/** * 响应操作 $_REQUEST["Priv1"] 为 log_id */ function respond() { $payment = get_payment($_GET['code']); $merid=$this->config($payment); $flag = buildKey(PUB_KEY); //获取交易应答的各项值 $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if( flag && $status == '1001') { // 检查价格是否一致 if (!check_money($priv1, $amount/100)) { return false; } order_paid($priv1, 2); return true; } else { return false; } }
<?php defined('IN_DESTOON') or exit('Access Denied'); require DT_ROOT . '/api/pay/' . $bank . '/netpayclient_config.php'; //加载 netpayclient 组件 require DT_ROOT . '/api/pay/' . $bank . '/netpayclient.php'; //导入私钥文件, 返回值即为您的商户号,长度15位 $merid = buildKey(PRI_KEY); $merid or exit('导入私钥文件失败!'); //生成订单号,定长16位,任意数字组合,一天内不允许重复,本例采用当前时间戳,必填 $ordid = "00" . date('YmdHis'); //订单金额,定长12位,以分为单位,不足左补0,必填 $transamt = padstr($charge * 100, 12); //货币代码,3位,境内商户固定为156,表示人民币,必填 $curyid = "156"; //订单日期,本例采用当前日期,必填 $transdate = date('Ymd'); //交易类型,0001 表示支付交易,0002 表示退款交易 $transtype = "0001"; //接口版本号,境内支付为 20070129,必填 $version = "20070129"; //页面返回地址(您服务器上可访问的URL),最长80位,当用户完成支付后,银行页面会自动跳转到该页面,并POST订单结果信息,可选 $pagereturl = $receive_url; //后台返回地址(您服务器上可访问的URL),最长80位,当用户完成支付后,我方服务器会POST订单结果信息到该页面,必填 $bgreturl = DT_PATH . 'api/pay/' . $bank . '/notify.php'; /************************ 页面返回地址和后台返回地址的区别: 后台返回从我方服务器发出,不受用户操作和浏览器的影响,从而保证交易结果的送达。 ************************/ //支付网关号,4位,上线时建议留空,以跳转到银行列表页面由用户自由选择,本示例选用0001农商行网关便于测试,可选 $gateid = "";
<?php header('Content-type: text/html; charset=gbk'); include_once "netpayclient_config.php"; ?> <title>支付应答</title> <h1>支付应答</h1> <?php //加载 netpayclient 组件 include_once "netpayclient.php"; //导入公钥文件 $flag = buildKey(PUB_KEY); if (!$flag) { echo "导入公钥文件失败!"; exit; } //获取交易应答的各项值 $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; echo "商户号: [{$merid}]<br/>"; echo "订单号: [{$orderno}]<br/>"; echo "订单日期: [{$transdate}]<br/>"; echo "订单金额: [{$amount}]<br/>";
public function houtai() { //导入公钥文件 $flag = buildKey(PUB_KEY); if (!$flag) { echo "导入公钥文件失败!"; exit; } //获取交易应答的各项值 $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if (!flag) { echo "<h2>验证签名失败!</h2>"; exit; } // file_put_contents(dirname(__FILE__).DIRECTORY_SEPARATOR.'aa.txt', serialize($status)); $out_trade_no = $orderno; //商户订单号 if ($status == '1001') { $dingdaninfo = $this->db->GetOne("select * from `@#_member_addmoney_record` where `code` = '{$out_trade_no}' and `status` = '未付款'"); if (!$dingdaninfo) { echo "fail"; exit; } //没有该订单,失败 $c_money = intval($dingdaninfo['money']); $uid = $dingdaninfo['uid']; $time = time(); $this->db->Autocommit_start(); $up_q1 = $this->db->Query("UPDATE `@#_member_addmoney_record` SET `pay_type` = '支付宝', `status` = '已付款' where `id` = '{$dingdaninfo['id']}' and `code` = '{$dingdaninfo['code']}'"); $up_q2 = $this->db->Query("UPDATE `@#_member` SET `money` = `money` + {$c_money} where (`uid` = '{$uid}')"); $up_q3 = $this->db->Query("INSERT INTO `@#_member_account` (`uid`, `type`, `pay`, `content`, `money`, `time`) VALUES ('{$uid}', '1', '账户', '充值', '{$c_money}', '{$time}')"); if ($up_q1 && $up_q2 && $up_q3) { $this->db->Autocommit_commit(); } else { $this->db->Autocommit_rollback(); echo "fail"; exit; } if (empty($dingdaninfo['scookies'])) { echo "success"; exit; //充值完成 } $scookies = unserialize($dingdaninfo['scookies']); $pay = System::load_app_class('pay', 'pay'); $pay->scookie = $scookies; // var_dump($pay_type['pay_id']); // die(); $ok = $pay->init($uid, $pay_type['pay_id'], 'go_record'); //云购商品 if ($ok != 'ok') { _setcookie('Cartlist', NULL); echo "fail"; exit; //商品购买失败 } $check = $pay->go_pay(1); if ($check) { $this->db->Query("UPDATE `@#_member_addmoney_record` SET `scookies` = '1' where `code` = '{$out_trade_no}' and `status` = '已付款'"); _setcookie('Cartlist', NULL); echo "success"; exit; } else { echo "fail"; exit; } } }
function filterWaitingOrders($orders, $lowerBound, $upperBound, $count) { $started = false; $result = []; foreach ($orders as $order) { $key = buildKey($order); if (!$started && (!$upperBound || compare($key, $upperBound) < 0)) { $started = true; } if ($started) { if ($lowerBound && compare($key, $lowerBound) <= 0) { return $result; } array_push($result, $order); if (sizeof($result) == $count) { return $result; } } } return FEED_CACHE_SIZE == sizeof($orders) ? false : $result; }
/** * 生成检查签名 * @param mixed $form 包含签名数据的数组 * @param string $method 生成用途 * @access private * @return string */ private function _get_mac($data, $method = 'sign') { $MerPrk = $this->getConf('mer_key', __CLASS__); $PubPk = $this->getConf('pub_Pk', __CLASS__); if (strtoupper(substr(PHP_OS, 0, 3)) == "WIN") { //$chinapay = new COM('CPNPC.NPC'); if (file_exists(DATA_DIR . '/cert/payment_plugin_chinapay/' . $MerPrk) && file_exists(DATA_DIR . '/cert/payment_plugin_chinapay/' . $PubPk)) { //$chinapay->setMerKeyFile(DATA_DIR . '/cert/payment_plugin_chinapay/' . $MerPrk); //$chinapay->setPubKeyFile(DATA_DIR . '/cert/payment_plugin_chinapay/' . $PubPk); buildKey(DATA_DIR . '/cert/payment_plugin_chinapay/' . $MerPrk); } if ($method == 'sign') { $res = $this->_get_mac_sign($data, $chinapay); } else { $res = $this->_get_mac_check($data, $chinapay); } } else { if (file_exists(DATA_DIR . '/cert/payment_plugin_chinapay/' . $MerPrk) && file_exists(DATA_DIR . '/cert/payment_plugin_chinapay/' . $PubPk)) { //setMerKeyFile(DATA_DIR . '/cert/payment_plugin_chinapay/' . $MerPrk); //setPubKeyFile(DATA_DIR . '/cert/payment_plugin_chinapay/' . $PubPk); buildKey(DATA_DIR . '/cert/payment_plugin_chinapay/' . $MerPrk); } if ($method == 'sign') { $res = $this->_get_mac_sign($data); } else { $res = $this->_get_mac_check($data); } } return $res; }
/** * @see paymentplugin::getSendData() */ public function getSendData($payment) { //导入私钥文件, 返回值即为您的商户号,长度15位 $merid = buildKey(self::PRI_KEY); if (!$merid) { exit("导入私钥文件失败!"); } $return = array('MerId' => $merid, 'CuryId' => "156", 'TransDate' => date('Ymd'), 'TransType' => '0001', 'Version' => '20141120', 'PageRetUrl' => $this->callbackUrl, 'BgRetUrl' => $this->serverCallbackUrl, 'GateId' => ''); $return['Priv1'] = $payment['M_OrderNO']; //备注,最长60位,交易成功后会原样返回,可用于额外的订单跟踪等 $return['OrdId'] = padstr($payment['M_OrderId'], 16); //商户订单号,定长16位 $return['TransAmt'] = padstr($payment['M_Amount'] * 100, 12); //订单金额,定长12位,以分为单位,不足左补0 // 签名 //按次序组合订单信息为待签名串 $plain = $return['MerId'] . $return['OrdId'] . $return['TransAmt'] . $return['CuryId'] . $return['TransDate'] . $return['TransType'] . $return['Version'] . $return['BgRetUrl'] . $return['PageRetUrl'] . $return['GateId'] . $return['Priv1']; //生成签名值 $chkvalue = sign($plain); if (!$chkvalue) { exit("签名失败!"); } $return['ChkValue'] = $chkvalue; return $return; }
