function getSignVeryfy($para_temp, $sign, $isSort)
{
$para = paraFilter($para_temp);
if ($isSort) {
$para = argSort($para);
} else {
$para = $this->sortNotifyPara($para);
}
$prestr = createLinkstring($para);
$isSgin = false;
switch (strtoupper(trim($this->alipay_config['sign_type']))) {
case "MD5":
$isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']);
break;
case "RSA":
$isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign);
break;
case "0001":
$isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign);
break;
default:
$isSgin = false;
}
return $isSgin;
}
function getMysign($para_temp)
{
$para_filter = paraFilter($para_temp);
$para_sort = argSort($para_filter);
$mysign = buildMysign($para_sort, trim($this->aliapy_config['key']), strtoupper(trim($this->aliapy_config['sign_type'])));
return $mysign;
}
/**
* 生成要请求给支付宝的参数数组
* @param $para_temp 请求前的参数数组
* @return 要请求的参数数组
*/
public function buildRequestPara($para_temp)
{
if (strtoupper(trim($this->alipay_config['sign_type'])) == 'RSA') {
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp, 2);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = $this->buildRequestMysign($para_sort);
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
//20161124 使用最官方的新sdk注意:sign_type字段需要参加签名 生成的签名不要urlencode 放在数组里再进行urlencode
} elseif (strtoupper(trim($this->alipay_config['sign_type'])) == 'MD5') {
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = $this->buildRequestMysign($para_sort);
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type']));
}
return $para_sort;
}
function resultFilter($array)
{
$list = array();
foreach ($array as $row) {
array_push($list, paraFilter($row));
}
return $list;
}
function buildRequestPara($para_temp, $aliapy_config)
{
$para_filter = paraFilter($para_temp);
$para_sort = argSort($para_filter);
$mysign = buildMysign($para_sort, trim($aliapy_config['key']), strtoupper(trim($aliapy_config['sign_type'])));
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($aliapy_config['sign_type']));
return $para_sort;
}
function buildRequestPara($para_temp)
{
$para_filter = paraFilter($para_temp);
$para_sort = argSort($para_filter);
$mysign = $this->buildRequestMysign($para_sort);
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type']));
return $para_sort;
}
/**
* 生成要请求的参数数组
* @param $para_temp 请求前的参数数组
* @return 要请求的参数数组
*/
public function buildRequestPara($para_temp)
{
//除去待签名参数数组中的空值
$para = paraFilter($para_temp);
//生成签名结果
$mysign = $this->buildRequestMysign($para);
//--------这里保留了空值参数--------
//签名结果与签名方式加入请求提交参数组中
$para_temp['signMsg'] = $mysign;
return $para_temp;
}
function buildRequestPara($para_temp)
{
$para_filter = paraFilter($para_temp);
$para_sort = argSort($para_filter);
$mysign = $this->buildRequestMysign($para_sort);
$para_sort['sign'] = $mysign;
if ($para_sort['service'] != 'alipay.wap.trade.create.direct' && $para_sort['service'] != 'alipay.wap.auth.authAndExecute') {
$para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type']));
}
return $para_sort;
}
/**
* 生成要请求给集付宝的参数数组
* @param $para_temp 请求前的参数数组
* @return 要请求的参数数组
*/
function buildRequestPara($para_temp)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = $this->buildRequestMysign($para_sort);
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
return $para_sort;
}
/**
* 生成要请求给支付宝的参数数组
* @param $para_temp 请求前的参数数组
* @param $aliapy_config 基本配置信息数组
* @return 要请求的参数数组
*/
function buildRequestPara($para_temp, $aliapy_config)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = buildMysign($para_sort, trim($aliapy_config['key']), strtoupper(trim($aliapy_config['sign_type'])));
