Exemple #1
0
/**
 * 响应操作
*/
function respond()
{
    $payment = get_payment_info('chinabank');
    $v_oid = trim($_POST['v_oid']);
    $v_pmode = trim($_POST['v_pmode']);
    $v_pstatus = trim($_POST['v_pstatus']);
    $v_pstring = trim($_POST['v_pstring']);
    $v_amount = trim($_POST['v_amount']);
    $v_moneytype = trim($_POST['v_moneytype']);
    $remark1 = trim($_POST['remark1']);
    $remark2 = trim($_POST['remark2']);
    $v_md5str = trim($_POST['v_md5str']);
    /**
    * 重新计算md5的值
    */
    $key = $payment['ytauthkey'];
    $md5string = strtoupper(md5($v_oid . $v_pstatus . $v_amount . $v_moneytype . $key));
    /* 检查秘钥是否正确 */
    if ($v_md5str == $md5string) {
        if ($v_pstatus == '20') {
            /* 改变订单状态 */
            if (!order_paid($v_oid)) {
                return false;
            }
            return true;
        }
    } else {
        return false;
    }
}
Exemple #2
0
/**
 * 响应操作
*/
function respond()
{
    $payment = get_payment_info('alipay');
    $partner = trim($payment['partnerid']);
    $key = trim($payment['ytauthkey']);
    $sign_type = "MD5";
    $_input_charset = "GBK";
    $transport = "http";
    $alipay = new alipay_notify($partner, $key, $sign_type, $_input_charset, $transport);
    $verify_result = $alipay->return_verify();
    if ($verify_result) {
        //验证成功
        $dingdan = $_GET['out_trade_no'];
        //获取订单号
        $total_fee = $_GET['total_fee'];
        //获取总价格
        return order_paid($dingdan);
    } else {
        return false;
    }
}
Exemple #3
0
 /**
  * 响应操作
  */
 function respond()
 {
     if (!empty($_POST)) {
         foreach ($_POST as $key => $data) {
             $_GET[$key] = $data;
         }
     }
     $payment = get_payment($_GET['code']);
     $seller_email = rawurldecode($_GET['seller_email']);
     $order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);
     $order_sn = trim($order_sn);
     /* 检查支付的金额是否相符 */
     if (!check_money($order_sn, $_GET['total_fee'])) {
         return false;
     }
     /* 检查数字签名是否正确 */
     ksort($_GET);
     reset($_GET);
     $sign = '';
     foreach ($_GET as $key => $val) {
         if ($key != 'sign' && $key != "n" && $key !== "h" && $key != "at" && $key != 'sign_type' && $key != 'code') {
             $sign .= "{$key}={$val}&";
         }
     }
     $sign = substr($sign, 0, -1) . $payment['alipay_key'];
     //$sign = substr($sign, 0, -1) . ALIPAY_AUTH;
     if (md5($sign) != $_GET['sign']) {
         return false;
     }
     if ($_GET['trade_status'] == 'TRADE_FINISHED') {
         // echo $order_sn;
         // exit;
         /* 改变订单状态 */
         return order_paid($order_sn);
         // true;
     } else {
         return false;
     }
 }
Exemple #4
0
 /**
  * 响应操作
  */
 function respond()
 {
     if (!empty($_POST)) {
         foreach ($_POST as $key => $data) {
             $_GET[$key] = $data;
         }
     }
     $payment = 'alipaywap';
     $order_sn = trim($_GET['out_trade_no']);
     $sql = 'SELECT * FROM ' . $GLOBALS['ecs']->table('order_info') . " WHERE order_sn = '{$order_sn}'";
     $order = $GLOBALS['db']->getRow($sql);
     $order_id = $order['order_id'];
     $sql = 'SELECT * FROM ' . $GLOBALS['ecs']->table('pay_log') . " WHERE order_id = '{$order_id}'";
     $pay_log = $GLOBALS['db']->getRow($sql);
     $log_id = $pay_log['log_id'];
     if ($_GET['result'] == 'success') {
         /* 改变订单状态 */
         order_paid($log_id, 2);
         return true;
     } else {
         return false;
     }
 }
Exemple #5
0
/**
 * 响应操作
*/
function respond()
{
    $payment = get_payment_info('tenpay');
    $key = $payment['ytauthkey'];
    /* 创建支付应答对象 */
    $resHandler = new PayResponseHandler();
    $resHandler->setKey($key);
    if ($resHandler->isTenpaySign()) {
        //商户单号
        $sp_billno = $resHandler->getParameter("sp_billno");
        //财付通交易单号
        $transaction_id = $resHandler->getParameter("transaction_id");
        //金额,以分为单位
        $total_fee = $resHandler->getParameter("total_fee");
        $pay_result = $resHandler->getParameter("pay_result");
        if ("0" == $pay_result) {
            return order_paid($sp_billno);
        } else {
            return false;
        }
    } else {
        return false;
    }
}
Exemple #6
0
 /**
  * 响应操作
  */
 function respond()
 {
     if (!empty($_POST)) {
         foreach ($_POST as $key => $data) {
             $_GET[$key] = $data;
         }
     }
     $payment = get_payment("alipay");
     $payment = unserialize_config($payment['pay_config']);
     $alipay_config = array();
     $alipay_config['partner'] = $payment['alipay_partner'];
     //安全检验码,以数字和字母组成的32位字符
     //如果签名方式设置为“MD5”时,请设置该参数
     $alipay_config['key'] = $payment['alipay_key'];
     //商户的私钥(后缀是.pen)文件相对路径
     //如果签名方式设置为“0001”时,请设置该参数
     $alipay_config['private_key_path'] = '';
     //$alipay_config['private_key_path']	= 'key/rsa_private_key.pem';
     //支付宝公钥(后缀是.pen)文件相对路径
     //如果签名方式设置为“0001”时,请设置该参数
     $alipay_config['ali_public_key_path'] = '';
     //$alipay_config['ali_public_key_path']= 'key/alipay_public_key.pem';
     //签名方式 不需修改
     $alipay_config['sign_type'] = 'MD5';
     //字符编码格式 目前支持 gbk 或 utf-8
     $alipay_config['input_charset'] = 'utf-8';
     //$alipay_config['cacert']    = ROOT_PATH .'mobile/includes/modules/cacert.pem';
     $alipay_config['cacert'] = '';
     //ca证书路径地址,用于curl中ssl校验
     //请保证cacert.pem文件在当前文件夹目录中
     //$alipay_config['cacert']    = getcwd().'\\cacert.pem';
     //访问模式,根据自己的服务器是否支持ssl访问,若支持请选择https;若不支持请选择http
     $alipay_config['transport'] = 'http';
     require_once ROOT_PATH . "includes/modules/lib/alipay_notify.class.php";
     $alipayNotify = new AlipayNotify($alipay_config);
     $verify_result = $alipayNotify->verifyReturn();
     if ($verify_result) {
         $out_trade_no = trim($_GET['out_trade_no']);
         $order_sn = trim(substr($out_trade_no, 0, 13));
         $log_id = get_order_id_by_sn($order_sn);
         order_paid($log_id);
         //$sql = "SELECT l.`log_id` FROM " . $GLOBALS['hhs']->table('order_info')." as info LEFT JOIN ". $GLOBALS['hhs']->table('pay_log') ." as l  ON l.order_id=info.order_id        WHERE info.order_sn = '$order_sn'";
         //$order_log_id = $GLOBALS['db']->getOne($sql);
         return true;
     } else {
         return false;
     }
 }
Exemple #7
0
 /**
  * 响应操作
  */
 function respond()
 {
     $payment = get_payment(basename(__FILE__, '.php'));
     $merchant_acctid = $payment['shenzhou_account'];
     //收款帐号 不可空
     $key = $payment['shenzhou_key'];
     $get_merchant_acctid = trim($_REQUEST['merchantAcctId']);
     //接收的收款帐号
     $pay_result = trim($_REQUEST['payResult']);
     $version = trim($_REQUEST['version']);
     $language = trim($_REQUEST['language']);
     $sign_type = trim($_REQUEST['signType']);
     $pay_type = trim($_REQUEST['payType']);
     //20代表神州行卡密直接支付;22代表快钱账户神州行余额支付
     $card_umber = trim($_REQUEST['cardNumber']);
     $card_pwd = trim($_REQUEST['cardPwd']);
     $order_id = trim($_REQUEST['orderId']);
     //订单号
     $order_time = trim($_REQUEST['orderTime']);
     $order_amount = trim($_REQUEST['orderAmount']);
     $deal_id = trim($_REQUEST['dealId']);
     //获取该交易在快钱的交易号
     $ext1 = trim($_REQUEST['ext1']);
     $ext2 = trim($_REQUEST['ext2']);
     $pay_amount = trim($_REQUEST['payAmount']);
     //获取实际支付金额
     $bill_order_time = trim($_REQUEST['billOrderTime']);
     $pay_result = trim($_REQUEST['payResult']);
     //10代表支付成功; 11代表支付失败
     $sign_type = trim($_REQUEST['signType']);
     $sign_msg = trim($_REQUEST['signMsg']);
     //生成加密串。必须保持如下顺序。
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "merchantAcctId", $merchant_acctid);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "version", $version);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "language", $language);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "payType", $pay_type);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "cardNumber", $card_number);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "cardPwd", $card_pwd);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "orderId", $order_id);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "orderAmount", $order_amount);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "dealId", $deal_id);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "orderTime", $order_time);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "ext1", $ext1);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "ext2", $ext2);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "payAmount", $pay_amount);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "billOrderTime", $bill_order_time);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "payResult", $pay_result);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "signType", $sign_type);
     $merchant_signmsgval = $this->append_param($merchant_signmsgval, "key", $key);
     $merchant_signmsg = md5($merchant_signmsgval);
     //首先对获得的商户号进行比对
     if ($get_merchant_acctid != $merchant_acctid) {
         //'商户号错误';
         return false;
     }
     if (strtoupper($sign_msg) == strtoupper($merchant_signmsg)) {
         if ($pay_result == 10) {
             order_paid($ext1);
             return true;
         } elseif ($pay_result == 11 && $pay_amount > 0) {
             $sql = "SELECT order_amount FROM " . $GLOBALS['ecs']->table('order_info') . "WHERE order_id = '{$order_id}'";
             $get_order_amount = $GLOBALS['db']->getOne($sql);
             if ($get_order_amount == $pay_amount && $get_order_amount == $order_amount) {
                 order_paid($ext1);
                 return true;
             } elseif ($get_order_amount == $order_amount && $pay_amount > 0) {
                 $surplus_amount = $get_order_amount - $pay_amount;
                 //计算订单剩余金额
                 $sql = 'UPDATE' . $GLOBALS['ecs']->table('order_info') . "SET `money_paid` = (money_paid  + '{$pay_amount}')," . " order_amount = (order_amount - '{$pay_amount}') WHERE order_id = '{$order_id}'";
                 $result = $GLOBALS['db']->query($sql);
                 $sql = 'UPDATE' . $GLOBALS['ecs']->table('order_info') . "SET `order_status` ='" . OS_CONFIRMED . "' WHERE order_id = '{$orderId}'";
                 $result = $GLOBALS['db']->query($sql);
                 //order_paid($orderId, PS_UNPAYED);
                 //'订单金额小于0';
                 return false;
             } else {
                 //'订单金额不相等';
                 return false;
             }
         } else {
             //'实际支付金额不能小于0';
             return false;
         }
     } else {
         //'签名校对错误';
         return false;
     }
 }
Exemple #8
0
    function respond()
    {
        $payment       = get_payment($_GET['code']);
        $billno        = $_GET['billno'];
        $amount        = $_GET['amount'];
        $mydate        = $_GET['date'];
        $succ          = $_GET['succ'];
        $msg           = $_GET['msg'];
        $ipsbillno     = $_GET['ipsbillno'];
        $retEncodeType = $_GET['retencodetype'];
        $currency_type = $_GET['Currency_type'];
        $signature     = $_GET['signature'];
        $order_sn      = intval(substr($billno, 0, 10));