<?php //银联支付 $order_amount = '0.01'; if (version_compare(phpversion(), '5.4.10', '>')) { include_once $_SERVER['DOCUMENT_ROOT'] . '/Dev/Lib/ORG/yinlian/lib.php'; } else { include_once $_SERVER['DOCUMENT_ROOT'] . '/Dev/Lib/ORG/yinlian/netpayclient.php'; } $merid = buildKey('keys/MerPrK_808080301000216_20141106164338.key'); if ($merid) { $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $plain = $merid . $orderno . $amount . $currencycode . $transdate . $transtype . $status . $checkvalue; //对订单验证签名 $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); $flag = verify($plain, $checkvalue); if (!flag) { echo "<h2>验证签名失败!</h2>"; exit; } ?>
/** * 检验返回数据合法性. * * @param mixed $form 包含签名数据的数组 * @param mixed $key 签名用到的私钥 * * @return bool */ private function is_return_vaild($params) { $pub_key_content = $this->getConf('pub_key', __CLASS__); if (!file_exists($this->_get_key_filepath('pub'))) { file_put_contents($this->_get_key_filepath('pub'), $pub_key_content, LOCK_EX); } $flag = buildKey($this->_get_key_filepath('pub')); if (!$flag) { return false; } if (!verifyTransResponse($params['merid'], $params['orderno'], $params['amount'], $params['transdate'], $params['transtype'], $params['status'], $params['checkvalue'])) { logger::error('Chinapay 支付返回验证失败!' . var_export($params, 1)); return false; } return true; }
/** * 响应操作 */ function respond() { //order_paid($v_oid); //return true; $payment = get_payment(basename(__FILE__, '.php')); $merid = trim($_POST['merid']); $orderno = trim($_POST['orderno']); $transdate = trim($_POST['transdate']); $amount = trim($_POST['amount']); $currencycode = trim($_POST['currencycode']); $transtype = trim($_POST['transtype']); $status = trim($_POST['status']); $checkvalue = trim($_POST['checkvalue']); $v_gateid = trim($_POST['GateId']); $v_Priv1 = trim($_POST['Priv1']); /** * 重新计算密钥的值 */ $pubkey = $payment['chinapay_pubkey_file']; $PGID = buildKey(ROOT_PATH . $pubkey); if (!$PGID) { echo "导入私钥文件失败!"; exit; } $verify = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if (!$verify) { echo "验证签名失败!"; exit; } /* 检查秘钥是否正确 */ if ($status == '1001') { $v_ordesn = chinapaysn2ecshopsn($orderno); $order_id = get_order_id_by_sn($v_ordesn); /* 改变订单状态 */ order_paid($order_id); return true; } else { return false; } }
public function config($config = null) { //导入私钥文件, 返回值即为您的商户号,长度15位 $merid = buildKey(PRI_KEY); if (!$merid) { echo "导入私钥文件失败!"; exit; } //生成订单号,定长16位,任意数字组合,一天内不允许重复,本例采用当前时间戳,必填 //$ordid = "00" . date('YmdHis'); $ordid = $config['code']; //$ordid='0000'.'90265'.time(); //$ordid=substr($ordid, 0,16); //订单金额,定长12位,以分为单位,不足左补0,必填 //$transamt = $config['money']; $money = $config['money'] * 100; $transamt = padstr($money, 12); //货币代码,3位,境内商户固定为156,表示人民币,必填 $curyid = "156"; //订单日期,本例采用当前日期,必填 $transdate = date('Ymd'); //交易类型,0001 表示支付交易,0002 表示退款交易 $transtype = "0001"; //接口版本号,境内支付为 20070129,必填 $version = "20070129"; //页面返回地址(您服务器上可访问的URL),最长80位,当用户完成支付后,银行页面会自动跳转到该页面,并POST订单结果信息,可选 $pagereturl = $config['ReturnUrl']; //后台返回地址(您服务器上可访问的URL),最长80位,当用户完成支付后,我方服务器会POST订单结果信息到该页面,必填 $bgreturl = $config['NotifyUrl']; /************************ 页面返回地址和后台返回地址的区别: 后台返回从我方服务器发出,不受用户操作和浏览器的影响,从而保证交易结果的送达。 ************************/ //支付网关号,4位,上线时建议留空,以跳转到银行列表页面由用户自由选择,本示例选用0001农商行网关便于测试,可选 $gateid = "0001"; //备注,最长60位,交易成功后会原样返回,可用于额外的订单跟踪等,可选 $priv1 = "memo"; //按次序组合订单信息为待签名串 $plain = $merid . $ordid . $transamt . $curyid . $transdate . $transtype . $priv1; //生成签名值,必填 $chkvalue = sign($plain); if (!$chkvalue) { echo "签名失败!"; exit; } //$uri = REQ_URL_PAY ; //$useragent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"; //echo $uri; //die(); // 参数数组 $data = array('MerId' => $merid, 'Version' => $version, "OrdId" => $ordid, "TransAmt" => $transamt, "CuryId" => $curyid, "TransDate" => $transdate, "TransType" => $transtype, "BgRetUrl" => $bgreturl, "PageRetUrl" => $pagereturl, "GateId" => $gateid, "Priv1" => $priv1, "ChkValue" => $chkvalue); echo "<form action=" . REQ_URL_PAY . " method='post' id='myform' >"; echo "<br>"; echo "<input type='text' name='MerId' value='" . $merid . "' />"; echo "<br>"; echo "<input type='text' name='Version' value='" . $version . "' />"; echo "<br>"; echo "<input type='text' name='OrdId' value='" . $ordid . "'/>"; echo "<br>"; echo "<input type='text' name='TransAmt' value='" . $transamt . "' />"; echo "<br>"; echo "<input type='text' name='CuryId' value='" . $curyid . "'/>"; echo "<br>"; echo "<input type='text' name='TransDate' value='" . $transdate . "' />"; echo "<input type='text' name='TransType' value='" . $transtype . "' />"; echo "<br>"; echo "<input type='text' name='BgRetUrl' value='" . $bgreturl . "' />"; echo "<br>"; echo "<input type='text' name='PageRetUrl' value='" . $pagereturl . "' />"; echo "<br>"; echo "<input type='text' name='GateId' value='" . $gateid . "' />"; echo "<br>"; echo "<input type='text' name='Priv1' value='" . $priv1 . "' />"; echo "<br>"; echo "<input type='text' name='ChkValue' value='" . $chkvalue . "' />"; echo "<br>"; echo "</form>"; //die(); echo "<script>"; echo "document.getElementById('myform').submit();"; echo "</script>"; //print_r($data); // $ch = curl_init (); // // print_r($ch); // curl_setopt ( $ch, CURLOPT_URL, $uri ); // curl_setopt($ch, CURLOPT_USERAGENT, $useragent); // //curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // curl_setopt ( $ch, CURLOPT_POST, 1 ); // curl_setopt ($ch, CURLOPT_REFERER, $uri); // curl_setopt ($ch, CURLOPT_AUTOREFERER, 1); // curl_setopt ( $ch, CURLOPT_HEADER, 0 ); // curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 ); // // curl_setopt ($ch, CURLOPT_REFERER, "http://www.php100.com/"); // curl_setopt ( $ch, CURLOPT_POSTFIELDS, $data ); // curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // $return = curl_exec ( $ch ); // curl_close ( $ch ); //print_r($return); //die(); }
