function return_verify() { //��ȡԶ�̷�����ATN�����֤�Ƿ���֧�������������������� if ($this->transport == "https") { $veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"]; } else { $veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"]; } $veryfy_result = $this->get_verify($veryfy_url); //���ǩ���� if (empty($_GET)) { //�ж�GET���������Ƿ�Ϊ�� return false; } else { $get = para_filter($_GET); //������GET�������������ȥ�� $sort_get = arg_sort($get); //������GET����������������� $this->mysign = build_mysign($sort_get, $this->_key, $this->sign_type); //���ǩ���� //д��־��¼ //log_result("veryfy_result=".$veryfy_result."\n return_url_log:sign=".$_GET["sign"]."&mysign=".$this->mysign."&".create_linkstring($sort_get)); //�ж�veryfy_result�Ƿ�Ϊture����ɵ�ǩ����mysign���õ�ǩ����sign�Ƿ�һ�� //$veryfy_result�Ľ����true����������������⡢���������ID��notify_idһ����ʧЧ�й� //mysign��sign���ȣ��밲ȫУ���롢����ʱ�IJ����ʽ���磺���Զ������ȣ��������ʽ�й� if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) { return true; } else { return false; } } }
function alipay_service($parameter, $security_code, $sign_type) { $this->gateway = "https://www.alipay.com/cooperate/gateway.do?"; $this->security_code = $security_code; $this->sign_type = $sign_type; $this->parameter = para_filter($parameter); if ($parameter['_input_charset'] == '') { $this->parameter['_input_charset'] = 'GBK'; } $this->_input_charset = $this->parameter['_input_charset']; $sort_array = arg_sort($this->parameter); $this->mysign = build_mysign($sort_array, $this->security_code, $this->sign_type); }
function alipay_service($parameter,$key,$sign_type) { $this->gateway = "https://www.alipay.com/cooperate/gateway.do?"; $this->_key = $key; $this->sign_type = $sign_type; $preParameter = para_filter($parameter); //设定_input_charset的值,为空值的情况下默认为GBK if($parameter['_input_charset'] == '') $this->parameter['_input_charset'] = 'GBK'; $this->_input_charset = $this->parameter['_input_charset']; //获得签名结果 $this->parameter = arg_sort($preParameter); //得到从字母a到z排序后的签名参数数组 $this->mysign = build_mysign($this->parameter,$this->_key,$this->sign_type); }
function alipay_service($parameter, $key, $sign_type) { $this->gateway = "https://www.alipay.com/cooperate/gateway.do?"; $this->_key = $key; $this->sign_type = $sign_type; $preParameter = para_filter($parameter); //�趨_input_charset��ֵ,Ϊ��ֵ�������Ĭ��ΪGBK if ($parameter['_input_charset'] == '') { $this->parameter['_input_charset'] = 'GBK'; } $this->_input_charset = $this->parameter['_input_charset']; //���ǩ���� $this->parameter = arg_sort($preParameter); //�õ�����ĸa��z������ǩ��������� $this->mysign = build_mysign($this->parameter, $this->_key, $this->sign_type); }
function alipay_service($parameter, $security_code, $sign_type) { $this->gateway = "https://www.alipay.com/cooperate/gateway.do?"; $this->security_code = $security_code; $this->sign_type = $sign_type; $this->parameter = para_filter($parameter); //设定_input_charset的值,为空值的情况下默认为GBK if ($parameter['_input_charset'] == '') { $this->parameter['_input_charset'] = 'GBK'; } $this->_input_charset = $this->parameter['_input_charset']; //获得签名结果 $sort_array = arg_sort($this->parameter); //得到从字母a到z排序后的加密参数数组 $this->mysign = build_mysign($sort_array, $this->security_code, $this->sign_type); }
function return_verify() { //判断GET来的数组是否为空 if (empty($_GET)) { return false; } else { //对所有GET反馈回来的数据去空 $get = para_filter($_GET); //对所有GET反馈回来的数据排序 $sort_get = arg_sort($get); //获取返回的sign $sign = $_GET["sign"]; //把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串 $prestr = create_linkstring($sort_get); //返回验签bool值 return verify($prestr, $sign); } }
function return_verify() { //判断GET来的数组是否为空 if (empty($_GET)) { return false; } else { $get = para_filter($_GET); //对所有GET反馈回来的数据去空 $sort_get = arg_sort($get); //对所有GET反馈回来的数据排序 $this->mysign = build_mysign($sort_get, $this->_key, $this->sign_type); //生成签名结果 if ($this->mysign == $_GET["sign"]) { return true; } else { return false; } } }
/** * 构造函数(从配置文件及入口文件中初始化变量) * @param $aOrder array( * 'out_trade_no' => 'QC屋唯一订单号', * 'subject' => "订单名称(商品名称)", * 'body' => "订单描述、订单详细、订单备注", * 'total_fee' => "订单总金额,显示在支付宝收银台里的“应付总额”里", * 'notify_url' => '异步处理程序', * 'return_url' => '同步跳转页面', * 'show_url' => '商品链接', * ) */ function alipay_service($aOrder) { $this->notify_url = $aOrder['notify_url']; $this->return_url = $aOrder['return_url']; $this->show_url = $aOrder['show_url']; $aConfig = $this->loadAlipayConfig(@$aOrder['out_trade_no'], @$aOrder['subject'], @$aOrder['body'], @$aOrder['total_fee']); parent::alipay_notify($aConfig['partner'], $aConfig['key'], $aConfig['sign_type'], $aConfig['_input_charset'], $aConfig['transport']); $this->gateway = "https://www.alipay.com/cooperate/gateway.do?"; $this->_key = $aConfig['key']; $this->sign_type = $aConfig['sign_type']; $this->parameter = para_filter($aConfig['parameter']); //设定_input_charset的值,为空值的情况下默认为GBK if ($aConfig['parameter']['_input_charset'] == '') { $this->parameter['_input_charset'] = 'utf-8'; } //GBK $this->_input_charset = $this->parameter['_input_charset']; //获得签名结果 $sort_array = arg_sort($this->parameter); //得到从字母a到z排序后的签名参数数组 $this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type); }
