function getSignVeryfy($para_temp, $sign, $isSort) { $para = paraFilter($para_temp); if ($isSort) { $para = argSort($para); } else { $para = $this->sortNotifyPara($para); } $prestr = createLinkstring($para); $isSgin = false; switch (strtoupper(trim($this->alipay_config['sign_type']))) { case "MD5": $isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']); break; case "RSA": $isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign); break; case "0001": $isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign); break; default: $isSgin = false; } return $isSgin; }
function getMysign($para_temp) { $para_filter = paraFilter($para_temp); $para_sort = argSort($para_filter); $mysign = buildMysign($para_sort, trim($this->aliapy_config['key']), strtoupper(trim($this->aliapy_config['sign_type']))); return $mysign; }
/** * 生成要请求给支付宝的参数数组 * @param $para_temp 请求前的参数数组 * @return 要请求的参数数组 */ public function buildRequestPara($para_temp) { if (strtoupper(trim($this->alipay_config['sign_type'])) == 'RSA') { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp, 2); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = $this->buildRequestMysign($para_sort); //签名结果与签名方式加入请求提交参数组中 $para_sort['sign'] = $mysign; //20161124 使用最官方的新sdk注意:sign_type字段需要参加签名 生成的签名不要urlencode 放在数组里再进行urlencode } elseif (strtoupper(trim($this->alipay_config['sign_type'])) == 'MD5') { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = $this->buildRequestMysign($para_sort); //签名结果与签名方式加入请求提交参数组中 $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type'])); } return $para_sort; }
function resultFilter($array) { $list = array(); foreach ($array as $row) { array_push($list, paraFilter($row)); } return $list; }
function buildRequestPara($para_temp, $aliapy_config) { $para_filter = paraFilter($para_temp); $para_sort = argSort($para_filter); $mysign = buildMysign($para_sort, trim($aliapy_config['key']), strtoupper(trim($aliapy_config['sign_type']))); $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($aliapy_config['sign_type'])); return $para_sort; }
function buildRequestPara($para_temp) { $para_filter = paraFilter($para_temp); $para_sort = argSort($para_filter); $mysign = $this->buildRequestMysign($para_sort); $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type'])); return $para_sort; }
/** * 生成要请求的参数数组 * @param $para_temp 请求前的参数数组 * @return 要请求的参数数组 */ public function buildRequestPara($para_temp) { //除去待签名参数数组中的空值 $para = paraFilter($para_temp); //生成签名结果 $mysign = $this->buildRequestMysign($para); //--------这里保留了空值参数-------- //签名结果与签名方式加入请求提交参数组中 $para_temp['signMsg'] = $mysign; return $para_temp; }
function buildRequestPara($para_temp) { $para_filter = paraFilter($para_temp); $para_sort = argSort($para_filter); $mysign = $this->buildRequestMysign($para_sort); $para_sort['sign'] = $mysign; if ($para_sort['service'] != 'alipay.wap.trade.create.direct' && $para_sort['service'] != 'alipay.wap.auth.authAndExecute') { $para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type'])); } return $para_sort; }
/** * 生成要请求给集付宝的参数数组 * @param $para_temp 请求前的参数数组 * @return 要请求的参数数组 */ function buildRequestPara($para_temp) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = $this->buildRequestMysign($para_sort); //签名结果与签名方式加入请求提交参数组中 $para_sort['sign'] = $mysign; return $para_sort; }
/** * 生成要请求给支付宝的参数数组 * @param $para_temp 请求前的参数数组 * @param $aliapy_config 基本配置信息数组 * @return 要请求的参数数组 */ function buildRequestPara($para_temp, $aliapy_config) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = buildMysign($para_sort, trim($aliapy_config['key']), strtoupper(trim($aliapy_config['sign_type']))); //签名结果与签名方式加入请求提交参数组中 $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($aliapy_config['sign_type'])); return $para_sort; }