        if ($succ == 'Y')
        {
            $content = $billno . $amount . $mydate . $succ . $ipsbillno . $currency_type;
            $cert = $payment['ips_key'];
            $signature_1ocal = md5($content . $cert);

            if ($signature_1ocal == $signature)
            {
                if (!check_money($order_sn, $amount))
                {
                   return false;
                }
                order_paid($order_sn);

                return true;
            }
            else
            {
                return false;
            }
        }
        else
        {
            return false;
        }
    }
Exemple #9
0
 /**
  * 接受通知处理订单。
  * @param undefined $log_id
  * 20141125
  */
 function respond()
 {
     $notify = new Notify_pub();
     //存储微信的回调
     $xml = $GLOBALS['HTTP_RAW_POST_DATA'];
     $notify->saveData($xml);
     if ($notify->checkSign() == FALSE) {
         $notify->setReturnParameter("return_code", "FAIL");
         //返回状态码
         $notify->setReturnParameter("return_msg", "签名失败");
         //返回信息
     } else {
         $notify->setReturnParameter("return_code", "SUCCESS");
         //设置返回码
     }
     $returnXml = $notify->returnXml();
     echo $returnXml;
     $log_ = new Log_();
     $log_name = ROOT_PATH . "wxpay/demo/notify_url.log";
     //log文件路径
     if ($notify->checkSign() == TRUE) {
         if ($notify->data["return_code"] == "FAIL") {
             //此处应该更新一下订单状态,商户自行增删操作
             $log_->log_result($log_name, "【通信出错】:\n" . $xml . "\n");
         } elseif ($notify->data["result_code"] == "FAIL") {
             //此处应该更新一下订单状态,商户自行增删操作
             $log_->log_result($log_name, "【业务出错】:\n" . $xml . "\n");
         } else {
             $order = $notify->getData();
             $log_id = $order["out_trade_no"];
             order_paid($log_id);
             //$wxpay = new wxpay();
             //$wxpay->respond($order["out_trade_no"]);
             //此处应该更新一下订单状态,商户自行增删操作
             $log_->log_result($log_name, "【支付成功】:\n" . $order["out_trade_no"] . "\n");
         }
     }
 }
Exemple #10
0
 /**
  * 处理函数
  */
 function respond()
 {
     if ($_REQUEST['succ'] == '1') {
         $_REQUEST['c_succmark'] = 'Y';
     }
     if ($_REQUEST['succ'] == '0') {
         $_REQUEST['c_succmark'] = 'N';
     }
     //echo 'OK';
     //exit;
     $payment = get_payment('ecbank_webatm');
     //驗證碼
     $checkcode = trim($payment['ecbank_webatm_checkcode']);
     // 組合字串
     $serial = trim($_REQUEST['proc_date'] . $_REQUEST['proc_time'] . $_REQUEST['tsr']);
     // 回傳的交易驗證壓碼
     $tac = trim($_REQUEST['tac']);
     $c_order = trim($_REQUEST['od_sob']);
     $c_orderamount = $_REQUEST['amt'];
     $ecbank_gateway = 'https://ecbank.com.tw/web_service/get_outmac_valid.php';
     $post_parm = 'key=' . $checkcode . '&serial=' . $serial . '&tac=' . $tac;
     $ch = curl_init();
     curl_setopt($ch, CURLOPT_URL, $ecbank_gateway);
     curl_setopt($ch, CURLOPT_VERBOSE, 1);
     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
     curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     curl_setopt($ch, CURLOPT_POST, 1);
     curl_setopt($ch, CURLOPT_POSTFIELDS, $post_parm);
     $strAuth = curl_exec($ch);
     if (curl_errno($ch)) {
         $strAuth = false;
     }
     curl_close($ch);
     if (check_money($c_order, $c_orderamount)) {
         $checkAmount = "1";
     }
     //print_r($strAuth); echo "<hr>";
     //echo "here:".$tac_valid;	exit;
     if ($strAuth == 'valid=1') {
         if ($_REQUEST['succ'] == '1' && $checkAmount == "1") {
             //$sql = 'UPDATE ' . $GLOBALS['ecs']->table('pay_log') . " SET is_paid = '0' WHERE log_id = '$c_order'";
             //$GLOBALS['db']->query($sql);
             if ($_REQUEST['inv_error'] == "0") {
                 $note .= ',發票開立成功。';
             } else {
                 if ($_REQUEST['inv_error'] == "") {
                     $note .= ',未開立發票。';
                 } else {
                     $note .= ',發票錯誤代碼' . $_REQUEST['inv_error'];
                 }
             }
             order_paid($c_order, PS_PAYED, $note);
             return true;
         }
     } else {
         //print_r($_REQUEST);
         $def_url = '不合法的交易';
         return $def_url;
         //echo '不合法的交易:'.$strAut;
         return false;
         exit;
     }
 }
Exemple #11
0
 /**
  * 处理函数
  */
 function respond()
 {
     //exit;
     $payment = get_payment('allpay_card24');
     $timestamp = time();
     $key = trim($payment['allpay_card24_key']);
     $iv = trim($payment['allpay_card24_iv']);
     $order_id = $_REQUEST['MerchantTradeNo'];
     $log_id = $_REQUEST['log_id'];
     $mer_id = $_REQUEST['MerchantID'];
     $input_array = array("MerchantID" => $mer_id, "MerchantTradeNo" => $order_id, "TimeStamp" => $timestamp);
     ksort($input_array);
     $checkvalue = "HashKey={$key}&" . urldecode(http_build_query($input_array)) . "&HashIV={$iv}";
     $checkvalue = strtolower(urlencode($checkvalue));
     $checkvalue = md5($checkvalue);
     $input_array["CheckMacValue"] = $checkvalue;
     $sned_string = http_build_query($input_array);
     $gateway = "https://payment.allpay.com.tw/Cashier/QueryTradeInfo";
     //$gateway = "http://payment-stage.allpay.com.tw/Cashier/QueryTradeInfo";
     $result = $this->get_result($gateway, $sned_string);
     if (check_money($log_id, $_REQUEST['TradeAmt'])) {
         $checkAmount = "1";
     }
     parse_str($result, $res);
     //echo $_REQUEST['RtnCode'] . "||" . $checkAmount . "||" . $res["TradeStatus"] . "||" . $res["TradeAmt"] . "||" . $_REQUEST['TradeAmt'] . "||";
     if ($_REQUEST['RtnCode'] == '1' && $checkAmount == '1' && $res["TradeStatus"] == "1" && $res["TradeAmt"] == $_REQUEST['TradeAmt']) {
         $note = "付款完成" . date("Y-m-d H:i:s");
         order_paid($log_id, PS_PAYED, $note);
         return true;
     } else {
         return false;
     }
 }
 public function do_incharge()
 {
     $order_id = intval($_REQUEST['order_id']);
     $payment_id = intval($_REQUEST['payment_id']);
     $payment_info = M("Payment")->getById($payment_id);
     $memo = $_REQUEST['memo'];
     $order_info = M("DealOrder")->where("id=" . $order_id . " and is_delete = 0 and type = 0")->find();
     if (!$order_info) {
         $this->error(l("INVALID_ORDER"));
     }
     if ($order_info['region_lv4'] > 0) {
         $region_id = $order_info['region_lv4'];
     } elseif ($order_info['region_lv3'] > 0) {
         $region_id = $order_info['region_lv3'];
     } elseif ($order_info['region_lv2'] > 0) {
         $region_id = $order_info['region_lv2'];
     } else {
         $region_id = $order_info['region_lv1'];
     }
     $delivery_id = $order_info['delivery_id'];
     $payment_id = intval($_REQUEST['payment_id']);
     $goods_list = $GLOBALS['db']->getAll("select * from " . DB_PREFIX . "deal_order_item where order_id = " . $order_id);
     $GLOBALS['user_info']['id'] = $order_info['user_id'];
     require_once APP_ROOT_PATH . "system/model/cart.php";
     $result = count_buy_total($region_id, $delivery_id, $payment_id, $account_money = 0, $all_account_money = 0, $ecvsn, $ecvpassword, $goods_list, $order_info['account_money'], $order_info['ecv_money'], $order_info['bank_id']);
     $user_money = M("User")->where("id=" . $order_info['user_id'])->getField("money");
     //$pay_amount = $order_info['deal_total_price']+ $order_info['delivery_fee']-$order_info['account_money']-$order_info['ecv_money']+$payment_info['fee_amount'];
     $pay_amount = $result['pay_price'];
