This plugin facilitates selling of products and services on any public page
of a WordPress website, and accepting credit card payments for these
products and services via the Stripe payment processor.
Because this plugin facilitates credit card payment processing specifically
via Stripe, it is able to leverage the main security feature of that service,
in that the credit card numbers are sent to the Stripe servers directly via
their Checkout API, and never to the server running the website. Because
the credit card numbers are physically absent from the website server, the
operators of the website server are not subject to various government
regulations that might have otherwise come into effect had their server
indeed stored credit card numbers. And obviously, even if the website
server or its storage get compromised by criminals, there simply would not
be any credit card numbers for them to steal.
The way this plugin is used, is that first, the administrators specify which
products and services are being sold, their descriptions, prices, etc. by
inserting special shortcodes with that information directly into the pages
and posts on which they want to render the user payment buttons for these
sales. When site visitors load these pages, they see the associated payment
buttons, clicking on which opens payment entry forms. Submitting a payment
creates a “pending transaction”, details of which can be automatically
emailed to the site operator(s). For each pending transaction, site
administrators can click a special “Charge” button on the plugin’s admin
page to charge that transaction via Stripe. This creates a record for the
customer and the charge on the Stripe servers, from which point the
transaction can be administered via the Stripe website as any other Stripe
Stripe test transactions are also supported. These are transactions in
which no actual real credit card gets charged.
Currently only USD are supported.
Technical summary and special considerations:
Initially, buyer identity, stored partially on the website server, is tied
to their credit card number stored entirely on Stripe servers, via a special
“Stripe Token”, which is obtained directly from Stripe, via the plugin’s
Plugin relies on special server-side PHP library stripe-php to communicate
with the Stripe servers to direct them to charge credit cards. This PHP
library in turn relies on PHP cURL support enabled on the server. The
plugin will check if this support is enabled, and will issue admin dashboard
notification if it is not, which will also give advise on how to enable it.
If website administrators wish to enable automatic email notifications, they
would need to insure that a Mail Transfer Agent (MTA) is properly configured
on their website server. Even when the MTA is properly configured, the
email notifications are still likely to get filtered by SPAM filters, so
adjustment of SPAM filters might also be needed.
- PHP version >= 5.4
- PHP cURL support enabled (Install module ‘php-curl’ on Debian / Ubuntu)
- PHP multibyte string support enabled (Install module ‘mb-string’ on Debian / Ubuntu)
- Proper Mail Transfer Agent (MTA) configuration for notification emails.
Official project URLs: