function respond() { require_once ("tenpay/PayResponseHandler.class.php"); $resHandler = new PayResponseHandler(); $sp_billno = $resHandler->getParameter("sp_billno"); if(preg_match('/(select|union|and|\'|"|\))/i',$sp_billno)){ exit('非法参数'); } preg_match_all("/-(.*)-(.*)-(.*)/isu",$sp_billno,$oidout); $paytype = $where['pay_code'] = $oidout[3][0]; include_once ROOT.'/lib/plugins/pay/'.$paytype.'.php'; $pay = pay::getInstance()->getrows($where); $payconfig = unserialize($pay[0]['pay_config']); $resHandler->setKey($payconfig[1]['value']); $where = array(); $where['oid']=$sp_billno; $orders=orders::getInstance()->getrow($where); if($resHandler->isTenpaySign()) { $transaction_id = $resHandler->getParameter("transaction_id"); $total_fee = $resHandler->getParameter("total_fee"); $pay_result = $resHandler->getParameter("pay_result"); if("0" == $pay_result) { if (!pay::check_money($orders['id'],$total_fee/100)) { echo "<br/>" . "金额不符" . "<br/>"; return false; } pay::changeorders($orders['id'],$_GET); $show = config::get('site_url'); $resHandler->doShow($show); } else { echo "<br/>" . "支付失败" . "<br/>"; return false; } } else { echo "<br/>" . "认证签名失败" . "<br/>"; return false; } }
function respond() { if (!empty($_POST)) { foreach($_POST as $key =>$data) { if(preg_match('/(=|<|>|\')/', $data)){ return false; } $_GET[$key] = $data; } } $payment = pay::get_payment($_GET['code']); $seller_email = rawurldecode($_GET['seller_email']); $order_sn = str_replace($_GET['subject'],'',$_GET['out_trade_no']); $order_sn = trim($order_sn); if (!pay::check_money($order_sn,$_GET['total_fee'])) { return false; } if($_GET['trade_status'] == "WAIT_SELLER_SEND_GOODS"||$_GET['trade_status'] == "TRADE_FINISHED" || $_GET['trade_status'] == "TRADE_SUCCESS") { pay::changeorders($order_sn,$_GET); return true; }else { return false; } }
function respond() { $payment = get_payment('paypal'); $merchant_id = $payment['paypal_account']; $req = 'cmd=_notify-validate'; foreach ($_POST as $key =>$value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: ".strlen($req) ."\r\n\r\n"; $fp = fsockopen ('www.paypal.com',80,$errno,$errstr,30); $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $order_sn = $_POST['invoice']; $memo = !empty($_POST['memo']) ?$_POST['memo'] : ''; $action_note = $txn_id .'('.$GLOBALS['_LANG']['paypal_txn_id'] .')'.$memo; if (!$fp) { fclose($fp); return false; } else { fputs($fp,$header .$req); while (!feof($fp)) { $res = fgets($fp,1024); if (strcmp($res,'VERIFIED') == 0) { if ($payment_status != 'Completed'&&$payment_status != 'Pending') { fclose($fp); return false; } if ($receiver_email != $merchant_id) { fclose($fp); return false; } if (!pay::check_money($order_sn,$payment_amount)) { fclose($fp); return false; } if ($payment['paypal_currency'] != $payment_currency) { fclose($fp); return false; } pay::changeorders($order_sn,$action_note); fclose($fp); return true; } elseif (strcmp($res,'INVALID') == 0) { fclose($fp); return false; } } } }