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($aliapy_config['sign_type']));
return $para_sort;
}
/**
* 生成要请求给支付宝的参数数组
* @param $para_temp 请求前的参数数组
* @return 要请求的参数数组
*/
function buildRequestPara($para_temp)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = $this->buildRequestMysign($para_sort);
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type']));
return $para_sort;
}
/**
* 生成签名结果
* @param $para_sort 已排序要签名的数组
* return 签名结果字符串
*/
public function buildRequestMysign($para_sort) {
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para_sort);
$mysign = "";
switch (strtoupper(trim($this->alipay_config['sign_type']))) {
public function getSignVeryfy($para_temp, $sign)
{
$para_filter = paraFilter($para_temp);
$para_sort = argSort($para_filter);
$prestr = createLinkstring($para_sort);
$isSgin = false;
switch (strtoupper(trim($this->alipay_config["sign_type"]))) {
case "MD5":
$isSgin = md5Verify($prestr, $sign, $this->alipay_config["key"]);
break;
default:
$isSgin = false;
}
return $isSgin;
}
/**
* 获取返回时的签名验证结果
* @param $para_temp 通知返回来的参数数组
* @param $sign 返回的签名结果
* @return 签名验证结果
*/
public function getSignVeryfy($para_temp, $sign)
{
//除去待签名参数数组中的空值
$para = paraFilter($para_temp);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para);
$MAC = base64_decode($sign);
$fp = fopen(dirname(__FILE__) . "/99bill[1].cert.rsa.20140803.cer", "r");
$cert = fread($fp, 8192);
fclose($fp);
$pubkeyid = openssl_get_publickey($cert);
$isSgin = false;
$isSgin = openssl_verify($trans_body, $MAC, $pubkeyid);
return $isSgin;
}
/**
* 生成要请求给连连支付的参数数组
* @param $para_temp 请求前的参数数组
* @return 要请求的参数数组
*/
function buildRequestPara($para_temp)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = $this->buildRequestMysign($para_sort);
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($this->llpay_config['sign_type']));
foreach ($para_sort as $key => $value) {
$para_sort[$key] = urlencode($value);
}
return urldecode(json_encode($para_sort));
}
/**
* 获取请求签名
* @param $para_temp 请求的参数数组
* @return 签名
*/
public function getSign($para_temp)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para_sort);
$isSgin = false;
switch (strtoupper(trim($this->alipay_config['sign_type']))) {
case "RSA":
$isSgin = rsaSign($prestr, trim($this->alipay_config['private_key_path']));
break;
default:
$isSgin = false;
}
return $isSgin;
}
/**
* 获取返回时的签名验证结果
* @param $para_temp 通知返回来的参数数组
* @param $sign 返回的签名结果
* @return 签名验证结果
*/
function getSignVeryfy($para_temp, $sign)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para_sort);
$isSgin = false;
switch (strtoupper(trim($this->alipay_config['sign_type']))) {
case "MD5":
$isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']);
break;
default:
$isSgin = false;
}
return $isSgin;
}
function buildRequestPara($para_temp) {
$para_filter = paraFilter($para_temp);
$para_sort = argSort($para_filter);
$mysign = $this->buildRequestMysign($para_sort);
$para_sort['sign'] = $mysign;
$para_sort['sign_type'] = strtoupper(trim($this->llpay_config['sign_type']));
foreach ($para_sort as $key => $value) {
$para_sort[$key] = $value;
}
if('3' == $this->llpay_config['app_request']) {
if('api' == WEB_BASE_ENV_DFS::$APPNAME) {
return json_encode($para_sort);
} else {
return urldecode(json_encode($para_sort));
}
} else {
return $para_sort;
}
}
/**
* 支付宝支付
*/
public function alipayAction()
{
//支付宝提供的加密方式
include_once __DIR__ . '/../../utils/alipay/lib/alipay_core.function.php';
