143 lines
5.2 KiB
PHP
143 lines
5.2 KiB
PHP
|
<?
|
||
|
require_once(dirname(__FILE__)."/common.php");
|
||
|
|
||
|
function pay($ordid, $amount, $url, $ispc=1) {
|
||
|
global $merid, $paykey, $db;
|
||
|
$amount = number_format($amount, 2, '.', '');
|
||
|
|
||
|
$orderreqtranseq = "SEQ_" . $ordid; // Order SEQ
|
||
|
if($amount <= 0) return "err";
|
||
|
|
||
|
$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ordid}'");
|
||
|
if(!$row) {
|
||
|
$db->get_one("insert into tb_recharge_pay set ORDERSEQ='{$ordid}', ORDERREQTRANSEQ='{$orderreqtranseq}', AMOUNT='{$amount}',url='{$url}', addtime=now()");
|
||
|
$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ordid}'");
|
||
|
} else {
|
||
|
$r_amount = $row['AMOUNT'];
|
||
|
$addtime = $row['addtime'];
|
||
|
$retncode = $row['RETNCODE'];
|
||
|
if($retncode == '0000') {
|
||
|
return "has success";
|
||
|
}
|
||
|
if(time() - strtotime($addtime) > 300) {
|
||
|
return "overtime";
|
||
|
}
|
||
|
if($amount != $r_amount) {
|
||
|
return "amount error";
|
||
|
}
|
||
|
}
|
||
|
|
||
|
|
||
|
$attachamount = "0.00"; // Payment Version
|
||
|
$productamount = $amount;
|
||
|
$orderamount =$attachamount+$productamount; // Amount
|
||
|
$orderamount = number_format($orderamount, 2, '.', '');
|
||
|
|
||
|
$orderdate=date('YmdHis');
|
||
|
|
||
|
if($ispc) {
|
||
|
$macmd5="MERCHANTID={$merid}&ORDERSEQ={$ordid}&ORDERDATE={$orderdate}&ORDERAMOUNT=".intval($orderamount*100)."&CLIENTIP=".$_SERVER['REMOTE_ADDR']."&KEY=".$paykey;
|
||
|
} else {
|
||
|
$macmd5="MERCHANTID=$merid&ORDERSEQ=$ordid&ORDERDATE=$orderdate&ORDERAMOUNT=$orderamount&KEY=$paykey";
|
||
|
}
|
||
|
|
||
|
$mac=md5($macmd5);
|
||
|
|
||
|
$curtype='RMB';
|
||
|
|
||
|
$encodetype = "1"; // Currency Type, Use CNY
|
||
|
$transdate = date('Ymd'); // Order Date
|
||
|
$busicode = "0001"; // Transaction type, Consume
|
||
|
|
||
|
//$nowhost = @file_get_contents("/home/www/nowhost");
|
||
|
if(is_file("/home/www/nowhost")) $nowhost = @file_get_contents("/home/www/nowhost");
|
||
|
else $nowhost = @file_get_contents("d:/web/nowhost");
|
||
|
|
||
|
if(!$nowhost) $nowhost = $_SERVER['HTTP_HOST'];
|
||
|
|
||
|
$pagereturl = "http://".$nowhost."/show/pay_recv.php"; # Feedback Url
|
||
|
$bgreturl = "http://".$nowhost."/show/pay_recv.php";
|
||
|
$productdesc='饭卡充值';
|
||
|
|
||
|
$productid='99';
|
||
|
$tmnum='';
|
||
|
$customerid='';
|
||
|
?>
|
||
|
<html>
|
||
|
<body onload="document.getElementById('payform').submit();">
|
||
|
<form id="payform" action="https://wappaywg.bestpay.com.cn/pay<?=$ispc?"Web":"Wap"?>.do" method="post">
|
||
|
<input type="hidden" name="MERCHANTID" value="<?php echo $merid; ?>"/>
|
||
|
<? if($ispc) { ?>
|
||
|
<input type="hidden" name="SUBMERCHANTID" value=""/>
|
||
|
<? } ?>
|
||
|
<input type="hidden" name="ORDERSEQ" value="<?php echo $ordid; ?>"/>
|
||
|
<input type="hidden" name="ORDERREQTRANSEQ" value="<?php echo $orderreqtranseq; ?>"/>
|
||
|
<input type="hidden" name="ORDERDATE" value="<?php echo $orderdate; ?>"/>
