hi chap, this code will work fine, but it has got some security flaws, as you can see your URL it contains &amount in query string. this is also visible to user. so user can easily change this on the go. it will be like user has paid 10 bucks and can get the recharge of 100 bucks.
Better to follow below approach.
Save the users recharge request in your DB and get the UniqueId to identify that request.
Check that bookingId is not processed earlier.
Now when payment is confirmed then redirect user to BookingConfirmation page with UniqueId
in query string. Now you can get the booking request from this uniqueId and call the API's BookingConfirmation method and update the bookingrequest as processed.
This will avoid the security flaw.
PaymentPage
MakePayment(long bookingId)
{
Response.Redirect("BookingConfirmation?bookingId"+bookingId);
}
BookingConfirmation page
ConfirmBooking()
{
var bookingId = Request.QueryString["bookingId"];
var bookingRequest = GetBookingDetail(bookingId);
ThirdPatryAPI.bookingConfirm(bookingRequest.mobileNo,...);
}