/** * @see paymentplugin::callback() */ public function callback($callbackData, &$paymentId, &$money, &$message, &$orderNo) { //导入公钥文件 $flag = buildKey(self::PUB_KEY); if (!$flag) { exit("导入公钥文件失败!"); } //获取交易应答的各项值 $merid = $callbackData["merid"]; $orderno = $callbackData["orderno"]; $transdate = $callbackData["transdate"]; $amount = $callbackData["amount"]; $currencycode = $callbackData["currencycode"]; $transtype = $callbackData["transtype"]; $status = $callbackData["status"]; $checkvalue = $callbackData["checkvalue"]; $gateId = $callbackData["GateId"]; $priv1 = $callbackData["Priv1"]; //验证签名值,true 表示验证通过 $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if (!$flag) { $message = "验证签名失败"; } else { //交易状态为1001表示交易成功,其他为各类错误,如卡内余额不足等 if ($status == '1001') { $orderNo = $callbackData['Priv1']; //订单号,参考getSendData(); return true; } else { $message = "交易失败!"; } } return false; }
/** * 响应操作 $_REQUEST["Priv1"] 为 log_id */ function respond() { $payment = get_payment($_GET['code']); $merid=$this->config($payment); $flag = buildKey(PUB_KEY); //获取交易应答的各项值 $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if( flag && $status == '1001') { // 检查价格是否一致 if (!check_money($priv1, $amount/100)) { return false; } order_paid($priv1, 2); return true; } else { return false; } }
$checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; echo "商户号: [{$merid}]<br/>"; echo "订单号: [{$orderno}]<br/>"; echo "订单日期: [{$transdate}]<br/>"; echo "订单金额: [{$amount}]<br/>"; echo "货币代码: [{$currencycode}]<br/>"; echo "交易类型: [{$transtype}]<br/>"; echo "交易状态: [{$status}]<br/>"; echo "网关号: [{$gateId}]<br/>"; echo "备注: [{$priv1}]<br/>"; echo "签名值: [{$checkvalue}]<br/>"; echo "===============================<br/>"; //验证签名值,true 表示验证通过 $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if (!flag) { echo "<h2>验证签名失败!</h2>"; exit; } echo "<h2>验证签名成功!</h2>"; //交易状态为1001表示交易成功,其他为各类错误,如卡内余额不足等 if ($status == '1001') { echo "<h3>交易成功!</h3>"; //您的处理逻辑请写在这里,如更新数据库等。 //注意:如果您在提交时同时填写了页面返回地址和后台返回地址,且地址相同,请在这里先做一次数据库查询判断订单状态,以防止重复处理该笔订单 } else { echo "<h3>交易失败!</h3>"; } ?> <h5><a href="netpayclient_query_submit.php?transdate=<?php
public function houtai() { //导入公钥文件 $flag = buildKey(PUB_KEY); if (!$flag) { echo "导入公钥文件失败!"; exit; } //获取交易应答的各项值 $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if (!flag) { echo "<h2>验证签名失败!</h2>"; exit; } // file_put_contents(dirname(__FILE__).DIRECTORY_SEPARATOR.'aa.txt', serialize($status)); $out_trade_no = $orderno; //商户订单号 if ($status == '1001') { $dingdaninfo = $this->db->GetOne("select * from `@#_member_addmoney_record` where `code` = '{$out_trade_no}' and `status` = '未付款'"); if (!$dingdaninfo) { echo "fail"; exit; } //没有该订单,失败 $c_money = intval($dingdaninfo['money']); $uid = $dingdaninfo['uid']; $time = time(); $this->db->Autocommit_start(); $up_q1 = $this->db->Query("UPDATE `@#_member_addmoney_record` SET `pay_type` = '支付宝', `status` = '已付款' where `id` = '{$dingdaninfo['id']}' and `code` = '{$dingdaninfo['code']}'"); $up_q2 = $this->db->Query("UPDATE `@#_member` SET `money` = `money` + {$c_money} where (`uid` = '{$uid}')"); $up_q3 = $this->db->Query("INSERT INTO `@#_member_account` (`uid`, `type`, `pay`, `content`, `money`, `time`) VALUES ('{$uid}', '1', '账户', '充值', '{$c_money}', '{$time}')"); if ($up_q1 && $up_q2 && $up_q3) { $this->db->Autocommit_commit(); } else { $this->db->Autocommit_rollback(); echo "fail"; exit; } if (empty($dingdaninfo['scookies'])) { echo "success"; exit; //充值完成 } $scookies = unserialize($dingdaninfo['scookies']); $pay = System::load_app_class('pay', 'pay'); $pay->scookie = $scookies; // var_dump($pay_type['pay_id']); // die(); $ok = $pay->init($uid, $pay_type['pay_id'], 'go_record'); //云购商品 if ($ok != 'ok') { _setcookie('Cartlist', NULL); echo "fail"; exit; //商品购买失败 } $check = $pay->go_pay(1); if ($check) { $this->db->Query("UPDATE `@#_member_addmoney_record` SET `scookies` = '1' where `code` = '{$out_trade_no}' and `status` = '已付款'"); _setcookie('Cartlist', NULL); echo "success"; exit; } else { echo "fail"; exit; } } }
