/**
* POST接收数据
* 状态码说明 (0 交易完成 1 交易失败 2 交易超时 3 交易处理中 4 交易未支付)
*/
public function notify()
{
$receive_data = $this->filterParameter($_POST);
$receive_data = arg_sort($receive_data);
if ($receive_data) {
$v_oid = trim($receive_data['v_oid']);
$v_pmode = trim($receive_data['v_pmode']);
$v_pstatus = trim($receive_data['v_pstatus']);
$v_pstring = trim($receive_data['v_pstring']);
$v_amount = trim($receive_data['v_amount']);
$v_moneytype = trim($receive_data['v_moneytype']);
$remark1 = trim($receive_data['remark1']);
$remark2 = trim($receive_data['remark2']);
$v_md5str = trim($receive_data['v_md5str']);
$md5string = strtoupper(md5($v_oid . $v_pstatus . $v_amount . $v_moneytype . $this->config['key']));
if ($v_md5str == $md5string) {
$return_data['order_id'] = $v_oid;
$return_data['order_total'] = $v_amount;
$return_data['price'] = $v_amount;
if ($v_pstatus == "20") {
$return_data['order_status'] = 0;
} else {
error_log(date('m-d H:i:s') . '| chinabank notify: order_status=30 |' . "\r\n", 3, LOG_PATH . 'chinabank_error_log.php');
return false;
}
} else {
return false;
}
} else {
error_log(date('m-d H:i:s') . '| notify: no return |' . "\r\n", 3, LOG_PATH . 'chinabank_error_log.php');
return false;
}
}
function return_verify()
{
//��ȡԶ�̷�����ATN�����֤�Ƿ���֧��������������������
if ($this->transport == "https") {
$veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
} else {
$veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
//���ǩ����
if (empty($_GET)) {
//�ж�GET���������Ƿ�Ϊ��
return false;
} else {
$get = para_filter($_GET);
//������GET�������������ȥ��
$sort_get = arg_sort($get);
//������GET�����������������
$this->mysign = build_mysign($sort_get, $this->_key, $this->sign_type);
//���ǩ����
//д��־��¼
//log_result("veryfy_result=".$veryfy_result."\n return_url_log:sign=".$_GET["sign"]."&mysign=".$this->mysign."&".create_linkstring($sort_get));
//�ж�veryfy_result�Ƿ�Ϊture����ɵ�ǩ����mysign���õ�ǩ����sign�Ƿ�һ��
//$veryfy_result�Ľ����true����������������⡢���������ID��notify_idһ����ʧЧ�й�
//mysign��sign���ȣ��밲ȫУ���롢����ʱ�IJ����ʽ���磺���Զ������ȣ��������ʽ�й�
if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
function create_url()
{
$url = $this->gateway;
$sort_array = array();
$sort_array = arg_sort($this->parameter);
$arg = create_linkstring_urlencode($sort_array);
$url .= $arg . "&sign=" . $this->mysign . "&sign_type=" . $this->sign_type;
return $url;
}
function create_url()
{
$url = $this->gateway;
$sort_array = array();
$sort_array = arg_sort($this->parameter);
$arg = create_linkstring_urlencode($sort_array);
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
//把网关地址、已经拼接好的参数数组字符串、签名结果、签名类型,拼接成最终完整请求url
$url .= $arg . "&sign=" . $this->mysign . "&sign_type=" . $this->sign_type;
return $url;
}
function build_url()
{
$url = $this->gateway;
$sort_array = array();
$arg = "";
$sort_array = arg_sort($this->parameter);
while (list($key, $val) = each($sort_array)) {
$arg .= $key . "=" . urlencode(charset_encode($val, $this->parameter['_input_charset'])) . "&";
}
$url .= $arg . "sign=" . $this->mysign . "&sign_type=" . $this->sign_type;
return $url;
}
/**
* 构造函数
* 从配置文件及入口文件中初始化变量
* @param array $parameter 需要签名的参数数组
* @param string $key 安全校验码
* @param string $sign_type 签名类型
*/
public function Alipay_service($parameter, $key, $sign_type)
{
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->_key = $key;
$this->sign_type = $sign_type;
$this->parameter = para_filter($parameter);
//设定_input_charset的值,为空值的情况下默认为GBK
if ($this->parameter['_input_charset'] == '') {
$this->parameter['_input_charset'] = 'GBK';
}
$this->_input_charset = $this->parameter['_input_charset'];
//获得签名结果
$sort_array = arg_sort($this->parameter);
//得到从字母a到z排序后的签名参数数组
