/**
* 支付宝调用回调方法
*/
public static function paying_notify()
{
/**
* 功能:支付宝服务器异步通知页面
*************************页面功能说明*************************
* 创建该页面文件时,请留心该页面文件中无任何HTML代码及空格。
* 该页面不能在本机电脑测试,请到服务器上做测试。请确保外部可以访问该
* 页面。
* 该页面调试工具请使用写文本函数logResult,该函数已被默认关闭,见
* alipay_notify_class.php中的函数verifyNotify
* 如果没有收到该页面返回的 success 信息,支付宝会在24小时内按一定的
* 时间策略重发通知
*/
//require_once("alipay.config.php");
//require_once("lib/alipay_notify.class.php");
//计算得出通知验证结果
$alipay_config = AlipayConfig::config();
$alipayNotify = new AlipayNotify($alipay_config);
$verify_result = $alipayNotify->verifyNotify();
if (!$verify_result) {
die('error:verify_result_failed');
}
//验证成功
//商户订单号
$out_trade_no = $_POST['out_trade_no'];
//支付宝交易号
$trade_no = $_POST['trade_no'];
//交易状态
$trade_status = $_POST['trade_status'];
$time = time();
if (!in_array($_POST['trade_status'], array('TRADE_FINISHED', 'TRADE_SUCCESS'))) {
die('error:trade_status_error');
}
//判断该笔订单是否在商户网站中已经做过处理
//如果没有做过处理,根据订单号(out_trade_no)在商户网站的订
// 单系统中查到该笔订单的详细,并执行商户的业务程序
//如果有做过处理,不执行商户的业务程序
$db = Fn::db();
$row = TransactionRecordModel::transactionRecordInfoByTrNo($out_trade_no);
if (!$row) {
die('error:out_trade_no_not_exist');
}
if ($row['tr_flag'] == 1) {
// 已处理过
echo 'success';
exit;
}
if (!$db->beginTransaction()) {
die('error:start_transaction_failed');
}
$param = array('tr_flag' => 1, 'tr_finishtime' => $time);
TransactionRecordModel::setTransactionRecordByTrNo($out_trade_no, $param);
$sql = <<<EOT
UPDATE rd_student SET account = account + ({$row['tr_trade_amount']})
WHERE uid = {$row['tr_uid']}
EOT;
$flag = $db->exec($sql);
if (!$db->commit()) {
$db->rollBack();
die('error:commit_transaction_failed');
}
//注意:
//付款完成后,支付宝系统发送该交易状态通知
echo "success";
exit;
}
/**
* 供外部支付验证使用 IMPORTANT
* GET参数如下:
* @param string from 来源标识
* @param string data 加密数据字符串,data解密后包含如下字段:
* string ukey 用户标识,必须(准考证号)
* string pass 密码,若有该字段,表示转账
* string auth 密码代替验证,若有该字段,表示转账,是array('ukey' => '', 'amount' => '')的加密值
* int amount 转账金额,不可为0,若有该字段,则表示转账
* 返回的为json格式的array数据:
* string error 若有该参数,则表明有错误信息
* string data 该参数表示返回的加密信息字符串,这里返回的是用户信息,解密后为array类型包含如下字段:
* string ukey 用户标识
* int account 当前余额
*/
public function paytrans()
{
$resp = new AjaxResponse();
while (true) {
$from = $_GET['from'];
$lv_cfg = C('loginverify');
if (!$lv_cfg) {
$resp->alert('非法访问来源0');
break;
}
if (!isset($lv_cfg[$from])) {
$resp->alert('非法访问来源1');
break;
}
$hashcode = $lv_cfg[$from]['hashcode'];
$enc_data = $_GET['data'];
$param0 = Func::decrypt($enc_data, $hashcode);
//header('Content-Type:application/json;charset=UTF-8');
if ($param0 === false) {
$resp->alert('非法访问');
break;
}
if (!isset($param0['ukey'])) {
$resp->alert('非法访问参数');
break;
}
$uinfo = StudentModel::get_student_by_exam_ticket($param0['ukey'], 'uid,exam_ticket,password,account');
if (empty($uinfo)) {
$resp->alert('非法用户');
break;
}
if ((isset($param0['pass']) || isset($param0['auth'])) && isset($param0['amount'])) {
if (!Validate::isInt($param0['amount']) || $param0['amount'] == 0) {
$resp->alert('转账金额不能为0');
break;
}
if (isset($param0['pass']) && my_md5($param0['pass']) == $uinfo['password'] || isset($param0['auth']) && Func::encrypt(array('ukey' => $param0['ukey'], 'amount' => $param0['amount']), $hashcode) == $param0['auth']) {
if (bcadd($uinfo['account'], $param0['amount'], 0) < 0) {
$resp->alert('用户余额不足');
break;
}
// 这里开始交易
$tr_no = TransactionRecordModel::genTransactionRecordTrNo();
$db = Fn::db();
$db->beginTransaction();
$rec = array('tr_no' => $tr_no, 'tr_type' => 4, 'tr_uid' => $uinfo['uid'], 'tr_pid' => NULL, 'tr_money' => bcadd($uinfo['account'], $param0['amount'], 0), 'tr_cash' => NULL, 'tr_trade_amount' => $param0['amount'], 'tr_adminid' => 1, 'tr_flag' => 2, 'tr_createtime' => time());