     if ($payment_info['class_name'] == 'Account' && $user_money < $pay_amount) {
         $this->error(l("ACCOUNT_NOT_ENOUGH"));
     }
     $notice_id = make_payment_notice($pay_amount, $order_id, $payment_id, $memo);
     $order_info['total_price'] = $result['pay_total_price'];
     $order_info['payment_fee'] = $result['payment_fee'];
     $order_info['delivery_fee'] = $result['delivery_fee'];
     $order_info['discount_price'] = $result['user_discount'];
     $order_info['payment_id'] = $payment_info['id'];
     $order_info['update_time'] = NOW_TIME;
     M("DealOrder")->save($order_info);
     $payment_notice = M("PaymentNotice")->getById($notice_id);
     $rs = payment_paid($payment_notice['id']);
     if ($rs && $payment_info['class_name'] == 'Account') {
         //余额支付
         require_once APP_ROOT_PATH . "system/payment/Account_payment.php";
         require_once APP_ROOT_PATH . "system/model/user.php";
         $msg = sprintf($payment_lang['USER_ORDER_PAID'], $order_info['order_sn'], $payment_notice['notice_sn']);
         modify_account(array('money' => "-" . $payment_notice['money'], 'score' => 0), $payment_notice['user_id'], $msg);
     }
     if ($rs) {
         order_paid($order_id);
         $msg = sprintf(l("MAKE_PAYMENT_NOTICE_LOG"), $order_info['order_sn'], $payment_notice['notice_sn']);
         save_log($msg, 1);
         order_log($msg . $_REQUEST['memo'], $order_id);
         $this->assign("jumpUrl", U("DealOrder/view_order", array("id" => $order_id)));
         $this->success(l("ORDER_INCHARGE_SUCCESS"));
     } else {
         $this->assign("jumpUrl", U("DealOrder/view_order", array("id" => $order_id)));
         $this->success(l("ORDER_INCHARGE_FAILED"));
     }
 }
Exemple #13
0
 /**
  * 响应操作
  */
 function respond()
 {
     $payment = get_payment(basename(__FILE__, '.php'));
     $v_tempdate = explode('-', $_REQUEST['v_oid']);
     //接受返回数据验证开始
     //v_md5info验证
     $md5info_paramet = $_REQUEST['v_oid'] . $_REQUEST['v_pstatus'] . $_REQUEST['v_pstring'] . $_REQUEST['v_pmode'];
     $md5info_tem = $this->hmac_md5($payment['cappay_key'], $md5info_paramet);
     //v_md5money验证
     $md5money_paramet = $_REQUEST['v_amount'] . $_REQUEST['v_moneytype'];
     $md5money_tem = $this->hmac_md5($payment['cappay_key'], $md5money_paramet);
     if ($md5info_tem == $_REQUEST['v_md5info'] && $md5money_tem == $_REQUEST['v_md5money']) {
         //改变订单状态
         order_paid($v_tempdate[2]);
         return true;
     } else {
         return false;
     }
 }
Exemple #14
0
 /**
  * 响应操作
  */
 function respond()
 {
     $payment = get_payment('upop');
     $arr_args = array();
     $arr_reserved = array();
     if (is_array($_POST)) {
         $arr_args = $_POST;
         $cupReserved = isset($arr_args['cupReserved']) ? $arr_args['cupReserved'] : '';
         parse_str(substr($cupReserved, 1, -1), $arr_reserved);
         //去掉前后的{}
     } else {
         $cupReserved = '';
         $pattern = '/cupReserved=(\\{.*?\\})/';
         if (preg_match($pattern, $_POST, $match)) {
             //先提取cupReserved
             $cupReserved = $match[1];
         }
         //将cupReserved的value清除(因为含有&, parse_str没法正常处理)
         $args_r = preg_replace($pattern, 'cupReserved=', $_POST);
         parse_str($args_r, $arr_args);
         $arr_args['cupReserved'] = $cupReserved;
         parse_str(substr($cupReserved, 1, -1), $arr_reserved);
         //去掉前后的{}
     }
     //提取服务器端的签名
     if (!isset($arr_args['signature'])) {
         return false;
     }
     //验证签名
     $signature = $this->sign($arr_args, $payment['upop_security_key'], 'md5');
     if ($signature != $arr_args['signature']) {
         return false;
     }
     $arr_ret = array_merge($arr_args, $arr_reserved);
     unset($arr_ret['cupReserved']);
     if ($arr_ret['respCode'] != '00') {
         return false;
     }
     if (!strpos($arr_ret['orderNumber'], '-')) {
         return false;
     }
     $order_sn_arr = explode('-', $arr_ret['orderNumber']);
     $order_sn = $order_sn_arr['0'];
     $pay_id = intval($order_sn_arr['1']);
     $payment_amount = intval($arr_ret['settleAmount']);
     // 检查商户账号是否一致。
     if ($payment['upop_account'] != $arr_ret['merId']) {
         return false;
     }
     // 检查价格是否一致
     if (!check_money($pay_id, $payment_amount / 100)) {
         return false;
     }
     // 如果未支付成功。
     if ($arr_ret['respCode'] != '00') {
         return false;
     }
     $action_note = $arr_ret['respCode'] . ':' . $arr_ret['respMsg'] . $GLOBALS['_LANG']['upop_txn_id'] . ':' . $arr_ret['qid'];
     // 完成订单。
     order_paid($pay_id, PS_PAYED, $action_note);
     //告诉用户交易完成
     return true;
 }
 /**
  * 處理函數
  */
 function respond()
 {
     $arPayment = get_payment('ecshop_ecpay_barcode');
     $isTestMode = $arPayment['ecshop_ecpay_barcode_test_mode'] == 'Yes';
     $arFeedback = null;
     $arQueryFeedback = null;
     $szLogID = $_GET['log_id'];
     $szOrderID = $_GET['order_id'];
     //$isPaymentInfo = ($_GET['pi'] == 'true');
     $this->HashKey = trim($arPayment['ecshop_ecpay_barcode_key']);
     $this->HashIV = trim($arPayment['ecshop_ecpay_barcode_iv']);
     try {
         // 取得回傳的付款結果。
         $arFeedback = $this->CheckOutFeedback();
         if (sizeof($arFeedback) > 0) {
             // 查詢付款結果資料。
             $this->ServiceURL = $isTestMode ? "https://payment-stage.ecpay.com.tw/Cashier/QueryTradeInfo/v2" : "https://payment.ecpay.com.tw/Cashier/QueryTradeInfo/V2";
             $this->MerchantID = trim($arPayment['ecshop_ecpay_barcode_account']);
             $this->Query['MerchantTradeNo'] = $arFeedback['MerchantTradeNo'];
             $arQueryFeedback = $this->QueryTradeInfo();
             if (sizeof($arQueryFeedback) > 0) {
                 $arOrder = order_info($szOrderID);
                 // 檢查支付金額與訂單是否相符。
                 if (round($arOrder['order_amount']) == $arFeedback['TradeAmt'] && $arQueryFeedback['TradeAmt'] == $arFeedback['TradeAmt']) {
                     $szCheckAmount = '1';
                 }
                 // 確認產生條碼。
                 if ($arFeedback['RtnCode'] == '10100073' && $szCheckAmount == '1' && $arQueryFeedback["TradeStatus"] == '0') {
                     $szPaymentType = $arFeedback['PaymentType'];
                     $szTradeDate = $arFeedback['TradeDate'];
                     $szBankCode = $arFeedback['PaymentNo'];
                     $szExpireDate = $arFeedback['ExpireDate'];
                     $szBarcode1 = $arFeedback['Barcode1'];
                     $szBarcode2 = $arFeedback['Barcode2'];
                     $szBarcode3 = $arFeedback['Barcode3'];
                     $szNote = sprintf($GLOBALS['_LANG']['text_paying'], date("Y-m-d H:i:s"), $szPaymentType, $szTradeDate, $szBankCode, $szExpireDate, $szBarcode1, $szBarcode2, $szBarcode3);
                     order_paid($szLogID, PS_PAYING, $szNote);
                     /* 修改此次交易狀態為未付款 */
                     $sql = 'UPDATE ' . $GLOBALS['ecs']->table('pay_log') . " SET is_paid = '0' WHERE log_id = '{$szLogID}'";
                     $GLOBALS['db']->query($sql);
                     ob_get_clean();
                     print '1|OK';
                     exit;
                 }
                 // 確認付款結果。
                 if ($arFeedback['RtnCode'] == '1' && $szCheckAmount == '1' && $arQueryFeedback["TradeStatus"] == '1') {
                     $szNote = $GLOBALS['_LANG']['text_paid'] . date("Y-m-d H:i:s");
                     order_paid($szLogID, PS_PAYED, $szNote);
