/** * 针对notify_url验证消息是否是支付宝发出的合法消息 * * @return 验证结果 */ function verifyNotify() { if (empty($_POST)) { //判断POST来的数组是否为空 return false; } else { //生成签名结果 $isSign = $this->getSignVeryfy($_POST, $_POST["sign"]); //获取支付宝远程服务器ATN结果(验证是否是支付宝发来的消息) $responseTxt = 'true'; if (!empty($_POST["notify_id"])) { $responseTxt = $this->getResponse($_POST["notify_id"]); } //验证 //$responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //isSign的结果不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if (preg_match("/true\$/i", $responseTxt) && $isSign) { return true; } //失败,写日志记录 if ($isSign) { $isSignStr = 'true'; } else { $isSignStr = 'false'; } $log_text = "Alipay responseTxt=" . $responseTxt . " notify_url_log:isSign=" . $isSignStr . ","; $log_text = $log_text . createLinkString($_POST); printLog($log_text, 'PAYMENT', Base::ERROR); return false; } }
/** * 针对notify_url验证消息是否是支付宝发出的合法消息 * @return 验证结果 */ function verifyNotify() { if (empty($_POST)) { //判断POST来的数组是否为空 return false; } else { //生成签名结果 $mysign = $this->getMysign($_POST); //获取支付宝远程服务器ATN结果(验证是否是支付宝发来的消息) $responseTxt = 'true'; if (!empty($_POST["notify_id"])) { $responseTxt = $this->getResponse($_POST["notify_id"]); } //写日志记录 $log_text = "responseTxt=" . $responseTxt . "\n notify_url_log:sign=" . $_POST["sign"] . "&mysign=" . $mysign . ","; $log_text = $log_text . createLinkString($_POST); logResult($log_text); //验证 //$responseTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //mysign与sign不等,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if (preg_match("/true\$/i", $responseTxt) && $mysign == $_POST["sign"]) { return true; } else { return false; } } }
/** * 验签 * * @param String $params_str * @param String $signature_str */ function verify($params) { global $log; // 公钥 $public_key = getPulbicKeyByCertId($params['certId']); // echo $public_key.'<br/>'; // 签名串 $signature_str = $params['signature']; unset($params['signature']); $params_str = createLinkString($params, true, false); $log->LogInfo('报文去[signature] key=val&串>' . $params_str); $signature = base64_decode($signature_str); // echo date('Y-m-d',time()); $params_sha1x16 = sha1($params_str, FALSE); $log->LogInfo('摘要shax16>' . $params_sha1x16); $isSuccess = openssl_verify($params_sha1x16, $signature, $public_key, OPENSSL_ALGO_SHA1); $log->LogInfo($isSuccess ? '验签成功' : '验签失败'); return $isSuccess; }
function verifyNotify() { if (empty($_POST)) { return false; } else { $mysign = $this->getMysign($_POST); $responseTxt = 'true'; if (!empty($_POST["notify_id"])) { $responseTxt = $this->getResponse($_POST["notify_id"]); } $log_text = "responseTxt=" . $responseTxt . "\n notify_url_log:sign=" . $_POST["sign"] . "&mysign=" . $mysign . ","; $log_text = $log_text . createLinkString($_POST); logResult($log_text); if (preg_match("/true\$/i", $responseTxt) && $mysign == $_POST["sign"]) { return true; } else { return false; } } }
/** * 根据请求参数,生成请求参数的签名 * * @param $params <Array> 该数组是已经经过ksort之后的请求参数数组,而不是原始请求参数数组 * @return <String> 签名结果 * 未考虑参数中空格被编码成加号“+”等情况 */ function buildRequestSign($params) { $paramStr = createLinkString($params); $result = ""; switch (strtoupper(trim($this->config['sign_type']))) { case "MD5": $result = md5($paramStr . $this->config['key']); break; case "RSA": case "0001": $priKey = file_get_contents($this->config['private_key_path']); $res = openssl_get_privatekey($priKey); openssl_sign($paramStr, $sign, $res); openssl_free_key($res); //base64编码 $result = base64_encode($sign); break; default: $result = ""; } return $result; }
