function respond() {
require_once ("tenpay/PayResponseHandler.class.php");
$resHandler = new PayResponseHandler();
$sp_billno = $resHandler->getParameter("sp_billno");
if(preg_match('/(select|union|and|\'|"|\))/i',$sp_billno)){
exit('非法参数');
}
preg_match_all("/-(.*)-(.*)-(.*)/isu",$sp_billno,$oidout);
$paytype = $where['pay_code'] = $oidout[3][0];
include_once ROOT.'/lib/plugins/pay/'.$paytype.'.php';
$pay = pay::getInstance()->getrows($where);
$payconfig = unserialize($pay[0]['pay_config']);
$resHandler->setKey($payconfig[1]['value']);
$where = array();
$where['oid']=$sp_billno;
$orders=orders::getInstance()->getrow($where);
if($resHandler->isTenpaySign()) {
$transaction_id = $resHandler->getParameter("transaction_id");
$total_fee = $resHandler->getParameter("total_fee");
$pay_result = $resHandler->getParameter("pay_result");
if("0" == $pay_result) {
if (!pay::check_money($orders['id'],$total_fee/100)) {
echo "<br/>" . "金额不符" . "<br/>";
return false;
}
pay::changeorders($orders['id'],$_GET);
$show = config::get('site_url');
$resHandler->doShow($show);
} else {
echo "<br/>" . "支付失败" . "<br/>";
return false;
}
} else {
echo "<br/>" . "认证签名失败" . "<br/>";
return false;
}
}
function respond() {
if (!empty($_POST)) {
foreach($_POST as $key =>$data) {
if(preg_match('/(=|<|>|\')/', $data)){
return false;
}
$_GET[$key] = $data;
}
}
$payment = pay::get_payment($_GET['code']);
$seller_email = rawurldecode($_GET['seller_email']);
$order_sn = str_replace($_GET['subject'],'',$_GET['out_trade_no']);
$order_sn = trim($order_sn);
if (!pay::check_money($order_sn,$_GET['total_fee'])) {
return false;
}
if($_GET['trade_status'] == "WAIT_SELLER_SEND_GOODS"||$_GET['trade_status'] == "TRADE_FINISHED" || $_GET['trade_status'] == "TRADE_SUCCESS") {
pay::changeorders($order_sn,$_GET);
return true;
}else {
return false;
}
}
function respond() {
$payment = get_payment('paypal');
$merchant_id = $payment['paypal_account'];
$req = 'cmd=_notify-validate';
foreach ($_POST as $key =>$value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: ".strlen($req) ."\r\n\r\n";
$fp = fsockopen ('www.paypal.com',80,$errno,$errstr,30);
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$order_sn = $_POST['invoice'];
$memo = !empty($_POST['memo']) ?$_POST['memo'] : '';
$action_note = $txn_id .'('.$GLOBALS['_LANG']['paypal_txn_id'] .')'.$memo;
if (!$fp) {
fclose($fp);
return false;
}
else {
fputs($fp,$header .$req);
while (!feof($fp)) {
$res = fgets($fp,1024);
if (strcmp($res,'VERIFIED') == 0) {
if ($payment_status != 'Completed'&&$payment_status != 'Pending') {
fclose($fp);
return false;
}
if ($receiver_email != $merchant_id) {
fclose($fp);
return false;
}
if (!pay::check_money($order_sn,$payment_amount)) {
fclose($fp);
return false;
}
if ($payment['paypal_currency'] != $payment_currency) {
fclose($fp);
return false;
}
pay::changeorders($order_sn,$action_note);
fclose($fp);
return true;
}
elseif (strcmp($res,'INVALID') == 0) {
fclose($fp);
return false;
}
}
}
}