                     if ($_GET['background']) {
                         echo '1|OK';
                         exit;
                     } else {
                         return true;
                     }
                 } else {
                     if ($_GET['background']) {
                         echo !$szCheckAmount ? '0|訂單金額不符。' : $arFeedback['RtnMsg'];
                         exit;
                     } else {
                         return false;
                     }
                 }
             } else {
                 throw new Exception('ECPay 查無訂單資料。');
             }
         }
     } catch (Exception $ex) {
         /* 例外處理 */
     }
     return false;
 }
Exemple #16
0
 /**
  * 處理函數
  */
 function respond()
 {
     $arPayment = get_payment('ecshop_allpay_card');
     $isTestMode = $arPayment['ecshop_allpay_card_test_mode'] == 'Yes';
     $arFeedback = null;
     $arQueryFeedback = null;
     $szLogID = $_GET['log_id'];
     $szOrderID = $_GET['order_id'];
     $this->HashKey = trim($arPayment['ecshop_allpay_card_key']);
     $this->HashIV = trim($arPayment['ecshop_allpay_card_iv']);
     try {
         // 取得回傳的付款結果。
         $arFeedback = $this->CheckOutFeedback();
         if (sizeof($arFeedback) > 0) {
             // 查詢付款結果資料。
             $this->ServiceURL = $isTestMode ? "https://payment-stage.allpay.com.tw/Cashier/QueryTradeInfo/v2" : "https://payment.allpay.com.tw/Cashier/QueryTradeInfo/V2";
             $this->MerchantID = trim($arPayment['ecshop_allpay_card_account']);
             $this->Query['MerchantTradeNo'] = $arFeedback['MerchantTradeNo'];
             $arQueryFeedback = $this->QueryTradeInfo();
             if (sizeof($arQueryFeedback) > 0) {
                 $arOrder = order_info($szOrderID);
                 // 檢查支付金額與訂單是否相符。
                 if (round($arOrder['order_amount']) == $arFeedback['TradeAmt'] && $arQueryFeedback['TradeAmt'] == $arFeedback['TradeAmt']) {
                     $szCheckAmount = '1';
                 }
                 // 確認付款結果。
                 if ($arFeedback['RtnCode'] == '1' && $szCheckAmount == '1' && $arQueryFeedback["TradeStatus"] == '1') {
                     $szNote = $GLOBALS['_LANG']['text_paid'] . date("Y-m-d H:i:s");
                     order_paid($szLogID, PS_PAYED, $szNote);
                     if ($_GET['background']) {
                         echo '1|OK';
                         exit;
                     } else {
                         return true;
                     }
                 } else {
                     if ($_GET['background']) {
                         echo !$szCheckAmount ? '0|訂單金額不符。' : $arFeedback['RtnMsg'];
                         exit;
                     } else {
                         return false;
                     }
                 }
             } else {
                 throw new Exception('AllPay 查無訂單資料。');
             }
         }
     } catch (Exception $ex) {
         /* 例外處理 */
     }
     return false;
 }
 public function notify($request)
 {
     $return_res = array('info' => '', 'status' => false);
     $payment = $GLOBALS['db']->getRow("select id,config from " . DB_PREFIX . "payment where class_name='AlipayBank'");
     $payment['config'] = unserialize($payment['config']);
     /* 检查数字签名是否正确 */
     ksort($request);
     reset($request);
     foreach ($request as $key => $val) {
         if ($key != 'sign' && $key != 'sign_type' && $key != 'code' && $key != 'class_name' && $key != 'act' && $key != 'ctl' && $key != 'city') {
             $sign .= "{$key}={$val}&";
         }
     }
     $sign = substr($sign, 0, -1) . $payment['config']['alipay_key'];
     if (md5($sign) != $request['sign']) {
         echo '0';
     }
     $payment_notice_sn = $request['out_trade_no'];
     $money = $request['total_fee'];
     $outer_notice_sn = $request['trade_no'];
     if ($request['trade_status'] == 'TRADE_SUCCESS' || $request['trade_status'] == 'TRADE_FINISHED' || $request['trade_status'] == 'WAIT_SELLER_SEND_GOODS' || $request['trade_status'] == 'WAIT_BUYER_CONFIRM_GOODS') {
         $payment_notice = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment_notice where notice_sn = '" . $payment_notice_sn . "'");
         $order_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_order where id = " . $payment_notice['order_id']);
         require_once APP_ROOT_PATH . "system/libs/cart.php";
         $rs = payment_paid($payment_notice['id'], $outer_notice_sn);
         if ($rs) {
             //$GLOBALS['db']->query("update ".DB_PREFIX."payment_notice set outer_notice_sn = '".$outer_notice_sn."' where id = ".$payment_notice['id']);
             order_paid($payment_notice['order_id']);
             $this->auto_do_send_goods($payment_notice, $order_info);
             echo '1';
         } else {
             $this->auto_do_send_goods($payment_notice, $order_info);
             echo '0';
         }
     } else {
         echo '0';
     }
 }
Exemple #18
0
} elseif ($act == 'order_notes_save') {
    check_token();
    $link[0]['text'] = "返回列表";
    $link[0]['href'] = $_POST['url'];
    !$db->query("UPDATE " . table('order') . " SET  notes='" . $_POST['notes'] . "' WHERE id='" . intval($_GET['id']) . "'") ? adminmsg('操作失败', 1) : adminmsg("操作成功!", 2, $link);
} elseif ($act == 'order_set') {
    get_token();
    check_permissions($_SESSION['admin_purview'], "ord_set");
    $smarty->assign('pageheader', "订单管理");
    $smarty->assign('url', $_SERVER["HTTP_REFERER"]);
    $smarty->assign('payment', get_order_one($_GET['id']));
    $smarty->display('company/admin_order_set.htm');
} elseif ($act == 'order_set_save') {
    check_token();
    check_permissions($_SESSION['admin_purview'], "ord_set");
    if (order_paid(trim($_POST['oid']))) {
        $link[0]['text'] = "返回列表";
        $link[0]['href'] = $_POST['url'];
        !$db->query("UPDATE " . table('order') . " SET notes='" . $_POST['notes'] . "' WHERE id=" . intval($_GET['id']) . "  LIMIT 1 ") ? adminmsg('操作失败', 1) : adminmsg("操作成功!", 2, $link);
    } else {
        adminmsg('操作失败', 1);
    }
} elseif ($act == 'order_del') {
    check_token();
    check_permissions($_SESSION['admin_purview'], "ord_del");
    $id = !empty($_REQUEST['id']) ? $_REQUEST['id'] : adminmsg("你没有选择项目!", 1);
    if (del_order($id)) {
        adminmsg("取消成功!", 2, $link);
    } else {
        adminmsg("取消失败!", 1);
    }
Exemple #19
0
 /**
  * 响应操作
  $_REQUEST["Priv1"] 为 log_id
  */
 function respond()
 {
     $payment  = get_payment($_GET['code']);
     $merid=$this->config($payment);
     $flag = buildKey(PUB_KEY);
     //获取交易应答的各项值
     $merid = $_REQUEST["merid"];
     $orderno = $_REQUEST["orderno"];
     $transdate = $_REQUEST["transdate"];
     $amount = $_REQUEST["amount"];
     $currencycode = $_REQUEST["currencycode"];
     $transtype = $_REQUEST["transtype"];
     $status = $_REQUEST["status"];
     $checkvalue = $_REQUEST["checkvalue"];
     $gateId = $_REQUEST["GateId"];
     $priv1 = $_REQUEST["Priv1"];
     $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue);
     if( flag && $status == '1001')
     {
         // 检查价格是否一致
         if (!check_money($priv1, $amount/100))
         {
            return false;
         }
         order_paid($priv1, 2);
         return true;
     }
     else
     {
         return false;
     }
 }
Exemple #20
0
    /**
     * 响应操作
     */
    function respond()
    {
        $payment        = get_payment('paypal');
        $merchant_id    = $payment['paypal_account'];               ///获取商户编号