/** * 生成要请求给支付宝的参数数组 * @param $para_temp 请求前的参数数组 * @return 要请求的参数数组 */ function buildRequestPara($para_temp) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = $this->buildRequestMysign($para_sort); //签名结果与签名方式加入请求提交参数组中 $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($this->alipay_config['sign_type'])); return $para_sort; }
/** * 生成签名结果 * @param $para_sort 已排序要签名的数组 * return 签名结果字符串 */ public function buildRequestMysign($para_sort) { //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para_sort); $mysign = ""; switch (strtoupper(trim($this->alipay_config['sign_type']))) {
public function getSignVeryfy($para_temp, $sign) { $para_filter = paraFilter($para_temp); $para_sort = argSort($para_filter); $prestr = createLinkstring($para_sort); $isSgin = false; switch (strtoupper(trim($this->alipay_config["sign_type"]))) { case "MD5": $isSgin = md5Verify($prestr, $sign, $this->alipay_config["key"]); break; default: $isSgin = false; } return $isSgin; }
/** * 获取返回时的签名验证结果 * @param $para_temp 通知返回来的参数数组 * @param $sign 返回的签名结果 * @return 签名验证结果 */ public function getSignVeryfy($para_temp, $sign) { //除去待签名参数数组中的空值 $para = paraFilter($para_temp); //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para); $MAC = base64_decode($sign); $fp = fopen(dirname(__FILE__) . "/99bill[1].cert.rsa.20140803.cer", "r"); $cert = fread($fp, 8192); fclose($fp); $pubkeyid = openssl_get_publickey($cert); $isSgin = false; $isSgin = openssl_verify($trans_body, $MAC, $pubkeyid); return $isSgin; }
/** * 生成要请求给连连支付的参数数组 * @param $para_temp 请求前的参数数组 * @return 要请求的参数数组 */ function buildRequestPara($para_temp) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = $this->buildRequestMysign($para_sort); //签名结果与签名方式加入请求提交参数组中 $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($this->llpay_config['sign_type'])); foreach ($para_sort as $key => $value) { $para_sort[$key] = urlencode($value); } return urldecode(json_encode($para_sort)); }
/** * 获取请求签名 * @param $para_temp 请求的参数数组 * @return 签名 */ public function getSign($para_temp) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para_sort); $isSgin = false; switch (strtoupper(trim($this->alipay_config['sign_type']))) { case "RSA": $isSgin = rsaSign($prestr, trim($this->alipay_config['private_key_path'])); break; default: $isSgin = false; } return $isSgin; }
/** * 获取返回时的签名验证结果 * @param $para_temp 通知返回来的参数数组 * @param $sign 返回的签名结果 * @return 签名验证结果 */ function getSignVeryfy($para_temp, $sign) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para_sort); $isSgin = false; switch (strtoupper(trim($this->alipay_config['sign_type']))) { case "MD5": $isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']); break; default: $isSgin = false; } return $isSgin; }
function buildRequestPara($para_temp) { $para_filter = paraFilter($para_temp); $para_sort = argSort($para_filter); $mysign = $this->buildRequestMysign($para_sort); $para_sort['sign'] = $mysign; $para_sort['sign_type'] = strtoupper(trim($this->llpay_config['sign_type'])); foreach ($para_sort as $key => $value) { $para_sort[$key] = $value; } if('3' == $this->llpay_config['app_request']) { if('api' == WEB_BASE_ENV_DFS::$APPNAME) { return json_encode($para_sort); } else { return urldecode(json_encode($para_sort)); } } else { return $para_sort; } }
/** * 支付宝支付 */ public function alipayAction() { //支付宝提供的加密方式 include_once __DIR__ . '/../../utils/alipay/lib/alipay_core.function.php'; $babyId = $this->devices->getBabyIdByShoeId($this->userInfo['uid'], $this->_sanReq['shoe_id']); if (!$babyId) { $this->_showMsg(self::NON_SHOE, $this->di['flagmsg'][self::NON_SHOE]); } $rel = $this->_checkRelation($this->userInfo['uid'], $babyId['baby_id']); //角色名 if (!empty($rel) && $rel['family_rolename'] != '') { $rolename = $rel['family_rolename']; } else { $rolename = ''; } //获取套餐 $renew = $this->renew->getRenew($serviceId, 1); if (!