/** * 验证同步返回结果是否来自支付宝 * * @param NotifyParam $notify_param * * @return bool */ public function verifyReturn(NotifyParam $notify_param) { if (empty($notify_param->getParams())) { return false; } $isSign = $this->getSignVerify($notify_param, $notify_param->getSign()); $responseTxt = 'false'; if (!empty($notify_param->getNotifyId())) { $responseTxt = $this->getResponse($notify_param->getNotifyId()); } if (preg_match("/true\$/i", $responseTxt) && $isSign) { return true; } else { return false; } }
/** * 验证通知返回 * * @param NotifyParam $notify_param * * @return bool */ public function verifyNotify(NotifyParam $notify_param) { $params = $notify_param->getParams(); if (empty($params)) { return false; } //生成签名结果 $isSign = $this->getSignVerify($notify_param, $notify_param->getSign()); //获取支付宝服务器远程atn结果 $responseTxt = 'false'; $notify_id = $notify_param->getNotifyId(); if (!empty($notify_id)) { $responseTxt = $this->getResponse($notify_param->getNotifyId()); } Logger::addInfo('alipay_wap_notify', 'verifyNotify', array('param' => (string) $notify_param, 'isSign' => $isSign, 'responseTxt' => $responseTxt)); //验证 //$responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //isSign的结果不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if (preg_match("/true\$/i", $responseTxt) && $isSign) { return true; } else { return false; } }