$babyId = $this->devices->getBabyIdByShoeId($this->userInfo['uid'], $this->_sanReq['shoe_id']);
if (!$babyId) {
$this->_showMsg(self::NON_SHOE, $this->di['flagmsg'][self::NON_SHOE]);
}
$rel = $this->_checkRelation($this->userInfo['uid'], $babyId['baby_id']);
//角色名
if (!empty($rel) && $rel['family_rolename'] != '') {
$rolename = $rel['family_rolename'];
} else {
$rolename = '';
}
//获取套餐
$renew = $this->renew->getRenew($serviceId, 1);
if (!$renew) {
$this->_showMsg(self::NON_PACKAGE, $this->di['flagmsg'][self::NON_PACKAGE]);
}
//配置
$alipayConf = $this->di->get('sysconfig')['payment']['alipay'];
//签名参数
$params['partner'] = $alipayConf['partner'];
$params['seller_id'] = $alipayConf['seller_id'];
$params['out_trade_no'] = (string) Common::makeOrderSn();
$params['subject'] = $renew['cr_name'];
$params['body'] = $renew['cr_detail'];
$params['total_fee'] = (string) number_format($renew['cr_real_price'], '2', '.', '');
$params['notify_url'] = $this->di->get['sysconfig']['renewServer'] . $alipayConf['notify_url'];
$params['service'] = 'mobile.securitypay.pay';
$params['_input_charset'] = 'utf-8';
$params['payment_type'] = '1';
//生成续费订单,入库
if (($res = $this->renew->renewUpdate($shoeId, $this->userInfo['uid'], $serviceId, $_SERVER['REQUEST_TIME'], 1, $params['out_trade_no'], 1, $params['total_fee'], $params['subject'], $renew['cr_period'], $renew['cr_coins'], $rolename, $babyId['baby_id'], $babyId['dev_imei'])) != self::SUCCESS) {
$this->_showMsg($res, $this->di['flagmsg'][$res]);
}
$data = makeSignstring(argSort(paraFilter($params)));
$params['sign'] = urlencode(rsaSign($data, $alipay_config['private_key_path']));
$this->_returnResult(array('flag' => self::SUCCESS, 'data' => urlencode($data . '&sign="' . $params['sign'] . '"&sign_type="RSA"'), 'order_no' => $params['out_trade_no']));
}
public function getDevice($condition)
{
$this->db->select('*');
$time = time() - 50;
if (isset($condition['device_link'])) {
$query = $this->db->order_by('setlink_time', 'desc')->where('setlink_time >', $time)->get_where($this->tb_device, $condition, 1);
} else {
$query = $this->db->get_where($this->tb_device, $condition);
}
$result = $query->result_array();
if ($result) {
$data = $result[0];
$this->load->model('redis_model');
$data['device_online'] = $this->redis_model->getDeviceAttr($data['device_mac'], 'online');
$device_data = $this->redis_model->getDeviceData($data['device_mac']);
if ($device_data) {
$data['device_data'] = $device_data;
}
} else {
return 0;
}
//var_dump($data);die;
return paraFilter($data);
}
/**
* 根据反馈回来的信息,生成签名结果
* @param $para_temp 通知返回来的参数数组
* @return 生成的签名结果
*/
function getMysign($para_temp)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$mysign = buildMysign($para_sort, trim($this->aliapy_config['key']), strtoupper(trim($this->aliapy_config['sign_type'])));
return $mysign;
}
/**
* 异步通知消息验证
* @param para 异步通知消息
* @return 验证结果
*/
static function verifySignature($para)
{
$respSignature = $para[upmp_config::SIGNATURE];
// 除去数组中的空值和签名参数
$filteredReq = paraFilter($para);
$signature = buildSignature($filteredReq);
if ("" != $respSignature && $respSignature == $signature) {
return true;
} else {
return false;
}
}
apporderid 订单号 不可空
amount 交易金额 以"分"为单位的整型,必须大于等于2分 不可空
identityid 用户标识 用户ID 不可空
productname 商品名称 最长50位,出于风控考虑,请按下面的格式传递值:应用-商品名称,如“诛仙-3阶成品天琊”,此商品名在发送短信校验的时候会发给用户,所以描述内容不要加在此参数中,以提高用户的体验度 不可空
productdesc 商品描述 最长200位 可空
appcallbackurl 第3方平台异步通知地址 可空
appkey 应用id Sdk后台申请 不可空
sign 本系统签名 不可空
*/
$key = "jz";
//干扰码:jz
$notice_sn = $_REQUEST['apporderid'];
$trade_no = $_REQUEST['order_id'];
$sign = $_REQUEST['sign'];