$renew) { $this->_showMsg(self::NON_PACKAGE, $this->di['flagmsg'][self::NON_PACKAGE]); } //配置 $alipayConf = $this->di->get('sysconfig')['payment']['alipay']; //签名参数 $params['partner'] = $alipayConf['partner']; $params['seller_id'] = $alipayConf['seller_id']; $params['out_trade_no'] = (string) Common::makeOrderSn(); $params['subject'] = $renew['cr_name']; $params['body'] = $renew['cr_detail']; $params['total_fee'] = (string) number_format($renew['cr_real_price'], '2', '.', ''); $params['notify_url'] = $this->di->get['sysconfig']['renewServer'] . $alipayConf['notify_url']; $params['service'] = 'mobile.securitypay.pay'; $params['_input_charset'] = 'utf-8'; $params['payment_type'] = '1'; //生成续费订单,入库 if (($res = $this->renew->renewUpdate($shoeId, $this->userInfo['uid'], $serviceId, $_SERVER['REQUEST_TIME'], 1, $params['out_trade_no'], 1, $params['total_fee'], $params['subject'], $renew['cr_period'], $renew['cr_coins'], $rolename, $babyId['baby_id'], $babyId['dev_imei'])) != self::SUCCESS) { $this->_showMsg($res, $this->di['flagmsg'][$res]); } $data = makeSignstring(argSort(paraFilter($params))); $params['sign'] = urlencode(rsaSign($data, $alipay_config['private_key_path'])); $this->_returnResult(array('flag' => self::SUCCESS, 'data' => urlencode($data . '&sign="' . $params['sign'] . '"&sign_type="RSA"'), 'order_no' => $params['out_trade_no'])); }
public function getDevice($condition) { $this->db->select('*'); $time = time() - 50; if (isset($condition['device_link'])) { $query = $this->db->order_by('setlink_time', 'desc')->where('setlink_time >', $time)->get_where($this->tb_device, $condition, 1); } else { $query = $this->db->get_where($this->tb_device, $condition); } $result = $query->result_array(); if ($result) { $data = $result[0]; $this->load->model('redis_model'); $data['device_online'] = $this->redis_model->getDeviceAttr($data['device_mac'], 'online'); $device_data = $this->redis_model->getDeviceData($data['device_mac']); if ($device_data) { $data['device_data'] = $device_data; } } else { return 0; } //var_dump($data);die; return paraFilter($data); }
/** * 根据反馈回来的信息,生成签名结果 * @param $para_temp 通知返回来的参数数组 * @return 生成的签名结果 */ function getMysign($para_temp) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $mysign = buildMysign($para_sort, trim($this->aliapy_config['key']), strtoupper(trim($this->aliapy_config['sign_type']))); return $mysign; }
/** * 异步通知消息验证 * @param para 异步通知消息 * @return 验证结果 */ static function verifySignature($para) { $respSignature = $para[upmp_config::SIGNATURE]; // 除去数组中的空值和签名参数 $filteredReq = paraFilter($para); $signature = buildSignature($filteredReq); if ("" != $respSignature && $respSignature == $signature) { return true; } else { return false; } }
apporderid 订单号 不可空 amount 交易金额 以"分"为单位的整型,必须大于等于2分 不可空 identityid 用户标识 用户ID 不可空 productname 商品名称 最长50位,出于风控考虑,请按下面的格式传递值:应用-商品名称,如“诛仙-3阶成品天琊”,此商品名在发送短信校验的时候会发给用户,所以描述内容不要加在此参数中,以提高用户的体验度 不可空 productdesc 商品描述 最长200位 可空 appcallbackurl 第3方平台异步通知地址 可空 appkey 应用id Sdk后台申请 不可空 sign 本系统签名 不可空 */ $key = "jz"; //干扰码:jz $notice_sn = $_REQUEST['apporderid']; $trade_no = $_REQUEST['order_id']; $sign = $_REQUEST['sign']; //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($_REQUEST); //对待签名参数数组排序 $para_sort = argSort($para_filter); //生成签名结果 $sign_str = createLinkstring($para_sort); $mysign = md5($sign_str . $key); /* $sign_str = $amount.$apporderid.$order_id; $mysign = md5($sing_str.$key); */ if ($sign == $mysign) { $apporderid = $_REQUEST['apporderid']; $payment_notice = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment_notice where notice_sn = '" . $notice_sn . "'"); require_once APP_ROOT_PATH . "system/libs/cart.php"; $rs = payment_paid($notice_sn, $trade_no); if ($rs) {