|
||
|
<input type="hidden" name="ORDERAMOUNT" value="<?=$ispc?intval($orderamount*100):$orderamount?>"/>
|
||
|
<input type="hidden" name="PRODUCTAMOUNT" value="<?=$ispc?intval($productamount*100):$productamount?>"/>
|
||
|
<input type="hidden" name="ATTACHAMOUNT" value="<?=$ispc?intval($attachamount*100):$attachamount?>"/>
|
||
|
|
||
|
<input type="hidden" name="CURTYPE" value="<?php echo $curtype; ?>"/>
|
||
|
<input type="hidden" name="ENCODETYPE" value="<?php echo $encodetype; ?>"/>
|
||
|
<input type="hidden" name="MERCHANTURL" value="<?php echo $pagereturl; ?>"/>
|
||
|
<input type="hidden" name="BACKMERCHANTURL" value="<?php echo $bgreturl; ?>"/>
|
||
|
|
||
|
<? if($ispc) { ?>
|
||
|
<input type="hidden" name="ATTACH" value=""/>
|
||
|
<input type="hidden" name="DIVDETAILS" value=""/>
|
||
|
<input type="hidden" name="PEDCNT" value=""/>
|
||
|
<input type="hidden" name="GMTOVERTIME" value="<?=date("Y-m-d H:i:s", time()+300)?>"/>
|
||
|
<input type="hidden" name="GOODPAYTYPE" value=""/>
|
||
|
<input type="hidden" name="GOODSCODE" value=""/>
|
||
|
<input type="hidden" name="GOODSNAME" value="饭卡充值"/>
|
||
|
<input type="hidden" name="GOODSNUM" value="1"/>
|
||
|
<? } ?>
|
||
|
|
||
|
<input type="hidden" name="BUSICODE" value="<?php echo $busicode; ?>"/>
|
||
|
<input type="hidden" name="PRODUCTDESC" value="<?php echo $productdesc; ?>"/>
|
||
|
<input type="hidden" name="PRODUCTID" value="<?php echo $productid; ?>"/>
|
||
|
<input type="hidden" name="TMNUM" value="<?php echo $tmnum?>"/>
|
||
|
<input type="hidden" name="CUSTOMERID" value="<?php echo $customerid?>"/>
|
||
|
<input type="hidden" name="MAC" value="<?php echo $mac; ?>"/>
|
||
|
<? if($ispc) {
|
||
|
$ks = "MERCHANTID={$merid}&ORDERSEQ={$ordid}&ORDERREQSEQ={$orderreqtranseq}&KEY=".$paykey;
|
||
|
$k = strtoupper(md5($ks));
|
||
|
$url = "https://webpaywg.bestpay.com.cn/createTimeStamp.do?MERCHANTID={$merid}&ORDERSEQ={$ordid}&ORDERREQTRANSEQ={$orderreqtranseq}&MAC=".$k;
|
||
|
$a = json_decode(gquery($url), true);
|
||
|
$ts = $a['result'];
|
||
|
?>
|
||
|
<input type="hidden" name="CLIENTIP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>"/>
|
||
|
<input type="hidden" name="TIMESTAMP" value="<?php echo $ts; ?>"/>
|
||
|
<? } ?>
|
||
|
</form>
|
||
|
</body>
|
||
|
</html>
|
||
|
|
||
|
|
||
|
|
||
|
<?
|
||
|
}
|
||
|
|
||
|
$oid = trim($_GET['orderid']);
|
||
|
$amount = trim($_GET['amount']);
|
||
|
$url = trim($_GET['url']);
|
||
|
$time = intval($_GET['time']);
|
||
|
$sign = trim($_GET['sign']);
|
||
|
//$ispc = intval($_GET['ispc']);
|
||
|
if($oid != '' && $amount != '' && $sign != '') {
|
||
|
if(time()-$time > 300) {
|
||
|
echo "err1";
|
||
|
exit;
|
||
|
}
|
||
|
$sign2 = md5(substr(sha1($oid."_".$amount."_".$time), 4, 20));
|
||
|
if($sign != $sign2) {
|
||
|
echo "err2";
|
||
|
exit;
|
||
|
}
|
||
|
echo pay($oid, $amount, $url, $ispc);
|
||
|
}
|
||
|
|
||
|
//$oid = "423787248954";
|
||
|
//$amount = "0.01";
|
||
|
//$url = "http://www.baidu.com";
|