/** * 针对return_url验证消息是否是支付宝发出的合法消息 * @return 验证结果 */ function verifyReturn() { if (empty($_GET)) { //判断GET来的数组是否为空 return false; } else { //生成签名结果 $isSign = $this->getSignVeryfy($_GET, $_GET["sign"], true); //写日志记录 if ($isSign) { $isSignStr = 'true'; } else { $isSignStr = 'false'; } $log_text = "return_url_log:isSign=" . $isSignStr . ","; $log_text = $log_text . createLinkString($_GET); logResult($log_text); //验证 //$responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //isSign的结果不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if ($isSign) { return true; } else { return false; } } }
/** * 针对return_url验证消息是否是支付宝发出的合法消息 * @return 验证结果 */ function verifyReturn() { if (empty($_GET)) { //判断POST来的数组是否为空 return false; } else { //var_dump($_GET); //生成签名结果 $isSign = $this->getSignVeryfy($_GET, $_GET["sign"]); //获取支付宝远程服务器ATN结果(验证是否是支付宝发来的消息) $responseTxt = 'true'; if (!empty($_GET["notify_id"])) { $responseTxt = $this->getResponse($_GET["notify_id"]); } //写日志记录 if ($isSign) { $isSignStr = 'true'; } else { $isSignStr = 'false'; } $log_text = "responseTxt=" . $responseTxt . "\n return_url_log:isSign=" . $isSignStr . ","; $log_text = $log_text . createLinkString($_GET); // var_dump($log_text); // logResult($log_text); //验证 //$responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //isSign的结果不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if (preg_match("/true\$/i", $responseTxt) && $isSign) { return true; } else { return false; } } }
/** * map转换string,按新规范加密 * * @param * $customerInfo */ static function getCustomerInfoWithEncrypt($customerInfo) { if ($customerInfo == null || count($customerInfo) == 0) { return ""; } $encryptedInfo = array(); foreach ($customerInfo as $key => $value) { if ($key == 'phoneNo' || $key == 'cvn2' || $key == 'expired') { //if ($key == 'phoneNo' || $key == 'cvn2' || $key == 'expired' || $key == 'certifTp' || $key == 'certifId') { $encryptedInfo[$key] = $customerInfo[$key]; unset($customerInfo[$key]); } } if (count($encryptedInfo) > 0) { $encryptedInfo = createLinkString($encryptedInfo, false, false); $encryptedInfo = AcpService::encryptData($encryptedInfo, SDK_ENCRYPT_CERT_PATH); $customerInfo['encryptedInfo'] = $encryptedInfo; } return base64_encode("{" . createLinkString($customerInfo, false, false) . "}"); }
function getParams4($memberId, $TerminalID, $key, $orderMoney, $transId, $returnUrl) { $pageUrl = ""; $payId = "4010001"; $tradeDate = date('YmdHis'); $noticeType = "0"; $keyType = "1"; $commodityAmount = "1"; $interfaceVersion = "4.0"; $temp = $memberId . "|" . $payId . '|' . $tradeDate . '|' . $transId . '|' . $orderMoney . '|' . $pageUrl . '|' . $returnUrl . '|' . $noticeType . '|' . $key; $signature = md5($temp); $commodityName = urlencode("宝付测试商品"); //需URL编码 $userName = urlencode("baofoo"); //需URL编码 $AdditionalInfo = urlencode("附加信息"); //需URL编码 $pageUrl = urlencode($pageUrl); // 页面通知地址 ,需URL编码 $returnUrl = urlencode($returnUrl); // 服务器通知地址 ,需URL编码 $req = array(); $req["PayID"] = $payId; $req["MemberID"] = $memberId; $req["TerminalID"] = $TerminalID; $req["TradeDate"] = $tradeDate; $req["OrderMoney"] = $orderMoney; $req["TransId"] = $transId; $req["ReturnUrl"] = $returnUrl; $req["PageUrl"] = $pageUrl; $req["KeyType"] = $keyType; $req["Signature"] = $signature; $req["CommodityName"] = $commodityName; $req["CommodityAmount"] = $commodityAmount; $req["UserName"] = $userName; $req["AdditionalInfo"] = $AdditionalInfo; $req["InterfaceVersion"] = $interfaceVersion; $req["noticeType"] = $noticeType; $s = createLinkString($req, false); return $s; }
/** * 打印请求应答 * * @param * $url * @param * $req * @param * $resp */ function printResult($url, $req, $resp) { echo "=============<br>\n"; echo "地址:" . $url . "<br>\n"; echo "请求:" . str_replace("\n", "\n<br>", htmlentities(createLinkString($req, false, true))) . "<br>\n"; echo "应答:" . str_replace("\n", "\n<br>", htmlentities($resp)) . "<br>\n"; echo "=============<br>\n"; }