function return_verify()
{
//��ȡԶ�̷�����ATN�����֤�Ƿ���֧��������������������
if ($this->transport == "https") {
$veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
} else {
$veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
//���ǩ����
if (empty($_GET)) {
//�ж�GET���������Ƿ�Ϊ��
return false;
} else {
$get = para_filter($_GET);
//������GET�������������ȥ��
$sort_get = arg_sort($get);
//������GET�����������������
$this->mysign = build_mysign($sort_get, $this->_key, $this->sign_type);
//���ǩ����
//д��־��¼
//log_result("veryfy_result=".$veryfy_result."\n return_url_log:sign=".$_GET["sign"]."&mysign=".$this->mysign."&".create_linkstring($sort_get));
//�ж�veryfy_result�Ƿ�Ϊture����ɵ�ǩ����mysign���õ�ǩ����sign�Ƿ�һ��
//$veryfy_result�Ľ����true����������������⡢���������ID��notify_idһ����ʧЧ�й�
//mysign��sign���ȣ��밲ȫУ���롢����ʱ�IJ����ʽ���磺���Զ������ȣ��������ʽ�й�
if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
function alipay_service($parameter, $security_code, $sign_type)
{
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->security_code = $security_code;
$this->sign_type = $sign_type;
$this->parameter = para_filter($parameter);
if ($parameter['_input_charset'] == '') {
$this->parameter['_input_charset'] = 'GBK';
}
$this->_input_charset = $this->parameter['_input_charset'];
$sort_array = arg_sort($this->parameter);
$this->mysign = build_mysign($sort_array, $this->security_code, $this->sign_type);
}
function alipay_service($parameter,$key,$sign_type) {
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->_key = $key;
$this->sign_type = $sign_type;
$preParameter = para_filter($parameter);
//设定_input_charset的值,为空值的情况下默认为GBK
if($parameter['_input_charset'] == '')
$this->parameter['_input_charset'] = 'GBK';
$this->_input_charset = $this->parameter['_input_charset'];
//获得签名结果
$this->parameter = arg_sort($preParameter); //得到从字母a到z排序后的签名参数数组
$this->mysign = build_mysign($this->parameter,$this->_key,$this->sign_type);
}
function alipay_service($parameter, $key, $sign_type)
{
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->_key = $key;
$this->sign_type = $sign_type;
$preParameter = para_filter($parameter);
//�趨_input_charset��ֵ,Ϊ��ֵ�������Ĭ��ΪGBK
if ($parameter['_input_charset'] == '') {
$this->parameter['_input_charset'] = 'GBK';
}
$this->_input_charset = $this->parameter['_input_charset'];
//���ǩ����
$this->parameter = arg_sort($preParameter);
//�õ�����ĸa��z������ǩ���������
$this->mysign = build_mysign($this->parameter, $this->_key, $this->sign_type);
}
function alipay_service($parameter, $security_code, $sign_type)
{
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->security_code = $security_code;
$this->sign_type = $sign_type;
$this->parameter = para_filter($parameter);
//设定_input_charset的值,为空值的情况下默认为GBK
if ($parameter['_input_charset'] == '') {
$this->parameter['_input_charset'] = 'GBK';
}
$this->_input_charset = $this->parameter['_input_charset'];
//获得签名结果
$sort_array = arg_sort($this->parameter);
//得到从字母a到z排序后的加密参数数组
$this->mysign = build_mysign($sort_array, $this->security_code, $this->sign_type);
}
function return_verify()
{
//判断GET来的数组是否为空
if (empty($_GET)) {
return false;
} else {
//对所有GET反馈回来的数据去空
$get = para_filter($_GET);
//对所有GET反馈回来的数据排序
$sort_get = arg_sort($get);
//获取返回的sign
$sign = $_GET["sign"];
//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
$prestr = create_linkstring($sort_get);
//返回验签bool值
return verify($prestr, $sign);
}
}
function return_verify()
{
//判断GET来的数组是否为空
if (empty($_GET)) {
return false;
} else {
$get = para_filter($_GET);
//对所有GET反馈回来的数据去空
$sort_get = arg_sort($get);
//对所有GET反馈回来的数据排序
$this->mysign = build_mysign($sort_get, $this->_key, $this->sign_type);
//生成签名结果
if ($this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
/**
* 构造函数(从配置文件及入口文件中初始化变量)
* @param $aOrder array(
* 'out_trade_no' => 'QC屋唯一订单号',
* 'subject' => "订单名称(商品名称)",
* 'body' => "订单描述、订单详细、订单备注",
* 'total_fee' => "订单总金额,显示在支付宝收银台里的“应付总额”里",
* 'notify_url' => '异步处理程序',
* 'return_url' => '同步跳转页面',
* 'show_url' => '商品链接',
* )
*/
function alipay_service($aOrder)
{
$this->notify_url = $aOrder['notify_url'];
$this->return_url = $aOrder['return_url'];
$this->show_url = $aOrder['show_url'];
$aConfig = $this->loadAlipayConfig(@$aOrder['out_trade_no'], @$aOrder['subject'], @$aOrder['body'], @$aOrder['total_fee']);
parent::alipay_notify($aConfig['partner'], $aConfig['key'], $aConfig['sign_type'], $aConfig['_input_charset'], $aConfig['transport']);
$this->gateway = "https://www.alipay.com/cooperate/gateway.do?";
$this->_key = $aConfig['key'];