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($_REQUEST);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//生成签名结果
$sign_str = createLinkstring($para_sort);
$mysign = md5($sign_str . $key);
/*
$sign_str = $amount.$apporderid.$order_id;
$mysign = md5($sing_str.$key);
*/
if ($sign == $mysign) {
$apporderid = $_REQUEST['apporderid'];
$payment_notice = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment_notice where notice_sn = '" . $notice_sn . "'");
require_once APP_ROOT_PATH . "system/libs/cart.php";
$rs = payment_paid($notice_sn, $trade_no);
if ($rs) {
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>支付宝手机网站支付接口接口</title>
</head>
<body>
<?php
defined('SYSTEM_IN') or exit('Access Denied');
require_once "common.php";
$payment = mysqld_select("SELECT * FROM " . table('payment') . " WHERE enabled=1 and code='alipay' limit 1");
$configs = unserialize($payment['configs']);
//$goodtitle
$parameter = array("service" => "alipay.wap.create.direct.pay.by.user", "partner" => trim($configs['alipay_safepid']), "seller_id" => trim($configs['alipay_safepid']), "payment_type" => 1, "notify_url" => WEBSITE_ROOT . 'notify/alipay_notify.php', "return_url" => WEBSITE_ROOT . 'notify/alipay_return_url.php', "out_trade_no" => $order['ordersn'] . '-' . $order['id'], "subject" => $goodtitle, "total_fee" => $order['price'], "show_url" => WEBSITE_ROOT . mobile_url('fansindex'), "body" => $goodtitle, "_input_charset" => 'utf-8');
$para_filter = paraFilter($parameter);
$para_filter = argSort($para_filter);
$mysign_t = buildRequestMysign($para_filter, $configs['alipay_safekey']);
$para_filter['sign'] = $mysign_t;
$para_filter['sign_type'] = 'MD5';
$sHtml = "<form id='alipaysubmit' name='alipaysubmit' action='https://mapi.alipay.com/gateway.do' method='get'>";
while (list($key, $val) = each($para_filter)) {
$sHtml .= "<input type='hidden' name='" . $key . "' value='" . $val . "'/>";
}
$sHtml = $sHtml . "<input type='submit' style='display:none' value='确认'></form>";
$sHtml = $sHtml . "<script>document.forms['alipaysubmit'].submit();</script>";
echo $sHtml;
// echo "<textarea rows=\"3\" cols=\"20\">1212".$sHtml."</textarea>";
exit;
?>
</body>
</html>
/**
* 获取返回时的签名验证结果
* @param $para_temp 通知返回来的参数数组
* @param $sign 返回的签名结果
* @param $isSort 是否对待签名数组排序
* @return 签名验证结果
*/
function getSignVeryfy($para_temp, $sign, $isSort)
{
//除去待签名参数数组中的空值和签名参数
$para = paraFilter($para_temp);
//对待签名参数数组排序
if ($isSort) {
$para = argSort($para);
} else {
$para = sortNotifyPara($para);
}
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para);
$isSgin = false;
switch (strtoupper(trim($this->alipay_config['sign_type']))) {
case "MD5":
$isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']);
break;
case "RSA":
$isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign);
break;
case "0001":
$isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign);
break;
default:
$isSgin = false;
}
return $isSgin;
}
public function doalipayWap()
{
//echo "<pre>";var_dump( $_SERVER );echo "</pre>";
//返回格式
$format = "xml";
//必填,不需要修改//返回格式
$v = "2.0";
//这里我们通过TP的C函数把配置项参数读出,赋给$alipay_config;
$alipay_config = C('alipay_config');
/**************************请求参数**************************/
$payment_type = C('alipay_config.sign_type');
//支付类型 //必填,不能修改
$notify_url = C('alipay.notify_urlWap');
//服务器异步通知页面路径
$return_url = C('alipay.return_urlWap');
//页面跳转同步通知页面路径
$merchant_url = C('alipay.merchant_urlWap');
//操作中断返回地址
$seller_email = C('alipay.seller_email');
//卖家支付宝帐户必填
$out_trade_no = $_POST['trade_no'];
//商户订单号 通过支付页面的表单进行传递,注意要唯一!
