PHP Payments no longer working

So I developed a payment app for a client, for their website, and everything was working fine. They launched the site a couple weeks ago and have taken thousands of dollars’ worth of payments.

But all of a sudden, a day or two ago, the Pay With Card button now does nothing when clicked. It used to send the request, parse the result, and then launch the appropriate business logic on our end to update our database.

Now, all I have is a dead button. And I did not touch any of this code since launch.

Here is the console error in my browser when I click the button:

Error: SyntaxError: Unexpected token < in JSON at position 0

(anonymous) @ square.js:1
window.createPayment @ sq-payment-flow_new3.js:53
async function (async)
window.createPayment @ sq-payment-flow_new3.js:30
eventHandler @ sq-card-pay.js:23
async function (async)
eventHandler @ sq-card-pay.js:20
r @ square.js:1

Any ideas? This is very frustrating, as this was all working fine.

Am using the PHP Payments example found on Github. At first it did not work, but after posting on the forum the Square Devs fixed the code and it worked fine. But now it doesn’t any more.

Was something deprecated in the last few days or something? I would like this solution to be pretty permanent, the client will not always have me available to troubleshoot things like this. This was supposed to be a canned delivered application, not something I have to update every few weeks.

Any advice would be appreciated, thanks!

Nothing has been changed that would have disabled the payment that I’m aware of. Do you have the link to the site and what is the application Id that is being used?

Application ID is:


The site requires login to do a purchase, I PM’d you some credentials.

Here is a newly built standalone test, pointing to our sandbox instead of production. This also fails in the same way:

In the API Logs, I can see Location requests but that’s it.

This is taken directly from your code samples on GitHub (PHP Payment sample). I really believe this is something at your end, since I can confirm that all of this code used to work and now even this standalone implementation (completely disconnected from my code) is also failing.

Please help ASAP, we have an unhappy client :frowning:

@westonp688 It looks like when submitting the payment there isn’t any call to generate the source_id that is passed to the payment request. Was anything changed on button click? I just tried with the example and it’s working as expected.

OK I think I see the issue, but do not know how to solve it…

Basically, my version of the payment form code is slightly altered - it includes a call to initialize the PHP Session (so it can have access to the money amount, which is saved in session after the user picks the amount from a drop down on the previous page).

But this call to include my session code was not an issue until 3 days ago. Now, if I take that line out, the payment will run, but if I leave it in there I get this failure (Error: SyntaxError: Unexpected token < in JSON at position 0).

So, what changed? I should be able to insert this one line to call my session, it should not affect the payment form, it did not before, now it does. I changed nothing at my end. PHP version was not changed on my server or anything. Odd.

So, I can get my form working again, but it cannot accept an incoming session variable (which is the dollar amount, which is kind of important to have for the payment form). Your payment example in GitHub only includes a hard-coded amount, so I had to adapt my own solution. Easiest way was to just put the dollar amount into a session variable, then access that variable when the payment form loads.

The process-payment.php file is called through a POST command in the JS script, so I could not see any other way of passing this session variable to the payment form other than to include the call to initiailize the session. If I do not include that call, I don’t get access to the session variables.


Here is the process-payment.php file, with my additions, which used to work fine but now breaks when you click the payment button (nothing happens, error in console):



// This file loads at top of every page in my site
// It initializes the session and allows session variables to be stored when user logs in
// I have to include it here because this process-payment.php script is called through a POST
// (and thus does not have access to the session variables on the rest of my page)

// This variable is the dollar amount from session:
$money_var = intval($_SESSION['square_total']);


// Original Hard-coded amount (for testing)
//$money_var = 100;

// Note this line needs to change if you don't use Composer:
// require('square-php-sdk/autoload.php');
require 'vendor/autoload.php';
include 'utils/location-info.php';

use Dotenv\Dotenv;
use Square\SquareClient;
use Square\Models\Money;
use Square\Models\CreatePaymentRequest;
use Square\Exceptions\ApiException;
use Ramsey\Uuid\Uuid;

// dotenv is used to read from the '.env' file created for credentials
$dotenv = Dotenv::create(__DIR__);

  error_log('Received a non-POST request');
  echo 'Request not allowed';

$json = file_get_contents('php://input');
$data = json_decode($json);
$token = $data->token;

$square_client = new SquareClient([
  'accessToken' => getenv('SQUARE_ACCESS_TOKEN'),
  'environment' => getenv('ENVIRONMENT')

$payments_api = $square_client->getPaymentsApi();

// To learn more about splitting payments with additional recipients,
// see the Payments API documentation on our [developer site]
// (

$money = new Money();
// Monetary amounts are specified in the smallest unit of the applicable currency.
// This amount is in cents. It's also hard-coded for $1.00, which isn't very useful.
// Set currency to the currency for the location

try {
// Every payment you process with the SDK must have a unique idempotency key.
// If you're unsure whether a particular payment succeeded, you can reattempt
// it with the same idempotency key without worrying about double charging
// the buyer.
  $create_payment_request = new CreatePaymentRequest($token, Uuid::uuid4(), $money);

  $response = $payments_api->createPayment($create_payment_request);

  if ($response->isSuccess()) {
    echo json_encode($response->getResult());
  } else {
    echo json_encode(array('errors' => $response->getErrors()));
} catch (ApiException $e) {
  echo json_encode(array('errors' => $e));

Hmm, I just made one small change to this, instead of calling my session code through an include file, I just put this single command at the top:


Now, the payment form is working again. So weird.

I will count this as a win and leave it at that. I don’t see what is in my session include file that would break this, it was not changed as far as I can see. But whatever, am happy to see this working again!


If this is an card_present PaymentMethod, this hash contains details about the Card Present payment method. Hide child attributes. No attributes.