        // read the post from PayPal system and add 'cmd'
        $req = 'cmd=_notify-validate';
        foreach ($_POST as $key => $value)
        {
            $value = urlencode(stripslashes($value));
            $req .= "&$key=$value";
        }

        // post back to PayPal system to validate
        $header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: " . strlen($req) ."\r\n\r\n";
        $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);

        // assign posted variables to local variables
        $item_name = $_POST['item_name'];
        $item_number = $_POST['item_number'];
        $payment_status = $_POST['payment_status'];
        $payment_amount = $_POST['mc_gross'];
        $payment_currency = $_POST['mc_currency'];
        $txn_id = $_POST['txn_id'];
        $receiver_email = $_POST['receiver_email'];
        $payer_email = $_POST['payer_email'];
        $order_sn = $_POST['invoice'];
        $memo = !empty($_POST['memo']) ? $_POST['memo'] : '';
        $action_note = $txn_id . '(' . $GLOBALS['_LANG']['paypal_txn_id'] . ')' . $memo;

        if (!$fp)
        {
            fclose($fp);

            return false;
        }
        else
        {
            fputs($fp, $header . $req);
            while (!feof($fp))
            {
                $res = fgets($fp, 1024);
                if (strcmp($res, 'VERIFIED') == 0)
                {
                    // check the payment_status is Completed
                    if ($payment_status != 'Completed' && $payment_status != 'Pending')
                    {
                        fclose($fp);

                        return false;
                    }

                    // check that txn_id has not been previously processed
                    /*$sql = "SELECT COUNT(*) FROM " . $GLOBALS['ecs']->table('order_action') . " WHERE action_note LIKE '" . mysql_like_quote($txn_id) . "%'";
                    if ($GLOBALS['db']->getOne($sql) > 0)
                    {
                        fclose($fp);

                        return false;
                    }*/

                    // check that receiver_email is your Primary PayPal email
                    if ($receiver_email != $merchant_id)
                    {
                        fclose($fp);