$subject = $_POST['ordsubject'];
//订单名称 //必填 通过支付页面的表单进行传递
$total_fee = $_POST['ordtotal_fee'];
//付款金额 //必填 通过支付页面的表单进行传递
$body = $_POST['ordbody'];
//订单描述 通过支付页面的表单进行传递
$show_url = $_POST['ordshow_url'];
//商品展示地址 通过支付页面的表单进行传递
$anti_phishing_key = "";
//防钓鱼时间戳 //若要使用请调用类文件submit中的query_timestamp函数
//$exter_invoke_ip = get_client_ip();//var_dump($exter_invoke_ip);die(); //客户端的IP地址
$exter_invoke_ip = $_SERVER["REMOTE_ADDR"];
//var_dump($exter_invoke_ip);die(); //客户端的IP地址
/************************************************************/
//对前台传过来的价钱数据做判断
$orderId = $out_trade_no;
$oOb = M("order");
$orderArr = $oOb->field("count(*) as num")->where("orderId='{$orderId}'")->select();
$num = $orderArr[0]['num'];
if ($num == 0) {
$coOb = M("cardorder");
$arr = $coOb->where("orderId='{$orderId}'")->select();
//var_dump($arr);
$realPrice = $arr[0]['price'] - $arr[0]['discount'] - $arr[0]['yhqPrice'];
//var_dump($total_fee); var_dump($realPrice); die;
if ($total_fee != $realPrice) {
header("location:index.php?m=Member&a=payFail");
}
} else {
$arr = $oOb->where("orderId='{$orderId}'")->select();
$realPrice = $arr[0]['price'] - $arr[0]['discount'] - $arr[0]['yhq'];
if ($total_fee != $realPrice) {
header("location:index.php?m=Member&a=payFail");
}
}
$call_back_url = $return_url;
//请求业务参数详细
$req_data = '<direct_trade_create_req><notify_url>' . $notify_url . '</notify_url><call_back_url>' . $call_back_url . '</call_back_url><seller_account_name>' . $seller_email . '</seller_account_name><out_trade_no>' . $out_trade_no . '</out_trade_no><subject>' . $subject . '</subject><total_fee>' . $total_fee . '</total_fee><merchant_url>' . $merchant_url . '</merchant_url></direct_trade_create_req>';
//echo "req_data";var_dump($req_data);echo "----------------------------------";
//必填
//构造要请求的参数数组,无需改动
$para_token = array("service" => "alipay.wap.trade.create.direct", "partner" => trim($alipay_config['partner']), "sec_id" => $payment_type, "format" => $format, "v" => $v, "req_id" => $out_trade_no, "req_data" => trim($req_data), "_input_charset" => trim(strtolower($alipay_config['input_charset'])));
//echo "<pre>";var_dump($para_token);echo "</pre>";die();
//建立请求
$alipaySubmit = new AlipaySubmit($alipay_config);
$html_text = $alipaySubmit->buildRequestHttp($para_token);
//var_dump($html_text);die();
//URLDECODE返回的信息
$html_text = urldecode($html_text);
//echo "<pre>";var_dump($html_text);echo "</pre>";die();
//解析远程模拟提交后返回的信息
$para_html_text = $alipaySubmit->parseResponse($html_text);
//var_dump($para_html_text);die;
//获取request_token
$request_token = $para_html_text['request_token'];
//var_dump($request_token);
/**************************根据授权码token调用交易接口alipay.wap.auth.authAndExecute**************************/
//业务详细
$req_data = '<auth_and_execute_req><request_token>' . $request_token . '</request_token></auth_and_execute_req>';
//必填
