Skip to content
Branch: master
Find file History
Latest commit c708920 Jul 4, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.

Getting Started

Download the php folder from the above repository.You can refer here to download a single folder from the repository.

Extract the downloaded zip file and place it in the root directory of your web server. In linux if the root directory is /var/www/html (the copied folder should then look like /var/www/html/php/). In wndows if you installed WAMP to c:\wamp then your webserver root directory would be c:\wamp\www.


1)Apache web server
2)Php 7.0

How to start

Below we describe the PHP integration for Cashfree PG. You'll need Cashfree credentials for this setup to work. You can access the credentials from the merchant dashboard (API access > credentials) here.

Step 1

  • Open the file request.php, and update the value of the variable $mode to "TEST"(for testing) or "PROD"(for production) depending on your environment.

  • Update the variable $secretKey with the correct value for the mode you have selected in request.php and response.php files.

Step 2

  • Visit localhost/php/start.php in the browser, fill in the details as required, set the returnUrl as localhost/php/response.php and click Submit.

  • Once the payment page loads, enter the following card details for testing purpose.

Card Number : 4111 1111 1111 1111
CVV : 123

You can enter any name, month and year for card expiration. For more details around test cards, see Test Data.

Step 3

  • Once you've entered the details you will be redirected to the Cashfree PG Simulator page. Here you can simulate either a failed or a successful transaction. You will then be redirected to the returnUrl(given in step 2) with the transaction details.


  • In the file request.php, please make sure that you are using the correct integration mode.
  • Give a valid returnUrl, since all the transaction details will be sent to it.
  • It is imperative that you process the response correctly to prevent any fraud on your website.

More Details

To start integrating in production you just need to change the $mode in request.php to "PROD" and get the production credentials from (API access > credentials) here. Also update the variable $secretkey in request.php and response.php files.


This file collects the required details for processing a payment request. You can easily modify and integrate it in your website. Note that the form action should be as "request.php".

      <form id="redirectForm" method="post" action="request.php">


This file receives the request from start.php and generates the correct PG details to send over to Cashfree. This includes a signature variable which is used to authenticate each request. The following code is used to generate the signature from the provided details.

$secretKey = "<YOUR_SECRET_KEY_HERE>";
  $postData = array( 
  "appId" => $appId, 
  "orderId" => $orderId, 
  "orderAmount" => $orderAmount, 
  "orderCurrency" => $orderCurrency, 
  "orderNote" => $orderNote, 
  "customerName" => $customerName, 
  "customerPhone" => $customerPhone, 
  "customerEmail" => $customerEmail,
  "returnUrl" => $returnUrl, 
  "notifyUrl" => $notifyUrl,
$signatureData = "";
foreach ($postData as $key => $value){
    $signatureData .= $key.$value;
$signature = hash_hmac('sha256', $signatureData, $secretKey,true);
$signature = base64_encode($signature);

If the signature matches with signature generated by us you will be allowed to proceed to the gateway. We will send the transaction response to the returnUrl provided by you in the request.


Here we collect the transaction details, verify that they are valid and have been received from Cashfree. See below code to understand how this verification is done.

     $secretkey = "<YOUR_SECRET_KEY_HERE>";
     $orderId = $_POST["orderId"];
     $orderAmount = $_POST["orderAmount"];
     $referenceId = $_POST["referenceId"];
     $txStatus = $_POST["txStatus"];
     $paymentMode = $_POST["paymentMode"];
     $txMsg = $_POST["txMsg"];
     $txTime = $_POST["txTime"];
     $signature = $_POST["signature"];
     $data = $orderId.$orderAmount.$referenceId.$txStatus.$paymentMode.$txMsg.$txTime;
     $hash_hmac = hash_hmac('sha256', $data, $secretkey, true) ;
     $computedSignature = base64_encode($hash_hmac);

Once the verification succeeds we display the transaction details.


For further queries reach us at

You can’t perform that action at this time.