (Payment cards) removed channel 64 (PeoPay) |
1.28.5.2 |
2016-01-07 |
added parameter added chapter ATTACHMENT II - OPERATION STATUSES DESCRIPTION |
1.28.5.1 |
2015-12-31 |
removed channel 79 (Open Pay) |
1.27.0.1 |
2015-11-10 |
removed channel 25 (Plus Bank) |
1.25.7.1 |
2015-10-30 |
removed channel 49 (MeritumBank) |
1.25.3.1 |
2015-10-22 |
removed channel 22 (Ukash) removed channel 43 (Bank Spółdzielczy we Wschowie) removed channel 62 (DNB Nord) |
1.25.1.1 |
2015-10-19 |
change of the main payment site (from https://ssl.dotpay.pl to https://ssl.dotpay.pl/t2/) removed channel 3 (MultiTransfer) |
1.24.9.1 |
2015-10-12 |
added channel 81 (Idea Cloud) |
1.23.13.3 |
2015-09-24 |
typographical corrections |
1.23.13.2 |
2015-08-20 |
removed channel 69 (V.me) |
1.23.13.1 |
2015-08-12 |
added channel 79 (Open Pay) added channel 80 (Noble Pay) removed channel 15 (iPKO) |
1.23.9.2 |
2015-07-30 |
removal of UNKNOWN_ACCOUNT value of |
1.23.9.1 |
2015-07-20 |
added channel 77 (FerBuy) |
1.22.9.1 |
2015-06-01 |
added channel 74 (Banki Spółdzielcze) added channel 75 (Płacę z Plus Bank) added channel 76 (Getin Bank PBL) removed channel 17 (Płacę z iPKONET) removed channel 57 (Getin Bank) added parameters |
1.20.9.2 |
2015-02-09 |
added channel 73 (BLIK) |
1.20.9.1 |
2015-01-14 |
removed channel 245 (MasterCard Mobile) added chapter CHANGE LOG. |
1.19.15.2 |
2014-12-12 |
added channel 72 (Płacę z Orange) |
1.19.15.1 |
2014-12-08 |
added channel 71 (MasterPass) |
1.18.5.4 |
2014-11-04 |
added channel 69 (V.me) |
1.18.5.3 |
2014-11-19 |
removed channels 14 (KB24) and 61 (Bank Pocztowy) |
1.18.5.2 |
2014-10-28 |
added channels 66 (Płacę z PBS ) and 70 (Pocztowy24) renamed channel 17 (from Płać z Nordea to Płacę z IPKOnet) added https://ssl.dotpay.pl/test_seller/ address to TEST ENVIRONMENT chapter |