Implement Backend
Once Collect.js tokenizes the card, your server receives a payment_token and submits it to the CyoGate API to process the payment.
PHP Example
<?php
$post = array(
'security_key' => YOUR_PRIVATE_KEY,
'type' => 'sale',
'amount' => '29.99',
'payment_token' => $_POST['payment_token'],
'order_id' => 'ORDER-' . time(),
'firstname' => $_POST['firstname'] ?? '',
'lastname' => $_POST['lastname'] ?? '',
'email' => $_POST['email'] ?? '',
);
$ch = curl_init('https://secure.cyogate.net/api/transact.php');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
$response = curl_exec($ch); curl_close($ch);
parse_str($response, $result);
if ($result['response'] == '1') {
// Approved
echo json_encode(['success' => true, 'txid' => $result['transactionid']]);
} else {
echo json_encode(['success' => false, 'message' => $result['responsetext']]);
}
?>Python Example
import requests
from urllib.parse import parse_qs
payload = {
'security_key': PRIVATE_KEY,
'type': 'sale',
'amount': f'{amount:.2f}',
'payment_token': payment_token,
'order_id': order_id,
}
response = requests.post('https://secure.cyogate.net/api/transact.php', data=payload, timeout=30)
result = {k: v[0] for k, v in parse_qs(response.text).items()}Response Codes
| response | Meaning | Action |
|---|---|---|
1 | Approved | Fulfill the order |
2 | Declined | Show decline message |
3 | Error | Log error, show generic message |
Never expose your Private API Key in frontend JavaScript — all calls using the Private Key must be server-side.