                        return false;
                    }

                    // check that payment_amount/payment_currency are correct
                    $sql = "SELECT order_amount FROM " . $GLOBALS['ecs']->table('pay_log') . " WHERE log_id = '$order_sn'";
                    if ($GLOBALS['db']->getOne($sql) != $payment_amount)
                    {
                        fclose($fp);

                        return false;
                    }
                    if ($payment['paypal_currency'] != $payment_currency)
                    {
                        fclose($fp);

                        return false;
                    }

                    // process payment
                    order_paid($order_sn, PS_PAYED, $action_note);
                    fclose($fp);

                    return true;
                }
                elseif (strcmp($res, 'INVALID') == 0)
                {
                    // log for manual investigation
                    fclose($fp);

                    return false;
                }
            }
        }
    }
Exemple #21
0
 /**
  * 响应操作
  */
 function respond()
 {
     $payment = get_payment(basename(__FILE__, '.php'));
     $m_id = $_POST['m_id'];
     // 商家号
     $m_orderid = $_POST['m_orderid'];
     // 商家订单号
     $m_oamount = $_POST['m_oamount'];
     // 支付金额
     $m_ocurrency = $_POST['m_ocurrency'];
     // 币种
     $m_language = $_POST['m_language'];
     // 语言选择
     $s_name = $_POST['s_name'];
     // 消费者姓名
     $s_addr = $_POST['s_addr'];
     // 消费者住址
     $s_postcode = $_POST['s_postcode'];
     // 邮政编码
     $s_tel = $_POST['s_tel'];
     // 消费者联系电话
     $s_eml = $_POST['s_eml'];
     // 消费者邮件地址
     $r_name = $_POST['r_name'];
     // 消费者姓名
     $r_addr = $_POST['r_addr'];
     // 收货人住址
     $r_postcode = $_POST['r_postcode'];
     // 收货人邮政编码
     $r_tel = $_POST['r_tel'];
     // 收货人联系电话
     $r_eml = $_POST['r_eml'];
     // 收货人电子地址
     $m_ocomment = $_POST['m_ocomment'];
     // 备注
     $State = $_POST['m_status'];
     // 支付状态2成功,3失败
     $modate = $_POST['modate'];
     // 返回日期
     $order_sn = $_POST['m_orderid'];
     //接收组件的加密
     $OrderInfo = $_POST['OrderMessage'];
     // 订单加密信息
     $signMsg = $_POST['Digest'];
     // 密匙
     //接收新的md5加密认证
     $newmd5info = $_POST['newmd5info'];
     //检查签名
     $key = $payment['nps_key'];
     //<--支付密钥--> 注:此处密钥必须与商家后台里的密钥一致
     $digest = strtoupper(md5($OrderInfo . $key));
     //新的整合md5加密
     $newtext = $m_id . $m_orderid . $m_oamount . $key . $State;
     $newMd5digest = strtoupper(md5($newtext));
     if ($digest == $signMsg) {
         //解密
         //$decode = $DES->Descrypt($OrderInfo, $key);
         $OrderInfo = $this->HexToStr($OrderInfo);
         //md5密匙认证
         if ($newmd5info == $newMd5digest) {
             if ($State == 2) {
                 //改变订单状态
                 order_paid($m_orderid);
                 return true;
             } else {
                 return false;
             }
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
Exemple #22
0
    foreach ($payment as $k => $v) {
        if ($v['name'] == 'chinabank_key') {
            $key = $v['value'];
        }
    }
} else {
    die('error');
}
$v_oid = trim($_POST['v_oid']);
$v_pmode = trim($_POST['v_pmode']);
$v_pstatus = trim($_POST['v_pstatus']);
$v_pstring = trim($_POST['v_pstring']);
$v_amount = trim($_POST['v_amount']);
$v_moneytype = trim($_POST['v_moneytype']);
$remark1 = trim($_POST['remark1']);
$remark2 = trim($_POST['remark2']);
$v_md5str = trim($_POST['v_md5str']);
$md5string = strtoupper(md5($v_oid . $v_pstatus . $v_amount . $v_moneytype . $key));
if ($v_md5str == $md5string) {
    if ($v_pstatus == '20') {
        if ($remark1 == 'voucher') {
            $v_oid = get_order_id_by_sn($v_oid, 'true');
        } else {
            $v_oid = get_order_id_by_sn($v_oid);
        }
        order_paid($v_oid);
    }
    echo 'ok';
} else {
    echo 'error';
}
Exemple #23
0
 /**
  * 响应操作
  */
 function respond()
 {
     /*取返回参数*/
     $cmd_no = $_GET['cmdno'];
     $pay_result = $_GET['pay_result'];
     $pay_info = $_GET['pay_info'];
     $bill_date = $_GET['date'];
     $bargainor_id = $_GET['bargainor_id'];
     $transaction_id = $_GET['transaction_id'];
     $sp_billno = $_GET['sp_billno'];
     $total_fee = $_GET['total_fee'];
     $fee_type = $_GET['fee_type'];
     $attach = $_GET['attach'];
     $sign = $_GET['sign'];
     $payment = get_payment('tenpay');
     //$order_sn   = $bill_date . str_pad(intval($sp_billno), 5, '0', STR_PAD_LEFT);
     //$log_id = preg_replace('/0*([0-9]*)/', '\1', $sp_billno); //取得支付的log_id
     if ($attach == 'voucher') {
         $log_id = get_order_id_by_sn($sp_billno, "true");
     } else {
         $log_id = get_order_id_by_sn($sp_billno);
     }
     /* 如果pay_result大于0则表示支付失败 */
     if ($pay_result > 0) {
         return false;
     }
     /* 检查支付的金额是否相符 */
     if (!check_money($log_id, $total_fee / 100)) {
         return false;
     }
     /* 检查数字签名是否正确 */
     $sign_text = "cmdno=" . $cmd_no . "&pay_result=" . $pay_result . "&date=" . $bill_date . "&transaction_id=" . $transaction_id . "&sp_billno=" . $sp_billno . "&total_fee=" . $total_fee . "&fee_type=" . $fee_type . "&attach=" . $attach . "&key=" . $payment['tenpay_key'];
     $sign_md5 = strtoupper(md5($sign_text));
     if ($sign_md5 != $sign) {
         return false;
     } else {
         /* 改变订单状态 */
         order_paid($log_id);
         return true;
     }
 }
Exemple #24
0
    /**
     * 响应操作
     */
    function respond()
    {
        /*取返回参数*/
        $cmd_no         = $_GET['cmdno'];
        $retcode        = $_GET['retcode'];
        $status         = $_GET['status'];
        $seller         = $_GET['seller'];
        $total_fee      = $_GET['total_fee'];
        $trade_price    = $_GET['trade_price'];
        $transport_fee  = $_GET['transport_fee'];
        $buyer_id       = $_GET['buyer_id'];
        $chnid          = $_GET['chnid'];
        $cft_tid        = $_GET['cft_tid'];
        $mch_vno        = $_GET['mch_vno'];
        $attach         = !empty($_GET['attach']) ? $_GET['attach'] : '';
        $version        = $_GET['version'];
        $sign           = $_GET['sign'];

        $payment    = get_payment('tenpayc2c');
        $log_id     = get_order_id_by_sn($mch_vno);
        //$log_id = str_replace($attach, '', $mch_vno); //取得支付的log_id

        /* 如果$retcode大于0则表示支付失败 */
        if ($retcode > 0)
        {
            //echo '操作失败';
            return false;
        }

        /* 检查支付的金额是否相符 */
        if (!check_money($log_id, $total_fee / 100))
        {
            //echo '金额不相等';
            return false;
        }