$this->sign_type = $aConfig['sign_type'];
$this->parameter = para_filter($aConfig['parameter']);
//设定_input_charset的值,为空值的情况下默认为GBK
if ($aConfig['parameter']['_input_charset'] == '') {
$this->parameter['_input_charset'] = 'utf-8';
}
//GBK
$this->_input_charset = $this->parameter['_input_charset'];
//获得签名结果
$sort_array = arg_sort($this->parameter);
//得到从字母a到z排序后的签名参数数组
$this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type);
}
function return_verify()
{
if ($this->transport == "https") {
$veryfy_url = $this->gateway . "service=notify_verify" . "&partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
} else {
$veryfy_url = $this->gateway . "partner=" . $this->partner . "¬ify_id=" . $_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
if (empty($_GET)) {
return false;
} else {
$get = para_filter($_GET);
$sort_get = arg_sort($get);
$this->mysign = build_mysign($sort_get, $this->security_code, $this->sign_type);
log_result("veryfy_result=" . $veryfy_result . "\n return_url_log:sign=" . $_GET["sign"] . "&mysign=" . $this->mysign . "&" . create_linkstring($sort_get));
if (preg_match("/true\$/i", $veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
} else {
return false;
}
}
}
function return_verify() {
//获取远程服务器ATN结果,验证是否是支付宝服务器发来的请求
if($this->transport == "https") {
$veryfy_url = $this->gateway. "service=notify_verify" ."&partner=" .$this->partner. "¬ify_id=".$_GET["notify_id"];
} else {
$veryfy_url = $this->gateway. "partner=".$this->partner."¬ify_id=".$_GET["notify_id"];
}
$veryfy_result = $this->get_verify($veryfy_url);
//生成签名结果
if(empty($_GET)) { //判断GET来的数组是否为空
return false;
}
else {
$get = para_filter($_GET); //对所有GET反馈回来的数据去空
$sort_get = arg_sort($get); //对所有GET反馈回来的数据排序
$this->mysign = build_mysign($sort_get,$this->_key,$this->sign_type); //生成签名结果
//写日志记录
//log_result("veryfy_result=".$veryfy_result."\n return_url_log:sign=".$_GET["sign"]."&mysign=".$this->mysign."&".create_linkstring($sort_get));
//判断veryfy_result是否为ture,生成的签名结果mysign与获得的签名结果sign是否一致
//$veryfy_result的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关
//mysign与sign不等,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关
if (preg_match("/true$/i",$veryfy_result) && $this->mysign == $_GET["sign"]) {
return true;
}else {
return false;
}
}
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
function getToken($result)
{
$result = urldecode($result);
// URL转码
$Arr = explode('&', $result);
// 根据 & 符号拆分
$temp = array();
// 临时存放拆分的数组
$myArray = array();
// 待签名的数组
// 循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
$sign = $myArray['sign'];
// 支付宝返回签名
$myArray = para_filter($myArray);
// 拆分完毕后的数组
$sort_array = arg_sort($myArray);
// 排序数组
$this->mysign = build_mysign($sort_array, $this->_key, $this->sign_type);
// 构造本地参数签名,用于对比支付宝请求的签名
if ($this->mysign == $sign) {
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
// 返回token
} else {
echo '签名不正确';
// 当判断出签名不正确,请不要验签通过
return '签名不正确';
}
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
private function getToken($result)
{
$result = urldecode($result);
// URL转码
$Arr = explode('&', $result);
// 根据 & 符号拆分
$temp = array();
// 临时存放拆分的数组
$myArray = array();
// 待签名的数组
// 循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
$sign = $myArray['sign'];
// 支付宝返回签名
$myArray = para_filter($myArray);
// 拆分完毕后的数组
$sort_array = arg_sort($myArray);
// 排序数组
$calcSign = build_mysign($sort_array, $this->partnerKey, $this->configSecId);
// 构造本地参数签名,用于对比支付宝请求的签名
if ($calcSign != $sign) {
// 当判断出签名不正确,请不要验签通过
printLog('alipayWap Token 签名不正确 sign[' . $sign . '] calcSign[' . $calcSign . ']', 'PAYMENT', \Core\Log\Base::ERROR);
return null;
}
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
// 返回token
}
/**
* 返回token参数
* 参数 result 需要先urldecode
*/
function getToken($result)
{
//URL转码
$result = urldecode($result);
//根据 & 符号拆分
$Arr = explode('&', $result);
//临时存放拆分的数组
$temp = array();
//待签名的数组
$myArray = array();
//循环构造key、value数组
for ($i = 0; $i < count($Arr); $i++) {
$temp = explode('=', $Arr[$i], 2);
$myArray[$temp[0]] = $temp[1];
}
//需要先解密res_data
$myArray['res_data'] = decrypt($myArray['res_data']);
//获取返回的RSA签名
$sign = $myArray['sign'];
//去sign,去空值参数
$myArray = para_filter($myArray);
//排序数组
$sort_array = arg_sort($myArray);
//拼凑参数链接 & 连接
$prestr = create_linkstring($sort_array);
//返回布尔值,是否验签通过
$isverify = verify($prestr, $sign);
//判断签名是否正确
if ($isverify) {
//返回token
return getDataForXML($myArray['res_data'], '/direct_trade_create_res/request_token');
} else {
//当判断出签名不正确,请不要验签通过
return '签名不正确';
}
}
