Sample code
This page is a central index of ready-to-use code snippets and SDK references for integrating with the BBMSL Online Payment API. Each sample demonstrates how to sign and submit an API request.
tip
All samples target the testing environment (https://payapi.sit.bbmsl.com). Switch the base URL to the production endpoint before going live. See Test Details for sandbox credentials.
Available samples
| Platform / language | Coverage |
|---|---|
| Android app | Full demo application for mobile SDK integration |
| PHP | Hosted checkout session creation (/hosted-checkout/create) |
Android app
For merchants integrating via a mobile app, a demo application with sample code is available on GitHub. Follow the setup instructions in the repository README.
PHP
The snippet below shows how to sign and submit a request to create a Hosted Model checkout session. For the full parameter reference, see Create a checkout session.
hosted-checkout-sample.php
<?php
$info = pathinfo($_SERVER['PHP_SELF']);
const YOUR_DOMAIN = "https://{YOUR_DOMAIN}.com/";
// Change your test merchant ID here
$merchantId = '{MERCHANT_ID}';
// Testing environment
$payment_url = 'https://payapi.sit.bbmsl.com';
$url_fail = YOUR_DOMAIN.'test_bbmsl_fail.php';
$url_success = YOUR_DOMAIN.'test_bbmsl_success.php';
$url_cancel = YOUR_DOMAIN.'test_bbmsl_cancel.php';
$url_notify = YOUR_DOMAIN.'test_bbmsl_notify.php';
$merchant_ref = 'merchantRef'.date('YmdHis');
$quantity = 1;
$amount = 10;
$product_name = 'Book';
$arr_request = array(
'merchantId' => $merchantId,
'amount' => $amount,
'isRecurring'=> 0,
'callbackUrl' => array(
"fail" => $url_fail,
"success" => $url_success,
"cancel" => $url_cancel,
),
'merchantReference' => $merchant_ref,
"lineItems" => array(
array(
"quantity" => $quantity,
'priceData' => array(
"unitAmount" => $amount,
"name" => $product_name
)
)
),
);
$request_content = json_encode($arr_request, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
// 1. if you put your key in the code
$privateKey = "YOUR_PRIVATE_KEY";
$privateKeyPem = "-----BEGIN RSA PRIVATE KEY-----\n" . wordwrap($privateKey, 64, "\n", true). "\n-----END RSA PRIVATE KEY-----";
$key = openssl_get_privatekey($privateKeyPem);
// 2. if you include the .pem file
$key = openssl_pkey_get_private(file_get_contents('./key.pem'));
if (!$key) {
echo "Invalid key format".PHP_EOL;
exit;
}
echo '==========================='.PHP_EOL;
echo 'sign request'.PHP_EOL;
echo '==========================='.PHP_EOL;
openssl_sign($request_content, $encrypted, $key, OPENSSL_ALGO_SHA256);
$signature = base64_encode($encrypted);
$url = $payment_url.'/hosted-checkout/create';
// Create a new cURL resource
$ch = curl_init($url);
echo '===========================';
echo PHP_EOL;
echo 'request for signature';
echo PHP_EOL;
echo '===========================';
echo PHP_EOL;
echo $request_content;
echo PHP_EOL;
echo '===========================';
echo PHP_EOL;
echo 'signature';
echo PHP_EOL;
echo '===========================';
echo PHP_EOL;
echo $signature;
$arr_payload = array(
"request" => $request_content,
'signature' => $signature
);
$payload = json_encode($arr_payload, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
echo PHP_EOL;
echo "URL: ".$url ;
echo PHP_EOL;
echo "Request:".$payload;
echo PHP_EOL;
// Attach encoded JSON string to the POST fields
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
// Set the content type to application/json
curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json'));
// Return response instead of outputting
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, 1);
// Execute the POST request
$result = curl_exec($ch);
// Get the POST request header status
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
// Close cURL resource
curl_close($ch);
// if you need to process the response from the API further
$response = json_decode($result, true);
echo "Response: " . $result;
?>