liaoyk
/
yzms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
yzms/show/pay.php

143 lines
5.2 KiB
PHP
Raw Permalink Normal View History

提交
2024-04-01 15:54:27 +08:00
<?
require_once(dirname(__FILE__)."/common.php");
function pay($ordid, $amount, $url, $ispc=1) {
global $merid, $paykey, $db;
$amount = number_format($amount, 2, '.', '');
$orderreqtranseq = "SEQ_" . $ordid; // Order SEQ
if($amount <= 0) return "err";
$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ordid}'");
if(!$row) {
$db->get_one("insert into tb_recharge_pay set ORDERSEQ='{$ordid}', ORDERREQTRANSEQ='{$orderreqtranseq}', AMOUNT='{$amount}',url='{$url}', addtime=now()");
$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ordid}'");
} else {
$r_amount = $row['AMOUNT'];
$addtime = $row['addtime'];
$retncode = $row['RETNCODE'];
if($retncode == '0000') {
return "has success";
}
if(time() - strtotime($addtime) > 300) {
return "overtime";
}
if($amount != $r_amount) {
return "amount error";
}
}
$attachamount = "0.00"; // Payment Version
$productamount = $amount;
$orderamount =$attachamount+$productamount; // Amount
$orderamount = number_format($orderamount, 2, '.', '');
$orderdate=date('YmdHis');
if($ispc) {
$macmd5="MERCHANTID={$merid}&ORDERSEQ={$ordid}&ORDERDATE={$orderdate}&ORDERAMOUNT=".intval($orderamount*100)."&CLIENTIP=".$_SERVER['REMOTE_ADDR']."&KEY=".$paykey;
} else {
$macmd5="MERCHANTID=$merid&ORDERSEQ=$ordid&ORDERDATE=$orderdate&ORDERAMOUNT=$orderamount&KEY=$paykey";
}
$mac=md5($macmd5);
$curtype='RMB';
$encodetype = "1"; // Currency Type, Use CNY
$transdate = date('Ymd'); // Order Date
$busicode = "0001"; // Transaction type, Consume
//$nowhost = @file_get_contents("/home/www/nowhost");
if(is_file("/home/www/nowhost")) $nowhost = @file_get_contents("/home/www/nowhost");
else $nowhost = @file_get_contents("d:/web/nowhost");
if(!$nowhost) $nowhost = $_SERVER['HTTP_HOST'];
$pagereturl = "http://".$nowhost."/show/pay_recv.php"; # Feedback Url
$bgreturl = "http://".$nowhost."/show/pay_recv.php";
$productdesc='饭卡充值';
$productid='99';
$tmnum='';
$customerid='';
?>
<html>
<body onload="document.getElementById('payform').submit();">
<form id="payform" action="https://wappaywg.bestpay.com.cn/pay<?=$ispc?"Web":"Wap"?>.do" method="post">
<input type="hidden" name="MERCHANTID" value="<?php echo $merid; ?>"/>
<? if($ispc) { ?>
<input type="hidden" name="SUBMERCHANTID" value=""/>
<? } ?>
<input type="hidden" name="ORDERSEQ" value="<?php echo $ordid; ?>"/>
<input type="hidden" name="ORDERREQTRANSEQ" value="<?php echo $orderreqtranseq; ?>"/>
<input type="hidden" name="ORDERDATE" value="<?php echo $orderdate; ?>"/>
<input type="hidden" name="ORDERAMOUNT" value="<?=$ispc?intval($orderamount*100):$orderamount?>"/>
<input type="hidden" name="PRODUCTAMOUNT" value="<?=$ispc?intval($productamount*100):$productamount?>"/>
<input type="hidden" name="ATTACHAMOUNT" value="<?=$ispc?intval($attachamount*100):$attachamount?>"/>
<input type="hidden" name="CURTYPE" value="<?php echo $curtype; ?>"/>
<input type="hidden" name="ENCODETYPE" value="<?php echo $encodetype; ?>"/>
<input type="hidden" name="MERCHANTURL" value="<?php echo $pagereturl; ?>"/>
<input type="hidden" name="BACKMERCHANTURL" value="<?php echo $bgreturl; ?>"/>
<? if($ispc) { ?>
<input type="hidden" name="ATTACH" value=""/>
<input type="hidden" name="DIVDETAILS" value=""/>
<input type="hidden" name="PEDCNT" value=""/>
<input type="hidden" name="GMTOVERTIME" value="<?=date("Y-m-d H:i:s", time()+300)?>"/>
<input type="hidden" name="GOODPAYTYPE" value=""/>
<input type="hidden" name="GOODSCODE" value=""/>
<input type="hidden" name="GOODSNAME" value="饭卡充值"/>
<input type="hidden" name="GOODSNUM" value="1"/>
<? } ?>
<input type="hidden" name="BUSICODE" value="<?php echo $busicode; ?>"/>
<input type="hidden" name="PRODUCTDESC" value="<?php echo $productdesc; ?>"/>
<input type="hidden" name="PRODUCTID" value="<?php echo $productid; ?>"/>
<input type="hidden" name="TMNUM" value="<?php echo $tmnum?>"/>
<input type="hidden" name="CUSTOMERID" value="<?php echo $customerid?>"/>
<input type="hidden" name="MAC" value="<?php echo $mac; ?>"/>
<? if($ispc) {
$ks = "MERCHANTID={$merid}&ORDERSEQ={$ordid}&ORDERREQSEQ={$orderreqtranseq}&KEY=".$paykey;
$k = strtoupper(md5($ks));
$url = "https://webpaywg.bestpay.com.cn/createTimeStamp.do?MERCHANTID={$merid}&ORDERSEQ={$ordid}&ORDERREQTRANSEQ={$orderreqtranseq}&MAC=".$k;
$a = json_decode(gquery($url), true);
$ts = $a['result'];
?>
<input type="hidden" name="CLIENTIP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>"/>
<input type="hidden" name="TIMESTAMP" value="<?php echo $ts; ?>"/>
<? } ?>
</form>
</body>
</html>
<?
}
$oid = trim($_GET['orderid']);
$amount = trim($_GET['amount']);
$url = trim($_GET['url']);
$time = intval($_GET['time']);
$sign = trim($_GET['sign']);
//$ispc = intval($_GET['ispc']);
if($oid != '' && $amount != '' && $sign != '') {
if(time()-$time > 300) {
echo "err1";
exit;
}
$sign2 = md5(substr(sha1($oid."_".$amount."_".$time), 4, 20));
if($sign != $sign2) {
echo "err2";
exit;
}
echo pay($oid, $amount, $url, $ispc);
}
//$oid = "423787248954";
//$amount = "0.01";
//$url = "http://www.baidu.com";