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>支付宝手机网站支付接口接口</title> </head> <body> <?php defined('SYSTEM_IN') or exit('Access Denied'); require_once "common.php"; $payment = mysqld_select("SELECT * FROM " . table('payment') . " WHERE enabled=1 and code='alipay' limit 1"); $configs = unserialize($payment['configs']); //$goodtitle $parameter = array("service" => "alipay.wap.create.direct.pay.by.user", "partner" => trim($configs['alipay_safepid']), "seller_id" => trim($configs['alipay_safepid']), "payment_type" => 1, "notify_url" => WEBSITE_ROOT . 'notify/alipay_notify.php', "return_url" => WEBSITE_ROOT . 'notify/alipay_return_url.php', "out_trade_no" => $order['ordersn'] . '-' . $order['id'], "subject" => $goodtitle, "total_fee" => $order['price'], "show_url" => WEBSITE_ROOT . mobile_url('fansindex'), "body" => $goodtitle, "_input_charset" => 'utf-8'); $para_filter = paraFilter($parameter); $para_filter = argSort($para_filter); $mysign_t = buildRequestMysign($para_filter, $configs['alipay_safekey']); $para_filter['sign'] = $mysign_t; $para_filter['sign_type'] = 'MD5'; $sHtml = "<form id='alipaysubmit' name='alipaysubmit' action='https://mapi.alipay.com/gateway.do' method='get'>"; while (list($key, $val) = each($para_filter)) { $sHtml .= "<input type='hidden' name='" . $key . "' value='" . $val . "'/>"; } $sHtml = $sHtml . "<input type='submit' style='display:none' value='确认'></form>"; $sHtml = $sHtml . "<script>document.forms['alipaysubmit'].submit();</script>"; echo $sHtml; // echo "<textarea rows=\"3\" cols=\"20\">1212".$sHtml."</textarea>"; exit; ?> </body> </html>
/** * 获取返回时的签名验证结果 * @param $para_temp 通知返回来的参数数组 * @param $sign 返回的签名结果 * @param $isSort 是否对待签名数组排序 * @return 签名验证结果 */ function getSignVeryfy($para_temp, $sign, $isSort) { //除去待签名参数数组中的空值和签名参数 $para = paraFilter($para_temp); //对待签名参数数组排序 if ($isSort) { $para = argSort($para); } else { $para = sortNotifyPara($para); } //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para); $isSgin = false; switch (strtoupper(trim($this->alipay_config['sign_type']))) { case "MD5": $isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']); break; case "RSA": $isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign); break; case "0001": $isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign); break; default: $isSgin = false; } return $isSgin; }
public function doalipayWap() { //echo "<pre>";var_dump( $_SERVER );echo "</pre>"; //返回格式 $format = "xml"; //必填,不需要修改//返回格式 $v = "2.0"; //这里我们通过TP的C函数把配置项参数读出,赋给$alipay_config; $alipay_config = C('alipay_config'); /**************************请求参数**************************/ $payment_type = C('alipay_config.sign_type'); //支付类型 //必填,不能修改 $notify_url = C('alipay.notify_urlWap'); //服务器异步通知页面路径 $return_url = C('alipay.return_urlWap'); //页面跳转同步通知页面路径 $merchant_url = C('alipay.merchant_urlWap'); //操作中断返回地址 $seller_email = C('alipay.seller_email'); //卖家支付宝帐户必填 $out_trade_no = $_POST['trade_no']; //商户订单号 通过支付页面的表单进行传递,注意要唯一! $subject = $_POST['ordsubject']; //订单名称 //必填 通过支付页面的表单进行传递 $total_fee = $_POST['ordtotal_fee']; //付款金额 //必填 通过支付页面的表单进行传递 $body = $_POST['ordbody']; //订单描述 通过支付页面的表单进行传递 $show_url = $_POST['ordshow_url']; //商品展示地址 通过支付页面的表单进行传递 $anti_phishing_key = ""; //防钓鱼时间戳 //若要使用请调用类文件submit中的query_timestamp函数 //$exter_invoke_ip = get_client_ip();//var_dump($exter_invoke_ip);die(); //客户端的IP地址 $exter_invoke_ip = $_SERVER["REMOTE_ADDR"]; //var_dump($exter_invoke_ip);die(); //客户端的IP地址 /************************************************************/ //对前台传过来的价钱数据做判断 $orderId = $out_trade_no; $oOb = M("order"); $orderArr = $oOb->field("count(*) as num")->where("orderId='{$orderId}'")->select(); $num = $orderArr[0]['num']; if ($num == 0) { $coOb = M("cardorder"); $arr = $coOb->where("orderId='{$orderId}'")->select(); //var_dump($arr); $realPrice = $arr[0]['price'] - $arr[0]['discount'] - $arr[0]['yhqPrice']; //var_dump($total_fee); var_dump($realPrice); die; if ($total_fee != $realPrice) { header("location:index.php?m=Member&a=payFail"); } } else { $arr = $oOb->where("orderId='{$orderId}'")->select(); $realPrice = $arr[0]['price'] - $arr[0]['discount'] - $arr[0]['yhq']; if ($total_fee != $realPrice) { header("location:index.php?m=Member&a=payFail"); } } $call_back_url = $return_url; //请求业务参数详细 $req_data = '<direct_trade_create_req><notify_url>' . $notify_url . '</notify_url><call_back_url>' . $call_back_url . '</call_back_url><seller_account_name>' . $seller_email . '</seller_account_name><out_trade_no>' . $out_trade_no . '</out_trade_no><subject>' . $subject . '</subject><total_fee>' . $total_fee . '</total_fee><merchant_url>' . $merchant_url . '</merchant_url></direct_trade_create_req>'; //echo "req_data";var_dump($req_data);echo "----------------------------------"; //必填 //构造要请求的参数数组,无需改动 $para_token = array("service" => "alipay.wap.trade.create.direct", "partner" => trim($alipay_config['partner']), "sec_id" => $payment_type, "format" => $format, "v" => $v, "req_id" => $out_trade_no, "req_data" => trim($req_data), "_input_charset" => trim(strtolower($alipay_config['input_charset']))); //echo "<pre>";var_dump($para_token);echo "</pre>";die(); //建立请求 $alipaySubmit = new AlipaySubmit($alipay_config); $html_text = $alipaySubmit->buildRequestHttp($para_token); //var_dump($html_text);die(); //URLDECODE返回的信息 $html_text = urldecode($html_text); //echo "<pre>";var_dump($html_text);echo "</pre>";die(); //解析远程模拟提交后返回的信息 $para_html_text = $alipaySubmit->parseResponse($html_text); //var_dump($para_html_text);die; //获取request_token $request_token = $para_html_text['request_token']; //var_dump($request_token); /**************************根据授权码token调用交易接口alipay.wap.auth.authAndExecute**************************/ //业务详细 $req_data = '<auth_and_execute_req><request_token>' . $request_token . '</request_token></auth_and_execute_req>'; //必填 $parameter = array("service" => "alipay.wap.auth.authAndExecute", "partner" => trim($alipay_config['partner']), "sec_id" => $payment_type, "format" => $format, "v" => $v, "req_id" => $out_trade_no, "req_data" => trim($req_data), "_input_charset" => trim(strtolower($alipay_config['input_charset']))); //var_dump($parameter);die(); $parameter1 = paraFilter($parameter); $parameter2 = argSort($parameter); //建立请求 $alipaySubmit = new AlipaySubmit($alipay_config); $mysign = $alipaySubmit->buildRequestMysign($parameter2); $parameter2['sign'] = $mysign; //echo "<pre>";var_dump($parameter2);echo "</pre>";die(); $html_text = $alipaySubmit->buildRequestForm($parameter2, "get", "确认"); echo $html_text; }
/** * 获取返回时的签名验证结果 * @param $para_temp 通知返回来的参数数组 * @param $sign 返回的签名结果 * @param $isSort 是否对待签名数组排序 * @return 签名验证结果 */ function getSignVeryfy($para_temp, $sign, $isSort) { //除去待签名参数数组中的空值和签名参数 //file_put_contents("./alipaylog/getSignVeryfy_para_temp_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($para_temp,true)); $para = paraFilter($para_temp); //file_put_contents("./alipaylog/getSignVeryfy_para1_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($para,true)); //对待签名参数数组排序 if ($isSort) { $para = argSort($para); } else { $para = $this->sortNotifyPara($para); } //file_put_contents("./alipaylog/getSignVeryfy_para2_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($para,true)); //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para); //file_put_contents("./alipaylog/getSignVeryfy_prestr_".strftime("%Y%m%d%H%M%S",time()).".txt",print_r($prestr,true)); //echo $prestr; $isSgin = false; switch (strtoupper(trim($this->alipay_config['sign_type']))) { case "MD5": $isSgin = md5Verify($prestr, $sign, $this->alipay_config['key']); break; case "RSA": $isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign); break; case "0001": $isSgin = rsaVerify($prestr, trim($this->alipay_config['ali_public_key_path']), $sign); break; default: $isSgin = false; } return $isSgin; }