$rec['tr_finishtime'] = $rec['tr_createtime'];
if ($param0['amount'] > 0) {
$rec['tr_comment'] = "从{$lv_cfg[$from]['name']}转入{$param0['amount']}择明通宝";
} else {
$v = 0 - $param0['amount'];
$rec['tr_comment'] = "转出{$v}择明通宝到{$lv_cfg[$from]['name']}";
}
try {
$db->insert('t_transaction_record', $rec);
$db->update('rd_student', array('account' => $rec['tr_money']), 'uid = ' . $uinfo['uid']);
$db->commit();
} catch (Exception $e) {
$db->rollBack();
$resp->alert('转账失败');
break;
}
$uinfo['account'] = $rec['tr_money'];
$resp->exdata = array('ukey' => $uinfo['exam_ticket'], 'account' => $uinfo['account']);
} else {
$resp->alert('用户验证未通过');
}
break;
}
// 只显示余额
$resp->exdata = array('ukey' => $uinfo['exam_ticket'], 'account' => $uinfo['account']);
break;
}
$json_data = array();
if ($resp->exdata) {
$json_data['data'] = Func::encrypt($resp->exdata, $hashcode);
} else {
$resp_data = json_decode($resp->__toString(), true);
$json_data['error'] = $resp_data[0][1];
}
$json_str = json_encode($json_data);
header('Content-Type:application/json;charset=UTF-8');
echo "{$json_str}";
exit;
}
/**
* ription 用户帐号充值处理
*
* @param int $account_in_out
* 增加/减少
* @param int $txt_account
* 数量
* @param int $uid
* 用户id
* @param string $tex_memo
* 备注
*/
public function reset_account()
{
if (!$this->check_power('account_manage')) {
return;
}
$account_in_out = intval($this->input->post('account_in_out'));
$txt_account = intval($this->input->post('txt_account'));
$uid = intval($this->input->post('uid'));
$tex_memo = $this->input->post('tex_memo');
// 检查是否存在该学生
$account = CommonModel::get_student($uid, 'account,account_status');
if (!$account) {
output_json(CODE_ERROR, '不存在该学生.');
} elseif ($account['account_status']) {
output_json(CODE_ERROR, '学生帐号已被冻结');
}
$account = $account['account'];
$vc = C('virtual_currency');
if ($account_in_out == 2) {
$account = $account - $txt_account;
if ($account < 0) {
output_json(CODE_ERROR, '学生帐号余额不足');
}
$txt_account = -$txt_account;
} else {
$account += $txt_account;
}
$insert_data = array('tr_uid' => $uid, 'tr_type' => 2, 'tr_flag' => 1, 'tr_comment' => $tex_memo, 'tr_money' => $account, 'tr_trade_amount' => $txt_account, 'tr_adminid' => $this->session->userdata('admin_id'));
$db = Fn::db();
if ($db->beginTransaction()) {
TransactionRecordModel::addTransactionRecord($insert_data);
// 修改学生帐号资金
CommonModel::reset_account($uid, $account);
$flag = $db->commit();
if (!$flag) {
$db->rollBack();
output_json(CODE_ERROR, '帐号充值失败,请重试');
}
output_json(CODE_SUCCESS, '帐号充值成功.');
}
output_json(CODE_ERROR, '帐号充值失败,请重试');
}
/**
* 充值
*/
public function paying()
{
if (!$this->_uinfo['uid']) {
redirect('student/index/login');
}
if (!C('paycharge_enable')) {
message('您没有权限访问该功能');
}
$uid = $this->_uinfo['uid'];
$data = array();
$data['uinfo'] = $this->_uinfo;
$account = trim($this->input->post('begin_time'));
if (!is_numeric($account)) {
message('请输入正确的数字');
}
$account2 = bcadd($account, 0.0, 1);
if (bccomp($account2, $account, 6) != 0) {
message('请输入正确的最多保留一位小数的数字');
}
if (bccomp($account2, '0.0', 1) <= 0) {
message('请输入正确的大于零的数字');
}
$account = $account2;
$insert_array = array();
$insert_array = array();
if ($uid) {
/*
* 基本信息
*/
$uid = intval($uid);
$student = CommonModel::get_student($uid);
if (empty($student)) {
message('信息不存在');
return;
}
$tr_amount = $account * 10;
$param = array('tr_uid' => $uid, 'tr_type' => 1, 'tr_flag' => 0, 'tr_money' => $student['account'] + $tr_amount, 'tr_cash' => $account, 'tr_trade_amount' => $tr_amount, 'tr_comment' => '支付宝充值');
$number = TransactionRecordModel::addTransactionRecord($param);
$html_text = StudentAlipayModel::paying($number, $account);
$data = array('html_text' => $html_text);
$this->load->view('profile/paying', $data);
} else {
$this->load->view('profile/paying');
}
}