/** * 生成检查签名 * @param mixed $form 包含签名数据的数组 * @param mixed $chinapay com组件对象 * @access private * @return string */ private function _get_mac_check($data, $chinapay = null) { if (is_null($chinapay)) { $res = verifyTransResponse($data['merid'], $data['orderno'], $data['amount'], $data['currencycode'], $data['transdate'], $data['transtype'], $data['status'], $data['checkvalue']); } else { $res = $chinapay->check($data['merid'], $data['orderno'], $data['amount'], $data['currencycode'], $data['transdate'], $data['transtype'], $data['status'], $data['checkvalue']); } return $res; }
/** * 检验返回数据合法性. * * @param mixed $form 包含签名数据的数组 * @param mixed $key 签名用到的私钥 * * @return bool */ private function is_return_vaild($params) { $pub_key_content = $this->getConf('pub_key', __CLASS__); if (!file_exists($this->_get_key_filepath('pub'))) { file_put_contents($this->_get_key_filepath('pub'), $pub_key_content, LOCK_EX); } $flag = buildKey($this->_get_key_filepath('pub')); if (!$flag) { return false; } if (!verifyTransResponse($params['merid'], $params['orderno'], $params['amount'], $params['transdate'], $params['transtype'], $params['status'], $params['checkvalue'])) { logger::error('Chinapay 支付返回验证失败!' . var_export($params, 1)); return false; } return true; }
function callback($in, &$paymentId, &$money, &$message) { $paymentId = $in['Priv1']; $money = intval($in['amount']) / 100; $merId = $this->getConf($paymentId, 'member_id'); $MerPk = $this->getConf($paymentId, 'MerPrk'); $PubPk = $this->getConf($paymentId, 'PubPk'); if (strtoupper(substr(PHP_OS, 0, 3)) == "WIN") { $chinapay = new COM('CPNPC.NPC'); if (file_exists(dirname(__FILE__) . "/../../../home/upload/chinapay/" . $MerPrk) && file_exists(dirname(__FILE__) . "/../../../home/upload/chinapay/" . $MerPrk)) { $chinapay->setMerKeyFile(dirname(__FILE__) . "/../../../home/upload/chinapay/" . $MerPrk); $chinapay->setPubKeyFile(dirname(__FILE__) . "/../../../home/upload/chinapay/" . $PubPk); } elseif (file_exists(dirname(__FILE__) . "/../../../cert/chinapay/" . $MerPrk) && file_exists(dirname(__FILE__) . "/../../../cert/chinapay/" . $MerPrk)) { $chinapay->setMerKeyFile(dirname(__FILE__) . "/../../../cert/chinapay/" . $MerPrk); $chinapay->setPubKeyFile(dirname(__FILE__) . "/../../../cert/chinapay/" . $PubPk); } $res = $chinapay->check($in['merid'], $in['orderno'], $in['amount'], $in['currencycode'], $in['transdate'], $in['transtype'], $in['status'], $in['checkvalue']); if ($res == '0') { $res = true; } else { $res = false; } } else { //if (file_exists(dirname(__FILE__)."/../../../home/upload/chinapay/".$MerPrk)&&file_exists(dirname(__FILE__)."/../../../home/upload/chinapay/".$MerPrk)){ if (file_exists(HOME_DIR . "/upload/chinapay/" . $MerPrk) && file_exists(HOME_DIR . "/upload/chinapay/" . $PubPk)) { //setMerKeyFile(dirname(__FILE__)."/../../../home/upload/chinapay/".$MerPrk); //setPubKeyFile(dirname(__FILE__)."/../../../home/upload/chinapay/".