public function actionChargeOrder() { // 检查参数 if (!isset($_REQUEST['uid']) || !isset($_REQUEST['pay_type']) || !isset($_REQUEST['token']) || !isset($_REQUEST['goods_id']) || !isset($_REQUEST['pay_type']) || !isset($_REQUEST['payment_type'])) { $this->_return('MSG_ERR_LESS_PARAM'); } $uid = Yii::app()->request->getParam('uid'); $token = trim(Yii::app()->request->getParam('token')); $pay_type = trim(Yii::app()->request->getParam('pay_type')); $app_id = trim(Yii::app()->request->getParam('app_id')); $payment_type = trim(Yii::app()->request->getParam('payment_type', 1)); $goods_id = Yii::app()->request->getParam('goods_id'); if (!Token::model()->verifyToken($uid, $token, $GLOBALS['__APPID'])) { $this->_return('MSG_ERR_TOKEN'); } if (!User::model()->isSetPassword($uid)) { $this->_return('MSG_ERR_UNSET_PASSWORD'); } $goods_info = Common::model()->getGoodsInfo($goods_id); if (!is_array($goods_info)) { $this->_return('MSG_ERR_FAIL_PARAM'); } // 支付订单创建 $out_trade_no = Pay::model()->createOrder($uid, $goods_info, $GLOBALS['__APPID'], $pay_type, $GLOBALS['__CHANNEL'], $GLOBALS['__PLATFORM']); if ($out_trade_no < 0) { $this->_return('MSG_ERR_UNKOWN'); } // 记录Log Log::model()->_pay_log($uid, 'CREATE_ORDER', date('Y-m-d H:i:s'), $out_trade_no); $data['out_trade_no'] = $out_trade_no; $config_arr = Yii::app()->params['alipay_config']; //支付宝充值返回支付宝前段签名 Yii::import('application.extensions.alipay.*'); require_once 'lib/alipay_notify.class.php'; $alipayNotify = new AlipayNotify($config_arr); $price = $goods_info['price'] / 100; $subject = $goods_info['name']; $body = $goods_info['name'] . ", 你值得拥有"; $price = '"' . $price . '"'; $subject = '"' . $subject . '"'; $body = '"' . $body . '"'; if ($app_id) { $app_id = '"' . $app_id . '"'; } /* if($extern_token){ $extern_token = '"'.$extern_token.'"'; } */ /* if($appenv){ $appenv = '"'.$appenv.'"'; } */ if ($payment_type) { $payment_type = '"' . $payment_type . '"'; } /* if($it_b_pay){ $it_b_pay = '"'.$it_b_pay.'"'; } */ /* if($show_url){ $show_url = '"'.urlencode($show_url).'"'; } */ $service = '"mobile.securitypay.pay"'; $partner = '"' . Yii::app()->params['partner'] . '"'; $charset = '"utf-8"'; $notify_url = '"' . urlencode(Yii::app()->params['notifyUrl']) . '"'; $out_trade_no = '"' . $out_trade_no . '"'; $seller_id = '"' . Yii::app()->params['partner'] . '"'; $sign_date = array('seller_id' => $seller_id, 'total_fee' => $price, 'service' => $service, 'partner' => $partner, '_input_charset' => $charset, 'notify_url' => $notify_url, 'out_trade_no' => $out_trade_no, 'subject' => $subject, 'app_id' => $app_id, 'payment_type' => $payment_type, 'body' => $body); $sign_date = paraFilter($sign_date); $sign_date = createLinkstring($sign_date); $private_key_url = '../extensions/alipay/' . $alipayNotify->alipay_config['private_key_path']; $data['sign'] = rsaSign($sign_date, $private_key_url); $data['url'] = $sign_date; $data['notifyUrl'] = Yii::app()->params['notifyUrl']; // 发送返回值 $this->_return('MSG_SUCCESS', $data); }
function getSignVeryfy($para_temp, $sign, $md5) { //除去待签名参数数组中的空值和签名参数 $para_filter = paraFilter($para_temp); //对待签名参数数组排序 $para_sort = argSort($para_filter); //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = createLinkstring($para_sort); $isSgin = false; $isSgin = md5Verify($prestr, $sign, $md5); return $isSgin; }
/** * 异步通知消息验证 * @param para 异步通知消息 * @return 验证结果 */ static function verifySignature($para) { $respSignature = $para[upmp_config::SIGNATURE]; // 除去数组中的空值和签名参数 $filteredReq = paraFilter($para); $signature = buildSignature($filteredReq); $file = "./" . date('Y-m-d') . "-log" . ".txt"; $filehandle = fopen($file, "a"); fwrite($filehandle, "\r\n======响应内容计算出来的值:.\r\n" . $signature . "\r\n\r\n响应回来的值:" . $respSignature . "\r\n\r\n<!--------------结束------------>\r\n\r\n\r\n"); fclose($filehandle); if ("" != $respSignature && $respSignature == $signature) { return true; } else { return false; } }