        /* 检查数字签名是否正确 */
        $sign_text = "buyer_id=" . $buyer_id . "&cft_tid=" . $cft_tid . "&chnid=" . $chnid . "&cmdno=" . $cmd_no . "&mch_vno=" . $mch_vno . "&retcode=" . $retcode . "&seller=" .$seller . "&status=" . $status . "&total_fee=" . $total_fee . "&trade_price=" . $trade_price . "&transport_fee=" . $transport_fee . "&version=" . $version . "&key=" . $payment['tenpay_key'];
        $sign_md5 = strtoupper(md5($sign_text));
        if ($sign_md5 != $sign)
        {
            //echo '签名错误';
            return false;
        }
        elseif ($status = 3)
        {
            /* 改变订单状态为已付款 */
            order_paid($log_id, PS_PAYING);
            return true;
        }
        else
        {
            //为止error
            return false;
        }
    }
 /**
  * 响应操作
  */
 function respond()
 {
     $order_sn = $_REQUEST['invoice'];
     $token = urlencode($_REQUEST['token']);
     $nvpstr = "&TOKEN=" . $token;
     $resArray = $this->hash_call("GetExpressCheckoutDetails", $nvpstr);
     $_SESSION['reshash'] = $resArray;
     $ack = strtoupper($resArray["ACK"]);
     if ($ack == "SUCCESS") {
         $_SESSION['token'] = $_REQUEST['token'];
         $_SESSION['payer_id'] = $_REQUEST['PayerID'];
         $_SESSION['paymentAmount'] = $_REQUEST['paymentAmount'];
         $_SESSION['currCodeType'] = $_REQUEST['currencyCodeType'];
         $_SESSION['paymentType'] = $_REQUEST['paymentType'];
         $resArray = $_SESSION['reshash'];
         $token = urlencode($_SESSION['token']);
         $paymentAmount = urlencode($_SESSION['paymentAmount']);
         $paymentType = urlencode($_SESSION['paymentType']);
         $currCodeType = urlencode($_SESSION['currCodeType']);
         $payerID = urlencode($_SESSION['payer_id']);
         $serverName = urlencode($_SERVER['SERVER_NAME']);
         $nvpstr = '&TOKEN=' . $token . '&PAYERID=' . $payerID . '&PAYMENTACTION=' . $paymentType . '&AMT=' . $paymentAmount . '&CURRENCYCODE=' . $currCodeType . '&IPADDRESS=' . $serverName;
         $resArray = $this->hash_call("DoExpressCheckoutPayment", $nvpstr);
         $ack = strtoupper($resArray["ACK"]);
         if ($ack == "SUCCESS") {
             /* 改变订单状态 */
             order_paid($order_sn, 2);
             return true;
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
Exemple #26
0
 /**
  * 响应操作
  */
 function respond()
 {
     $payment = get_payment($_GET['code']);
     //--获取云网支付网关向商户发送的支付通知信息(以下简称为通知信息)
     $c_mid = $_REQUEST['c_mid'];
     //商户编号,在申请商户成功后即可获得,可以在申请商户成功的邮件中获取该编号
     $c_order = $_REQUEST['c_order'];
     //商户提供的订单号
     $c_orderamount = $_REQUEST['c_orderamount'];
     //商户提供的订单总金额,以元为单位,小数点后保留两位,如:13.05
     $c_ymd = $_REQUEST['c_ymd'];
     //商户传输过来的订单产生日期,格式为"yyyymmdd",如20050102
     $c_transnum = $_REQUEST['c_transnum'];
     //云网支付网关提供的该笔订单的交易流水号,供日后查询、核对使用;
     $c_succmark = $_REQUEST['c_succmark'];
     //交易成功标志,Y-成功 N-失败
     $c_moneytype = $_REQUEST['c_moneytype'];
     //支付币种,0为人民币
     $c_cause = $_REQUEST['c_cause'];
     //如果订单支付失败,则该值代表失败原因
     $c_memo1 = $_REQUEST['c_memo1'];
     //商户提供的需要在支付结果通知中转发的商户参数一
     $c_memo2 = $_REQUEST['c_memo2'];
     //商户提供的需要在支付结果通知中转发的商户参数二
     $c_signstr = $_REQUEST['c_signstr'];
     //云网支付网关对已上信息进行MD5加密后的字符串
     //--校验信息完整性---
     if ($c_mid == "" || $c_order == "" || $c_orderamount == "" || $c_ymd == "" || $c_moneytype == "" || $c_transnum == "" || $c_succmark == "" || $c_signstr == "") {
         //echo "支付信息有误!";
         return false;
     }
     //--将获得的通知信息拼成字符串,作为准备进行MD5加密的源串,需要注意的是,在拼串时,先后顺序不能改变
     //商户的支付密钥,登录商户管理后台(https://www.cncard.net/admin/),在管理首页可找到该值
     $c_pass = trim($payment['c_pass']);
     $srcStr = $c_mid . $c_order . $c_orderamount . $c_ymd . $c_transnum . $c_succmark . $c_moneytype . $c_memo1 . $c_memo2 . $c_pass;
     //--对支付通知信息进行MD5加密
     $r_signstr = md5($srcStr);
     //--校验商户网站对通知信息的MD5加密的结果和云网支付网关提供的MD5加密结果是否一致
     if ($r_signstr != $c_signstr) {
         //echo "签名验证失败";
         return false;
     }
     //验证通过后,将订单sn转换为ID 来操作ec订单表
     if ($c_memo2 == 'voucher') {
         $c_order = get_order_id_by_sn($c_order, "true");
     } else {
         $c_order = get_order_id_by_sn($c_order);
     }
     /* 检查支付的金额是否相符 */
     if (!check_money($c_order, $c_orderamount)) {
         //echo "订单金额不对";
         return false;
     }
     //--校验商户编号
     $MerchantID = trim($payment['c_mid']);
     //商户自己的编号
     if ($MerchantID != $c_mid) {
         //echo "提交的商户编号有误";
         return false;
     }
     if ($c_memo1 != abs(crc32($payment['c_memo1']))) {
         //echo "个性签名不一致";
         //return false;
     }
     //      $r_orderamount = $row["订单金额"];  //商户从自己订单系统获取该值
     //      if($r_orderamount!=$c_orderamount){
     //          echo "支付金额有误";
     //          exit;
     //      }
     //--校验商户订单系统中记录的订单生成日期和云网支付网关通知信息中的订单生成日期是否一致
     //      $r_ymd = $row["订单生成日期"];      //商户从自己订单系统获取该值
     //      if($r_ymd!=$c_ymd){
     //          echo "订单时间有误";
     //          exit;
     //      }
     //--校验返回的支付结果的格式是否正确
     if ($c_succmark != "Y" && $c_succmark != "N") {
         //echo "参数提交有误";
         return false;
     }
     //--根据返回的支付结果,商户进行自己的发货等操作
     if ($c_succmark = "Y") {
         //根据商户自己商务规则,进行发货等系列操作
         /* 改变订单状态 */
         order_paid($c_order);
         return true;
     } else {
         //echo $c_cause;
         return false;
     }
 }
Exemple #27
0
    /**
     * 响应操作
     */
    function respond()
    {
        $payment             = get_payment($_GET['code']);
        $merchant_acctid     = $payment['kq_account'];                 //人民币账号 不可空
        $key                 = $payment['kq_key'];
        $get_merchant_acctid = trim($_REQUEST['merchantAcctId']);
        $pay_result          = trim($_REQUEST['payResult']);
        $version             = trim($_REQUEST['version']);
        $language            = trim($_REQUEST['language']);
        $sign_type           = trim($_REQUEST['signType']);
        $pay_type            = trim($_REQUEST['payType']);
        $bank_id             = trim($_REQUEST['bankId']);
        $order_id            = trim($_REQUEST['orderId']);
        $order_time          = trim($_REQUEST['orderTime']);
        $order_amount        = trim($_REQUEST['orderAmount']);
        $deal_id             = trim($_REQUEST['dealId']);
        $bank_deal_id        = trim($_REQUEST['bankDealId']);
        $deal_time           = trim($_REQUEST['dealTime']);
        $pay_amount          = trim($_REQUEST['payAmount']);
        $fee                 = trim($_REQUEST['fee']);
        $ext1                = trim($_REQUEST['ext1']);
        $ext2                = trim($_REQUEST['ext2']);
        $err_code            = trim($_REQUEST['errCode']);
        $sign_msg            = trim($_REQUEST['signMsg']);