$parameter = array("service" => "alipay.wap.auth.authAndExecute", "partner" => trim($alipay_config['partner']), "sec_id" => $payment_type, "format" => $format, "v" => $v, "req_id" => $out_trade_no, "req_data" => trim($req_data), "_input_charset" => trim(strtolower($alipay_config['input_charset'])));
//var_dump($parameter);die();
$parameter1 = paraFilter($parameter);
$parameter2 = argSort($parameter);
//建立请求
$alipaySubmit = new AlipaySubmit($alipay_config);
$mysign = $alipaySubmit->buildRequestMysign($parameter2);
$parameter2['sign'] = $mysign;
//echo "<pre>";var_dump($parameter2);echo "</pre>";die();
$html_text = $alipaySubmit->buildRequestForm($parameter2, "get", "确认");
echo $html_text;
}
/**
* 获取返回时的签名验证结果
* @param $para_temp 通知返回来的参数数组
* @param $sign 返回的签名结果
* @param $isSort 是否对待签名数组排序
* @return 签名验证结果
*/
function getSignVeryfy($para_temp, $sign, $isSort)
{
//除去待签名参数数组中的空值和签名参数
//file_put_contents("./alipaylog/getSignVeryfy_para_temp_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($para_temp,true));
$para = paraFilter($para_temp);
//file_put_contents("./alipaylog/getSignVeryfy_para1_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($para,true));
//对待签名参数数组排序
if ($isSort) {
$para = argSort($para);
} else {
$para = $this->sortNotifyPara($para);
}
//file_put_contents("./alipaylog/getSignVeryfy_para2_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($para,true));
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para);
//file_put_contents("./alipaylog/getSignVeryfy_prestr_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($prestr,true));
//echo $prestr;
$isSgin = false;
switch (strtoupper(trim($this->alipay_config['sign_type']))) {
case "MD5":
$isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']);
break;
case "RSA":
$isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign);
break;
case "0001":
$isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign);
break;
default:
$isSgin = false;
}
return $isSgin;
}
public function actionChargeOrder()
{
// 检查参数
if (!isset($_REQUEST['uid']) || !isset($_REQUEST['pay_type']) || !isset($_REQUEST['token']) || !isset($_REQUEST['goods_id']) || !isset($_REQUEST['pay_type']) || !isset($_REQUEST['payment_type'])) {
$this->_return('MSG_ERR_LESS_PARAM');
}
$uid = Yii::app()->request->getParam('uid');
$token = trim(Yii::app()->request->getParam('token'));
$pay_type = trim(Yii::app()->request->getParam('pay_type'));
$app_id = trim(Yii::app()->request->getParam('app_id'));
$payment_type = trim(Yii::app()->request->getParam('payment_type', 1));
$goods_id = Yii::app()->request->getParam('goods_id');
if (!Token::model()->verifyToken($uid, $token, $GLOBALS['__APPID'])) {
$this->_return('MSG_ERR_TOKEN');
}
if (!User::model()->isSetPassword($uid)) {
$this->_return('MSG_ERR_UNSET_PASSWORD');
}
$goods_info = Common::model()->getGoodsInfo($goods_id);
if (!is_array($goods_info)) {
$this->_return('MSG_ERR_FAIL_PARAM');
}
// 支付订单创建