$this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type);
}
function return_verify()
{
//判断GET来的数组是否为空
if (empty($_GET)) {
return false;
} else {
//对所有GET反馈回来的数据去空
$get = para_filter($_GET);
//对所有GET反馈回来的数据排序
$sort_get = arg_sort($get);
//获取返回的sign
$sign = $_GET["sign"];
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = create_linkstring($sort_get);
//返回验签bool值
return verify($prestr, $sign);
}
}
function return_verify()
{
//判断GET来的数组是否为空
if (empty($_GET)) {
return false;
} else {
$get = para_filter($_GET);
//对所有GET反馈回来的数据去空
$sort_get = arg_sort($get);
//对所有GET反馈回来的数据排序
$this->mysign = build_mysign($sort_get, $this->_key, $this->sign_type);
//生成签名结果
if ($this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
/**
* 构造函数(从配置文件及入口文件中初始化变量)
* @param $aOrder array(
* 'out_trade_no' => 'QC屋唯一订单号',
* 'subject' => "订单名称(商品名称)",
* 'body' => "订单描述、订单详细、订单备注",
* 'total_fee' => "订单总金额,显示在支付宝收银台里的“应付总额”里",
* 'notify_url' => '异步处理程序',
* 'return_url' => '同步跳转页面',
* 'show_url' => '商品链接',
* )
*/
function alipay_service($aOrder)
{
$this->notify_url = $aOrder['notify_url'];
$this->return_url = $aOrder['return_url'];
$this->show_url = $aOrder['show_url'];
$aConfig = $this->loadAlipayConfig(@$aOrder['out_trade_no'], @$aOrder['subject'], @$aOrder['body'], @$aOrder['total_fee']);
parent::alipay_notify($aConfig['partner'], $aConfig['key'], $aConfig['sign_type'], $aConfig['_input_charset'], $aConfig['transport']);
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->_key = $aConfig['key'];
$this->sign_type = $aConfig['sign_type'];
$this->parameter = para_filter($aConfig['parameter']);
//设定_input_charset的值,为空值的情况下默认为GBK
if ($aConfig['parameter']['_input_charset'] == '') {
$this->parameter['_input_charset'] = 'utf-8';
}
//GBK
$this->_input_charset = $this->parameter['_input_charset'];
//获得签名结果
$sort_array = arg_sort($this->parameter);
//得到从字母a到z排序后的签名参数数组
$this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type);
}
function return_verify()
{
if ($this->transport == "https") {
$veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
} else {
$veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
if (empty($_GET)) {
return false;
} else {
$get = para_filter($_GET);
$sort_get = arg_sort($get);
$this->mysign = build_mysign($sort_get, $this->security_code, $this->sign_type);
log_result("veryfy_result=" . $veryfy_result . "\n return_url_log:sign=" . $_GET["sign"] . "&mysign=" . $this->mysign . "&" . create_linkstring($sort_get));
if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
function return_verify() {
//获取远程服务器ATN结果,验证是否是支付宝服务器发来的请求
if($this->transport == "https") {
$veryfy_url = $this->gateway. "service=notify_verify" ."&partner=" .$this->partner. "¬ify_id=".$_GET["notify_id"];
} else {
$veryfy_url = $this->gateway. "partner=".$this->partner."¬ify_id=".$_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
//生成签名结果
if(empty($_GET)) { //判断GET来的数组是否为空
return false;
}
else {
$get = para_filter($_GET); //对所有GET反馈回来的数据去空
$sort_get = arg_sort($get); //对所有GET反馈回来的数据排序
$this->mysign = build_mysign($sort_get,$this->_key,$this->sign_type); //生成签名结果
//写日志记录
//log_result("veryfy_result=".$veryfy_result."\n return_url_log:sign=".$_GET["sign"]."&mysign=".$this->mysign."&".create_linkstring($sort_get));
//判断veryfy_result是否为ture,生成的签名结果mysign与获得的签名结果sign是否一致
//$veryfy_result的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关
//mysign与sign不等,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关
if (preg_match("/true$/i",$veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
}else {
return false;
}
}
}
/**
* POST接收数据
* 状态码说明 (0 交易完成 1 交易失败 2 交易超时 3 交易处理中 4 交易未支付 5交易取消6交易发生错误)
*/
public function notify() {
$receive_sign = $_POST['sign'];
