110 lines
3.6 KiB
PHP
110 lines
3.6 KiB
PHP
|
<?
|
||
|
require_once(dirname(__FILE__)."/common.php");
|
||
|
|
||
|
function verifySign($data, $sign, $cer_data)
|
||
|
{
|
||
|
$s = base64_encode($cer_data);
|
||
|
$s = "-----BEGIN CERTIFICATE-----\n".wordwrap($s, 64, "\n", true)."\n-----END CERTIFICATE-----\n";
|
||
|
//$cert = openssl_x509_read($s);
|
||
|
$pubkey = openssl_get_publickey($s);
|
||
|
//var_dump($pubkey);
|
||
|
|
||
|
return openssl_verify($data, base64_decode($sign), $pubkey, OPENSSL_ALGO_SHA1);
|
||
|
}
|
||
|
function is_mobile() {
|
||
|
$isphone = stristr($_SERVER['HTTP_USER_AGENT'], "windows nt")?false:true;
|
||
|
return $isphone;
|
||
|
}
|
||
|
$ua = $_SERVER['HTTP_USER_AGENT'];
|
||
|
$ispc = stristr($ua, "windows nt")?true:false;
|
||
|
|
||
|
//file_put_contents("rs_".rand().".txt", print_r($_GET, 1)."\n\n".print_r($_POST, 1)."\n\n".file_get_contents("php://input")."\n\n");
|
||
|
|
||
|
$json = file_get_contents("php://input");
|
||
|
/*$json = '{"ccy":"156","discountAmt":"0","goodsInfo":"订餐系统充值0.01元","institutionCode":null,"merchantNo":"3178032723083685","originalTradeNo":null,"outTradeNo":"TEST1542871488","payAmt":"1","resultCode":null,"resultMsg":null,"serialVersionUID":"-4533305937881824905","sign":"GoUcjtdcsp1Q6NSoKz/cX06PYZnFwMghTHSky8KtQQspvysEHdiMWCSeB7/oe+x5DY+Rv7Q+Ohz7hbXBTTSpGLT3l2vzMYj87hW6kpDEAPODuXzUE++WA7VFGODAS0MuYWa24eABARAA8r6071pPcBvEbsUC6exBo5T20Cd7/fg=","tradeAmt":"1","tradeFinishedDate":"Thu Nov 22 15:25:21 CST 2018","tradeNo":"20181122100000210002106736310910","tradeReason":null,"tradeStatus":"SUCCESS","tradeType":"REAL_TIME_PRO"}';*/
|
||
|
if($json) {
|
||
|
$a = json_decode($json, true);
|
||
|
if(!$a) exit;
|
||
|
|
||
|
$ORDERSEQ = $a['outTradeNo'];
|
||
|
$ORDERAMOUNT = $a['tradeAmt'];
|
||
|
$tradeNo = $a['tradeNo'];
|
||
|
|
||
|
$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ORDERSEQ}'");
|
||
|
if(!$row) {
|
||
|
echo "no order";
|
||
|
exit;
|
||
|
}
|
||
|
$uid = $row['uid'];
|
||
|
$cInfo = $db->get_one("select a.cellphone, b.* from tb_user a, tb_company b where a.company_id=b.id and a.id = ".$uid);
|
||
|
if(!$cInfo || !$cInfo['yzfcz_merchantId'] || !$cInfo['yzfcz_p12'] || !$cInfo['yzfcz_p12_pass'] || !$cInfo['yzfcz_cer'] || !strstr(','.$cInfo['allow_pay'].',', ',yzf,')) {
|
||
|
echo "USER ERROR";
|
||
|
}
|
||
|
|
||
|
$merid = $cInfo['yzfcz_merchantId'];
|
||
|
$yzfcz_cer = $cInfo['yzfcz_cer'];
|
||
|
|
||
|
$sign = $a['sign'];
|
||
|
if(!$sign) exit;
|
||
|
unset($a['sign']);
|
||
|
foreach($a as $key => $item) {
|
||
|
if($item === null) $a[$key] = 'null';
|
||
|
}
|
||
|
ksort($a);
|
||
|
$tosign = get_kvstr($a);
|
||
|
//echo $tosign."\n\n";
|
||
|
//echo $sign."\n\n";
|
||
|
$r = verifySign($tosign, $sign, $yzfcz_cer);
|
||
|
if(!$r) die("sign err!");
|
||
|
|
||
|
|
||
|
if(round($row['AMOUNT']*100) != $ORDERAMOUNT) {
|
||
|
echo "AMOUNT ERROR";
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
|
||
|
if($a['tradeStatus'] == 'SUCCESS') {
|
||
|
$db->query("insert into tb_recharge_pay_suc set ORDERSEQ='{$ORDERSEQ}', AMOUNT='".($ORDERAMOUNT/100)."', addtime=now()", 'SILENT');
|
||
|
if($db->affected_rows() == 1) {
|
||
|
require_once("include/pay.inc.php");
|
||
|
$payInfo = array(
|
||
|
'ac_type' => '2',
|
||
|
'rtype' => '1',
|
||
|
'recharge_fund_type' => '1',
|
||
|
'oid' => $row['id'],
|
||
|
);
|
||
|
$r = gpay_add_user_account_uid($uid, $row['AMOUNT'], $payInfo);
|
||
|
$db->query("update tb_recharge_pay set UPTRANSEQ='{$tradeNo}', BANKID='', RETNCODE='SUCCESS', RETNINFO='', paytime=now(),notify_rs='".addslashes(trim(strip_tags($json)))."' where id=".$row['id']);
|
||
|
//file_put_contents("1.txt", $_SERVER["HTTP_USER_AGENT"].": ".$UPTRANSEQ."\n\n\n", FILE_APPEND);
|
||
|
|
||
|
} else {
|
||
|
//echo "has";
|
||
|
}
|
||
|
$echo = "{
|
||
|
\"success\":true,
|
||
|
\"result\":
|
||
|
{
|
||
|
\"statusCode\": 200,
|
||
|
\"outTradeNo\":\"{$ORDERSEQ}\",
|
||
|
\"tradeNo\":\"{$tradeNo}\"
|
||
|
}
|
||
|
}";
|
||
|
echo $echo;
|
||
|
//file_put_contents("echo.txt", $echo);
|
||
|
}
|
||
|
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
$result = $_GET['result'];
|
||
|
if($result) {
|
||
|
if(strstr($result, '成功')) {
|
||
|
gredirect("../m/bills.html");
|
||
|
} else {
|
||
|
gredirect("../m/");
|
||
|
}
|
||
|
} else {
|
||
|
gredirect("../m/");
|
||
|
}
|