function verify_notify($order_info, $strict = false) { if (!defined('WXAPPID')) { define("WXAPPID", $this->_config['appid']); define("WXMCHID", $this->_config['mchid']); define("WXKEY", $this->_config['key']); define("WXAPPSECRET", $this->_config['appsecret']); define("WXCURL_TIMEOUT", 30); define('WXNOTIFY_URL', $this->_create_notify_url($order_info['order_id'])); define('WXJS_API_CALL_URL', $this->_create_notify_url($order_info['order_id'])); define('WXSSLCERT_PATH', ROOT_PATH . '/data/cacert/1/apiclient_cert.pem'); define('WXSSLKEY_PATH', ROOT_PATH . '/data/cacert/1/apiclient_key.pem'); } require_once dirname(__FILE__) . "/WxPayPubHelper/WxPayPubHelper.php"; $notify = new Notify_pub(); $xml = $order_info['xml']; $notify->saveData($xml); if ($notify->checkSign() == true) { if ($notify->data["return_code"] == "FAIL") { return false; } else { $total_fee = $notify->data["total_fee"]; $out_trade_no = $notify->data["out_trade_no"]; if ($order_info['out_trade_sn'] != $out_trade_no) { /* 通知中的订单与欲改变的订单不一致 */ Paylog::error("price_inconsistent,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); $this->_error('order_inconsistent'); return false; } if ($order_info['order_amount'] * 100 != $total_fee) { /* 支付的金额与实际金额不一致 */ Paylog::error("price_inconsistent,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); $this->_error('price_inconsistent'); return false; } Paylog::info("success,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); return array('target' => ORDER_ACCEPTED); } } else { Paylog::info("sign_inconsistent,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); $this->_error('sign_inconsistent'); return false; } }
/** * 返回通知结果 * * @author Garbin * @param array $order_info * @param bool $strict * @return array */ function verify_notify($order_info, $strict = false) { if (empty($order_info)) { $this->_error('order_info_empty'); return false; } /* 初始化所需数据 */ $notify = $this->_get_notify(); /* 验证来路是否可信 */ if ($strict) { /* 严格验证 */ $verify_result = $this->_query_notify($notify['notify_id']); if (!$verify_result) { /* 来路不可信 */ Paylog::info("notify_unauthentic,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); $this->_error('notify_unauthentic'); return false; } } /* 验证通知是否可信 */ $sign_result = $this->_verify_sign($notify); if (!$sign_result) { /* 若本地签名与网关签名不一致,说明签名不可信 */ Paylog::info("sign_inconsistent,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); $this->_error('sign_inconsistent'); return false; } /*----------通知验证结束----------*/ /*----------本地验证开始----------*/ /* 验证与本地信息是否匹配 */ /* 这里不只是付款通知,有可能是发货通知,确认收货通知 */ if ($order_info['out_trade_sn'] != $notify['out_trade_no']) { /* 通知中的订单与欲改变的订单不一致 */ Paylog::info("order_inconsistent,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); $this->_error('order_inconsistent'); return false; } if ($order_info['order_amount'] != $notify['total_fee']) { Paylog::error("price_inconsistent,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); /* 支付的金额与实际金额不一致 */ $this->_error('price_inconsistent'); return false; } //至此,说明通知是可信的,订单也是对应的,可信的 Paylog::info("success,{$order_info['payment_name']},{$order_info['order_sn']},{$order_info['order_amount']},{$notify['total_fee']},{$order_info['order_id']},{$order_info['seller_id']},{$order_info['buyer_id']}"); /* 按通知结果返回相应的结果 */ switch ($notify['trade_status']) { case 'WAIT_SELLER_SEND_GOODS': //买家已付款,等待卖家发货 $order_status = ORDER_ACCEPTED; break; case 'WAIT_BUYER_CONFIRM_GOODS': //卖家已发货,等待买家确认 $order_status = ORDER_SHIPPED; break; case 'TRADE_FINISHED': //交易结束 //交易结束 case 'TRADE_SUCCESS': // 交易成功 if ($order_info['status'] == ORDER_PENDING) { /* 如果是等待付款中,则说明是即时到账交易,这时将状态改为已付款 */ $order_status = ORDER_ACCEPTED; } else { /* 说明是第三方担保交易,交易结束 */ $order_status = ORDER_FINISHED; } break; case 'TRADE_CLOSED': //交易关闭 $order_status = ORDER_CANCLED; break; default: $this->_error('undefined_status'); return false; break; } switch ($notify['refund_status']) { case 'REFUND_SUCCESS': //退款成功,取消订单 $order_status = ORDER_CANCLED; break; } return array('target' => $order_status); }