$PubPk); setMerKeyFile(HOME_DIR . "/upload/chinapay/" . $MerPrk); setPubKeyFile(HOME_DIR . "/upload/chinapay/" . $PubPk); } elseif (file_exists(dirname(__FILE__) . "/../../../cert/chinapay/" . $MerPrk) && file_exists(dirname(__FILE__) . "/../../../cert/chinapay/" . $MerPrk)) { setMerKeyFile(dirname(__FILE__) . "/../../../cert/chinapay/" . $MerPrk); setPubKeyFile(dirname(__FILE__) . "/../../../cert/chinapay/" . $PubPk); } $res = verifyTransResponse($in['merid'], $in['orderno'], $in['amount'], $in['currencycode'], $in['transdate'], $in['transtype'], $in['status'], $in['checkvalue']); if ($res == 0) { $res = true; } else { $res = false; } } if ($res) { if ($in['status'] == "1001") { $message = "支付成功!"; return PAY_SUCCESS; } else { $message = "支付失败!"; return PAY_FAILED; } } else { $message = "验证签名错误!"; return PAY_ERROR; } }
/** * 响应操作 */ function respond() { //order_paid($v_oid); //return true; $payment = get_payment(basename(__FILE__, '.php')); $merid = trim($_POST['merid']); $orderno = trim($_POST['orderno']); $transdate = trim($_POST['transdate']); $amount = trim($_POST['amount']); $currencycode = trim($_POST['currencycode']); $transtype = trim($_POST['transtype']); $status = trim($_POST['status']); $checkvalue = trim($_POST['checkvalue']); $v_gateid = trim($_POST['GateId']); $v_Priv1 = trim($_POST['Priv1']); /** * 重新计算密钥的值 */ $pubkey = $payment['chinapay_pubkey_file']; $PGID = buildKey(ROOT_PATH . $pubkey); if (!$PGID) { echo "导入私钥文件失败!"; exit; } $verify = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if (!$verify) { echo "验证签名失败!"; exit; } /* 检查秘钥是否正确 */ if ($status == '1001') { $v_ordesn = chinapaysn2ecshopsn($orderno); $order_id = get_order_id_by_sn($v_ordesn); /* 改变订单状态 */ order_paid($order_id); return true; } else { return false; } }
function unionpay_notify1() { if (version_compare(phpversion(), '5.4.10', '>')) { include_once LIB_PATH . 'ORG/Payment/UnionPay/lib.php'; } else { include_once LIB_PATH . 'ORG/Payment/UnionPay/netpayclient.php'; } $merid = buildKey('keys/MerPrK_808080301000216_20141106164338.key'); if (empty($merid)) { Log::record('union pay merid error: 未设置商户号!'); Log::save(); } $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $order_sn = $this->get_order_no($orderno); $order = M('b2c_order')->where(array('sn' => $order_sn, 'status' => 1))->find(); if (!$order) { Log::record('union pay error: 该订单不存在!'); Log::save(); } $payment_where = array('token' => $order['token'], 'pay_code' => 'unionpay', 'enabled' => '1'); $payment = M('b2c_payment')->where($payment_where)->find(); $wingpay_config = unserialize($payment['pay_config']); if (empty($wingpay_config)) { Log::record('union pay error: 商家未设置支付方式!请联系商家客服!'); Log::save(); } $plain = $merid . $orderno . $amount . $currencycode . $transdate . $transtype . $status . $checkvalue; //对订单验证签名 $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); $flag = verify($plain, $checkvalue); if (!$flag) { Log::record('union pay sign error: 验证签名失败!'); Log::save(); } else { if ($status == '1001') { $trade = M('b2c_wingtrade')->where(array('order_sn' => $order_sn, 'token' => $order['token']))->find(); if ($trade && !$trade['is_pay']) { $serialize = array('merid' => $merid, 'orderno' => $orderno, 'transdate' => $transdate, 'amount' => $amount, 'currencycode' => $currencycode, 'transtype' => $transtype, 'status' => $status, 'checkvalue' => $checkvalue, 'gateId' => $gateId, 'priv1' => $priv1); $data = array('is_pay' => '1', 'return_params' => serialize($serialize), 'update_time' => time()); M('b2c_wingtrade')->where(array('order_sn' => $order_sn))->save($data); } M('b2c_order')->where(array('sn' => $order_sn))->save(array('status' => 2, 'update_time' => time())); //减库存 ShopAction::minusInventory($order_sn); } else { Log::record('union pay failed.'); Log::save(); } } }