function build_mysign($sort_array, $security_code, $sign_type = "MD5")
{
$prestr = create_linkstring($sort_array);
$prestr = $prestr . $security_code;
$mysgin = sign($prestr, $sign_type);
return $mysgin;
}
function notify_verify() {
//获取远程服务器ATN结果,验证是否是支付宝服务器发来的请求
if($this->transport == "https") {
$veryfy_url = $this->gateway. "service=notify_verify" ."&partner=" .$this->partner. "¬ify_id=".$_POST["notify_id"];
} else {
$veryfy_url = $this->gateway. "partner=".$this->partner."¬ify_id=".$_POST["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
//生成签名结果
if(empty($_POST)) { //判断POST来的数组是否为空
return false;
}
else {
$post = para_filter($_POST); //对所有POST返回的参数去空
$sort_post = arg_sort($post); //对所有POST反馈回来的数据排序
$this->mysign = build_mysign($sort_post,$this->_key,$this->sign_type); //生成签名结果
//写日志记录
log_result("veryfy_result=".$veryfy_result."\n notify_url_log:sign=".$_POST["sign"]."&mysign=".$this->mysign.",".create_linkstring($sort_post));
//判断veryfy_result是否为ture,生成的签名结果mysign与获得的签名结果sign是否一致
//$veryfy_result的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关
//mysign与sign不等,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关
if (preg_match("/true$/i",$veryfy_result) && $this->mysign == $_POST["sign"]) {
return true;
} else {
return false;
}
}
}
function build_mysign($sort_array, $key, $sign_type = "MD5")
{
$prestr = create_linkstring($sort_array);
$prestr = $prestr . $key;
log_result("sign : " . $prestr);
$mysgin = sign($prestr, $sign_type);
return $mysgin;
}
function build_mysign($sort_array)
{
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = create_linkstring($sort_array);
//调用RSA签名方法
$mysgin = sign($prestr);
return $mysgin;
}
function build_mysign($sort_array, $key, $sign_type = "MD5")
{
$prestr = create_linkstring($sort_array);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = $prestr . $key;
//把拼接后的字符串再与安全校验码直接连接起来
$mysgin = sign($prestr, $sign_type);
//把最终的字符串签名,获得签名结果
return $mysgin;
}
/**
* 调用alipay_Wap_Auth_AuthAndExecute接口
*/
function alipay_Wap_Auth_AuthAndExecute($parameter, $key)
{
$this->parameter = para_filter($parameter);
$sort_array = arg_sort($this->parameter);
$this->sign_type = $this->parameter['sec_id'];
$this->_key = $key;
$this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type);
$RedirectUrl = $this->gateway_order . create_linkstring($this->parameter) . '&sign=' . urlencode($this->mysign);
return $RedirectUrl;
// 跳转至该地址
//Header ( "Location: $RedirectUrl" );
}
function return_verify()
{
if ($this->transport == "https") {
$veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
} else {
$veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
if (empty($_GET)) {
return false;
} else {
$get = para_filter($_GET);
$sort_get = arg_sort($get);
$this->mysign = build_mysign($sort_get, $this->security_code, $this->sign_type);
log_result("veryfy_result=" . $veryfy_result . "\n return_url_log:sign=" . $_GET["sign"] . "&mysign=" . $this->mysign . "&" . create_linkstring($sort_get));
if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
function notify_verify()
{
if (isset($_POST['notify_id'])) {
$notify_id = $_POST['notify_id'];
} else {
$notify_id = '';
}
if ($this->transport == "https") {
$veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $notify_id;
} else {
$veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $notify_id;
}
$veryfy_result = $this->get_verify($veryfy_url);
log_result("Aplipay veryfy - veryfy_url = " . $veryfy_url);
if (empty($_POST)) {
log_result("Aplipay veryfy - empty(post)");
return false;
} else {
$post = para_filter($_POST);
//������POST���صIJ���ȥ��
$sort_post = arg_sort($post);
//������POST�����������������
log_result("Aplipay veryfy build_mysign - key = " . $this->_key . " sign_type" . $this->sign_type);
$this->mysign = build_mysign($sort_post, $this->_key, $this->sign_type);
//���ǩ����
//д��־��¼
log_result("veryfy_result=" . $veryfy_result . "\n notify_url_log:sign=" . $_POST['sign'] . "&mysign=" . $this->mysign . "," . create_linkstring($sort_post));
//�ж�veryfy_result�Ƿ�Ϊture����ɵ�ǩ����mysign���õ�ǩ����sign�Ƿ�һ��
//$veryfy_result�Ľ����true����������������⡢���������ID��notify_idһ����ʧЧ�й�
//mysign��sign���ȣ��밲ȫУ���롢����ʱ�IJ����ʽ���磺���Զ������ȣ��������ʽ�й�
if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_POST['sign']) {
return true;
} else {
return false;
}
}
}
private function buildRequestLinkData($parameter)
{
$paramArray = para_filter($parameter);
// 除去数组中的空值和签名参数
$sort_array = arg_sort($paramArray);
// 得到从字母a到z排序后的签名参数数组
// 生成签名
$calcSign = build_mysign($sort_array, $this->partnerKey, $this->configSecId);
return create_linkstring($paramArray) . '&sign=' . urlencode($calcSign);
}
function return_verify()
{
//判断GET来的数组是否为空
if (empty($_GET)) {
return false;
} else {
//对所有GET反馈回来的数据去空
$get = para_filter($_GET);
//对所有GET反馈回来的数据排序
$sort_get = arg_sort($get);
//获取返回的sign
$sign = $_GET["sign"];
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = create_linkstring($sort_get);
//返回验签bool值
return verify($prestr, $sign);
}
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
function getToken($result)
{
//URL转码
$result = urldecode($result);
//根据 & 符号拆分
$Arr = explode('&', $result);
//临时存放拆分的数组
$temp = array();
//待签名的数组
$myArray = array();
//循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
//需要先解密res_data
$myArray['res_data'] = decrypt($myArray['res_data']);
//获取返回的RSA签名
$sign = $myArray['sign'];
//去sign,去空值参数
$myArray = para_filter($myArray);
//排序数组
$sort_array = arg_sort($myArray);
//拼凑参数链接 & 连接
$prestr = create_linkstring($sort_array);
//返回布尔值,是否验签通过
$isverify = verify($prestr, $sign);
//判断签名是否正确
if ($isverify) {
//返回token
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
} else {
//当判断出签名不正确,请不要验签通过
return '签名不正确';
}
}