function return_verify() { if ($this->transport == "https") { $veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"]; } else { $veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"]; } $veryfy_result = $this->get_verify($veryfy_url); if (empty($_GET)) { return false; } else { $get = para_filter($_GET); $sort_get = arg_sort($get); $this->mysign = build_mysign($sort_get, $this->security_code, $this->sign_type); log_result("veryfy_result=" . $veryfy_result . "\n return_url_log:sign=" . $_GET["sign"] . "&mysign=" . $this->mysign . "&" . create_linkstring($sort_get)); if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) { return true; } else { return false; } } }
function return_verify() { //获取远程服务器ATN结果,验证是否是支付宝服务器发来的请求 if($this->transport == "https") { $veryfy_url = $this->gateway. "service=notify_verify" ."&partner=" .$this->partner. "¬ify_id=".$_GET["notify_id"]; } else { $veryfy_url = $this->gateway. "partner=".$this->partner."¬ify_id=".$_GET["notify_id"]; } $veryfy_result = $this->get_verify($veryfy_url); //生成签名结果 if(empty($_GET)) { //判断GET来的数组是否为空 return false; } else { $get = para_filter($_GET); //对所有GET反馈回来的数据去空 $sort_get = arg_sort($get); //对所有GET反馈回来的数据排序 $this->mysign = build_mysign($sort_get,$this->_key,$this->sign_type); //生成签名结果 //写日志记录 //log_result("veryfy_result=".$veryfy_result."\n return_url_log:sign=".$_GET["sign"]."&mysign=".$this->mysign."&".create_linkstring($sort_get)); //判断veryfy_result是否为ture,生成的签名结果mysign与获得的签名结果sign是否一致 //$veryfy_result的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关 //mysign与sign不等,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关 if (preg_match("/true$/i",$veryfy_result) && $this->mysign == $_GET["sign"]) { return true; }else { return false; } } }
/** * 返回token参数 * 参数 result 需要先urldecode */ function getToken($result) { $result = urldecode($result); // URL转码 $Arr = explode('&', $result); // 根据 & 符号拆分 $temp = array(); // 临时存放拆分的数组 $myArray = array(); // 待签名的数组 // 循环构造key、value数组 for ($i = 0; $i < count($Arr); $i++) { $temp = explode('=', $Arr[$i], 2); $myArray[$temp[0]] = $temp[1]; } $sign = $myArray['sign']; // 支付宝返回签名 $myArray = para_filter($myArray); // 拆分完毕后的数组 $sort_array = arg_sort($myArray); // 排序数组 $this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type); // 构造本地参数签名,用于对比支付宝请求的签名 if ($this->mysign == $sign) { return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token'); // 返回token } else { echo '签名不正确'; // 当判断出签名不正确,请不要验签通过 return '签名不正确'; } }
/** * 返回token参数 * 参数 result 需要先urldecode */ private function getToken($result) { $result = urldecode($result); // URL转码 $Arr = explode('&', $result); // 根据 & 符号拆分 $temp = array(); // 临时存放拆分的数组 $myArray = array(); // 待签名的数组 // 循环构造key、value数组 for ($i = 0; $i < count($Arr); $i++) { $temp = explode('=', $Arr[$i], 2); $myArray[$temp[0]] = $temp[1]; } $sign = $myArray['sign']; // 支付宝返回签名 $myArray = para_filter($myArray); // 拆分完毕后的数组 $sort_array = arg_sort($myArray); // 排序数组 $calcSign = build_mysign($sort_array, $this->partnerKey, $this->configSecId); // 构造本地参数签名,用于对比支付宝请求的签名 if ($calcSign != $sign) { // 当判断出签名不正确,请不要验签通过 printLog('alipayWap Token 签名不正确 sign[' . $sign . '] calcSign[' . $calcSign . ']', 'PAYMENT', \Core\Log\Base::ERROR); return null; } return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token'); // 返回token }
/** * 返回token参数 * 参数 result 需要先urldecode */ function getToken($result) { //URL转码 $result = urldecode($result); //根据 & 符号拆分 $Arr = explode('&', $result); //临时存放拆分的数组 $temp = array(); //待签名的数组 $myArray = array(); //循环构造key、value数组 for ($i = 0; $i < count($Arr); $i++) { $temp = explode('=', $Arr[$i], 2); $myArray[$temp[0]] = $temp[1]; } //需要先解密res_data $myArray['res_data'] = decrypt($myArray['res_data']); //获取返回的RSA签名 $sign = $myArray['sign']; //去sign,去空值参数 $myArray = para_filter($myArray); //排序数组 $sort_array = arg_sort($myArray); //拼凑参数链接 & 连接 $prestr = create_linkstring($sort_array); //返回布尔值,是否验签通过 $isverify = verify($prestr, $sign); //判断签名是否正确 if ($isverify) { //返回token return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token'); } else { //当判断出签名不正确,请不要验签通过 return '签名不正确'; } }