$out_trade_no = Pay::model()->createOrder($uid, $goods_info, $GLOBALS['__APPID'], $pay_type, $GLOBALS['__CHANNEL'], $GLOBALS['__PLATFORM']);
if ($out_trade_no < 0) {
$this->_return('MSG_ERR_UNKOWN');
}
// 记录Log
Log::model()->_pay_log($uid, 'CREATE_ORDER', date('Y-m-d H:i:s'), $out_trade_no);
$data['out_trade_no'] = $out_trade_no;
$config_arr = Yii::app()->params['alipay_config'];
//支付宝充值返回支付宝前段签名
Yii::import('application.extensions.alipay.*');
require_once 'lib/alipay_notify.class.php';
$alipayNotify = new AlipayNotify($config_arr);
$price = $goods_info['price'] / 100;
$subject = $goods_info['name'];
$body = $goods_info['name'] . ", 你值得拥有";
$price = '"' . $price . '"';
$subject = '"' . $subject . '"';
$body = '"' . $body . '"';
if ($app_id) {
$app_id = '"' . $app_id . '"';
}
/*
if($extern_token){
$extern_token = '"'.$extern_token.'"';
}
*/
/*
if($appenv){
$appenv = '"'.$appenv.'"';
}
*/
if ($payment_type) {
$payment_type = '"' . $payment_type . '"';
}
/*
if($it_b_pay){
$it_b_pay = '"'.$it_b_pay.'"';
}
*/
/*
if($show_url){
$show_url = '"'.urlencode($show_url).'"';
}
*/
$service = '"mobile.securitypay.pay"';
$partner = '"' . Yii::app()->params['partner'] . '"';
$charset = '"utf-8"';
$notify_url = '"' . urlencode(Yii::app()->params['notifyUrl']) . '"';
$out_trade_no = '"' . $out_trade_no . '"';
$seller_id = '"' . Yii::app()->params['partner'] . '"';
$sign_date = array('seller_id' => $seller_id, 'total_fee' => $price, 'service' => $service, 'partner' => $partner, '_input_charset' => $charset, 'notify_url' => $notify_url, 'out_trade_no' => $out_trade_no, 'subject' => $subject, 'app_id' => $app_id, 'payment_type' => $payment_type, 'body' => $body);
$sign_date = paraFilter($sign_date);
$sign_date = createLinkstring($sign_date);
$private_key_url = '../extensions/alipay/' . $alipayNotify->alipay_config['private_key_path'];
$data['sign'] = rsaSign($sign_date, $private_key_url);
$data['url'] = $sign_date;
$data['notifyUrl'] = Yii::app()->params['notifyUrl'];
// 发送返回值
$this->_return('MSG_SUCCESS', $data);
}
function getSignVeryfy($para_temp, $sign, $md5)
{
//除去待签名参数数组中的空值和签名参数
$para_filter = paraFilter($para_temp);
//对待签名参数数组排序
$para_sort = argSort($para_filter);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = createLinkstring($para_sort);
$isSgin = false;
$isSgin = md5Verify($prestr, $sign, $md5);
return $isSgin;
}
/**
* 异步通知消息验证
* @param para 异步通知消息
* @return 验证结果
*/
static function verifySignature($para)
{
$respSignature = $para[upmp_config::SIGNATURE];
// 除去数组中的空值和签名参数
$filteredReq = paraFilter($para);
$signature = buildSignature($filteredReq);
$file = "./" . date('Y-m-d') . "-log" . ".txt";
$filehandle = fopen($file, "a");
fwrite($filehandle, "\r\n======响应内容计算出来的值:.\r\n" . $signature . "\r\n\r\n响应回来的值:" . $respSignature . "\r\n\r\n<!--------------结束------------>\r\n\r\n\r\n");
fclose($filehandle);
if ("" != $respSignature && $respSignature == $signature) {
return true;
} else {
return false;
}
}