function unionpay_notify1() { if (version_compare(phpversion(), '5.4.10', '>')) { include_once LIB_PATH . 'ORG/Payment/UnionPay/lib.php'; } else { include_once LIB_PATH . 'ORG/Payment/UnionPay/netpayclient.php'; } $merid = buildKey('keys/MerPrK_808080301000216_20141106164338.key'); if (empty($merid)) { Log::record('union pay merid error: 未设置商户号!'); Log::save(); } $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $order_sn = $this->get_order_no($orderno); $order = M('b2c_order')->where(array('sn' => $order_sn, 'status' => 1))->find(); if (!$order) { Log::record('union pay error: 该订单不存在!'); Log::save(); } $payment_where = array('token' => $order['token'], 'pay_code' => 'unionpay', 'enabled' => '1'); $payment = M('b2c_payment')->where($payment_where)->find(); $wingpay_config = unserialize($payment['pay_config']); if (empty($wingpay_config)) { Log::record('union pay error: 商家未设置支付方式!请联系商家客服!'); Log::save(); } $plain = $merid . $orderno . $amount . $currencycode . $transdate . $transtype . $status . $checkvalue; //对订单验证签名 $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); $flag = verify($plain, $checkvalue); if (!$flag) { Log::record('union pay sign error: 验证签名失败!'); Log::save(); } else { if ($status == '1001') { $trade = M('b2c_wingtrade')->where(array('order_sn' => $order_sn, 'token' => $order['token']))->find(); if ($trade && !$trade['is_pay']) { $serialize = array('merid' => $merid, 'orderno' => $orderno, 'transdate' => $transdate, 'amount' => $amount, 'currencycode' => $currencycode, 'transtype' => $transtype, 'status' => $status, 'checkvalue' => $checkvalue, 'gateId' => $gateId, 'priv1' => $priv1); $data = array('is_pay' => '1', 'return_params' => serialize($serialize), 'update_time' => time()); M('b2c_wingtrade')->where(array('order_sn' => $order_sn))->save($data); } M('b2c_order')->where(array('sn' => $order_sn))->save(array('status' => 2, 'update_time' => time())); //减库存 ShopAction::minusInventory($order_sn); } else { Log::record('union pay failed.'); Log::save(); } } }
function verify($opts) { if (!$this->pri_key || !$this->pub_key) { return false; } $chk = buildKey($this->pub_key); if (!$chk) { return false; } $plain = $opts['merid'] . $opts['orderno'] . $opts['amount'] . $opts['currencycode'] . $opts['transdate'] . $opts['transtype']; $plain .= $opts['status']; //$flag = verifyTransResponse($opts['merid'],$opts['orderno'],$opts['amount'], $opts['currencycode'], $opts['transdate'], $transtype, $status, $checkvalue); $flag = verify($plain, $opts['checkvalue']); if (!$flag) { return false; } return true; }
return FALSE; } return $mod_id . '-' . $type . '-' . $prop_id; } function buildKey($prop_id, $type) { $config['hz_property_servers'] = array('rest_api' => 'http://10.20.3.82:8080', 'table_name' => 'prop:hz_property', 'column' => 'info'); $key = getPropertyHBaseKey($prop_id, $type); $hBase_config = $config['hz_property_servers']; $api = $hBase_config['rest_api'] . '/' . urlencode($hBase_config['table_name']) . '/' . urlencode($key); if ($hBase_config['column']) { $api .= "/" . urlencode($hBase_config['column']); } return $api; } function doGet($api, $header = array('Accept' => 'application/json')) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $api); curl_setopt($curl, CURLOPT_POST, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_NOSIGNAL, 1); curl_setopt($curl, CURLOPT_HTTPHEADER, $header); $rs = curl_exec($curl); echo '<pre>'; var_dump($rs); exit; } //15824507 2 $api = buildKey($argv[1], $argv[2]); doGet($api);