        //生成加密串。必须保持如下顺序。
        $merchant_signmsgval = '';
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"merchantAcctId",$merchant_acctid);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"version",$version);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"language",$language);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"signType",$sign_type);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"payType",$pay_type);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"bankId",$bank_id);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"orderId",$order_id);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"orderTime",$order_time);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"orderAmount",$order_amount);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"dealId",$deal_id);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"bankDealId",$bank_deal_id);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"dealTime",$deal_time);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"payAmount",$pay_amount);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"fee",$fee);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"ext1",$ext1);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"ext2",$ext2);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"payResult",$pay_result);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"errCode",$err_code);
        $merchant_signmsgval = $this->append_param($merchant_signmsgval,"key",$key);
        $merchant_signmsg    = md5($merchant_signmsgval);

        //首先对获得的商户号进行比对
        if ($get_merchant_acctid != $merchant_acctid)
        {
            //商户号错误
            return false;
        }

        if (strtoupper($sign_msg) == strtoupper($merchant_signmsg))
        {
            if ($pay_result == 10 || $pay_result == 00)
            {
                order_paid($ext1);

                return true;
            }
            else
            {
                //'支付结果失败';
                return false;
            }

        }
        else
        {
            //'密钥校对错误';
            return false;
        }
    }
Exemple #28
0
 public function response($request)
 {
     $return_res = array('info' => '', 'status' => false);
     $payment = $GLOBALS['db']->getRow("select id,config from " . DB_PREFIX . "payment where class_name='Yeepay'");
     $payment['config'] = unserialize($payment['config']);
     /* 检查数字签名是否正确 */
     $merchant_id = $payment['config']['yeepay_account'];
     // 获取商户编号
     $merchant_key = $payment['config']['yeepay_key'];
     // 获取秘钥
     $message_type = trim($request['r0_Cmd']);
     $succeed = trim($request['r1_Code']);
     // 获取交易结果,1成功,-1失败
     $trxId = trim($request['r2_TrxId']);
     //易宝的交易流水号
     $amount = trim($request['r3_Amt']);
     // 获取订单金额
     $cur = trim($request['r4_Cur']);
     // 获取订单货币单位
     $product_id = trim($request['r5_Pid']);
     // 获取产品ID
     $orderid = trim($request['r6_Order']);
     // 获取订单ID
     $userId = trim($request['r7_Uid']);
     // 获取产品ID
     $merchant_param = trim($request['r8_MP']);
     // 获取商户私有参数
     $bType = trim($request['r9_BType']);
     // 获取订单ID
     $mac = trim($request['hmac']);
     // 获取安全加密串
     ///生成加密串,注意顺序
     $ScrtStr = $merchant_id . $message_type . $succeed . $trxId . $amount . $cur . $product_id . $orderid . $userId . $merchant_param . $bType;
     $mymac = $this->HmacMd5($ScrtStr, $merchant_key);
     $payment_notice_sn = $orderid;
     $money = $amount;
     $outer_notice_sn = $trxId;
     if (strtoupper($mac) == strtoupper($mymac)) {
         if ($succeed == "1") {
             $payment_notice = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "payment_notice where notice_sn = '" . $payment_notice_sn . "'");
             $order_info = $GLOBALS['db']->getRow("select * from " . DB_PREFIX . "deal_order where id = " . $payment_notice['order_id']);
             require_once APP_ROOT_PATH . "system/libs/cart.php";
             $rs = payment_paid($payment_notice['id']);
             if ($rs) {
                 $rs = order_paid($payment_notice['order_id']);
                 if ($rs) {
                     //开始更新相应的outer_notice_sn
                     $GLOBALS['db']->query("update " . DB_PREFIX . "payment_notice set outer_notice_sn = '" . $outer_notice_sn . "' where id = " . $payment_notice['id']);
                     if ($bType == "2") {
                         echo "success";
                         exit;
                     }
                     if ($order_info['type'] == 0) {
                         app_redirect(url("index", "payment#done", array("id" => $payment_notice['order_id'])));
                     } else {
                         app_redirect(url("index", "payment#incharge_done", array("id" => $payment_notice['order_id'])));
                     }
                     //支付成功
                 } else {
                     if ($bType == "2") {
                         echo "success";
                         exit;
                     }
                     if ($order_info['pay_status'] == 2) {
                         if ($order_info['type'] == 0) {
                             app_redirect(url("index", "payment#done", array("id" => $payment_notice['order_id'])));
                         } else {
                             app_redirect(url("index", "payment#incharge_done", array("id" => $payment_notice['order_id'])));
                         }
                         //支付成功
                     } else {
                         app_redirect(url("index", "payment#pay", array("id" => $payment_notice['id'])));
                     }
                 }
             } else {
                 if ($bType == "2") {
                     echo "success";
                     exit;
                 }
                 app_redirect(url("index", "payment#pay", array("id" => $payment_notice['id'])));
             }
         } else {
             showErr($GLOBALS['payment_lang']["PAY_FAILED"]);
         }
     } else {
         showErr($GLOBALS['payment_lang']["PAY_FAILED"]);
     }
 }
Exemple #29
0
 /**
  * 响应操作
  */
 function respond()
 {
     /*取返回参数*/
     $tid = $_REQUEST["tid"];
     // 商户唯一交易号
     $bid = $_REQUEST["bid"];
     // 商户网站订单号
     $sid = $_REQUEST["sid"];
     // 易付通交易成功 流水号
     $prc = $_REQUEST["prc"];
     // 支付的金额
     $actionCode = $_REQUEST["actioncode"];
     // 交易码
     $actionParameter = $_REQUEST["actionparameter"];
     // 业务代码
     $card = $_REQUEST["card"];
     // 支付方式
     $success = $_REQUEST["success"];
     // 成功标志,
     $bankcode = $_REQUEST["bankcode"];
     // 支付银行
     $remark1 = $_REQUEST["remark1"];
     // 备注信息
     $username = $_REQUEST["username"];
     // 商户网站支付用户
     $md = $_REQUEST["md"];
     // 32位md5加密数据
     $payment = get_payment('xpay');
     if ($success == 'false') {
         return false;
     }
     // 验证数据是否正确
     $ymd = md5($payment['xpay_key'] . ":" . $bid . "," . $sid . "," . $prc . "," . $actionCode . "," . $actionParameter . "," . $tid . "," . $card . "," . $success);
     // 本地进行数据加密
     if ($md != $ymd) {
         return false;
     } else {
         order_paid($bid, PS_PAYED);
         return true;
     }
 }
 /**
  * 响应操作
  */
 function respond()
 {
     $payment = get_payment('wxpay');
     /*取返回参数*/
     $fields = 'bank_billno,bank_type,discount,fee_type,input_charset,notify_id,out_trade_no,partner,product_fee' . ',sign_type,time_end,total_fee,trade_mode,trade_state,transaction_id,transport_fee';
     $arr = null;
     foreach (explode(',', $fields) as $val) {
         if (isset($_REQUEST[$val])) {
             $arr[$val] = trim($_REQUEST[$val]);
         }
     }
     $order_sn = $arr['out_trade_no'];
     $log_id = get_order_id_by_sn($order_sn);
     /* 如果trade_state大于0则表示支付失败 */
     if ($arr['trade_state'] > 0) {
         return false;
     }
     /* 检查支付的金额是否相符 */
     if (!check_money($log_id, $arr['total_fee'] / 100)) {
         return false;
     }
     $sign = $_REQUEST['sign'];
     $sign_md5 = $this->create_sign($arr);
     if ($sign_md5 != $sign) {
         return false;
     } else {
         /* 改变订单状态 */
         order_paid($log_id);
         return true;
     }
 }