$receive_data = $this->filterParameter($_POST);
$receive_data = arg_sort($receive_data);
if ($receive_data) {
$verify_result = $this->get_verify('http://notify.alipay.com/trade/notify_query.do?service=notify_verify&partner=' . $this->config['alipay_partner'] . '¬ify_id=' . $receive_data['notify_id']);
if (preg_match('/true$/i', $verify_result))
{
$sign = '';
$sign = build_mysign($receive_data,$this->config['alipay_key'],'MD5');
if ($sign != $receive_sign)
{
error_log(date('m-d H:i:s',SYS_TIME).'| POST: signature is bad |'."\r\n", 3, CACHE_PATH.'pay_error_log.php');
return false;
}
else
{
$return_data['order_id'] = $receive_data['out_trade_no'];
$return_data['order_total'] = $receive_data['total_fee'];
$return_data['price'] = $receive_data['price'];
switch ($receive_data['trade_status']) {
case 'WAIT_BUYER_PAY': $return_data['order_status'] = 3; break;
case 'WAIT_SELLER_SEND_GOODS': $return_data['order_status'] = 3; break;
case 'WAIT_BUYER_CONFIRM_GOODS': $return_data['order_status'] = 3; break;
case 'TRADE_CLOSED': $return_data['order_status'] = 5; break;
case 'TRADE_FINISHED': $return_data['order_status'] = 0; break;
case 'TRADE_SUCCESS': $return_data['order_status'] = 0; break;
default:
$return_data['order_status'] = 5;
}
return $return_data;
}
}
else
{
error_log(date('m-d H:i:s',SYS_TIME).'| POST: illegality notice : flase |'."\r\n", 3, CACHE_PATH.'pay_error_log.php');
return false;
}
} else {
error_log(date('m-d H:i:s',SYS_TIME).'| POST: no post return |'."\r\n", 3, CACHE_PATH.'pay_error_log.php');
return false;
}
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
function getToken($result)
{
$result = urldecode($result);
// URL转码
$Arr = explode('&', $result);
// 根据 & 符号拆分
$temp = array();
// 临时存放拆分的数组
$myArray = array();
// 待签名的数组
// 循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
$sign = $myArray['sign'];
// 支付宝返回签名
$myArray = para_filter($myArray);
// 拆分完毕后的数组
$sort_array = arg_sort($myArray);
// 排序数组
$this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type);
// 构造本地参数签名,用于对比支付宝请求的签名
if ($this->mysign == $sign) {
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
// 返回token
} else {
echo '签名不正确';
// 当判断出签名不正确,请不要验签通过
return '签名不正确';
}
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
private function getToken($result)
{
$result = urldecode($result);
// URL转码
$Arr = explode('&', $result);
// 根据 & 符号拆分
$temp = array();
// 临时存放拆分的数组
$myArray = array();
// 待签名的数组
// 循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
$sign = $myArray['sign'];
// 支付宝返回签名
$myArray = para_filter($myArray);
// 拆分完毕后的数组
$sort_array = arg_sort($myArray);
// 排序数组
$calcSign = build_mysign($sort_array, $this->partnerKey, $this->configSecId);
// 构造本地参数签名,用于对比支付宝请求的签名
if ($calcSign != $sign) {
// 当判断出签名不正确,请不要验签通过
printLog('alipayWap Token 签名不正确 sign[' . $sign . '] calcSign[' . $calcSign . ']', 'PAYMENT', \Core\Log\Base::ERROR);
return null;
}
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
// 返回token
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
function getToken($result)
{
//URL转码
$result = urldecode($result);
//根据 & 符号拆分
$Arr = explode('&', $result);
//临时存放拆分的数组
$temp = array();
//待签名的数组
$myArray = array();
//循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
//需要先解密res_data
$myArray['res_data'] = decrypt($myArray['res_data']);
//获取返回的RSA签名
$sign = $myArray['sign'];
//去sign,去空值参数
$myArray = para_filter($myArray);
//排序数组
$sort_array = arg_sort($myArray);
//拼凑参数链接 & 连接
$prestr = create_linkstring($sort_array);
//返回布尔值,是否验签通过
$isverify = verify($prestr, $sign);
//判断签名是否正确
if ($isverify) {
//返回token
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
} else {
//当判断出签名不正确,请不要验签通过
return '签名不正确';
}
}
