yzms/show/pay_recv.php

<?
require_once(dirname(__FILE__)."/common.php");

function verifySign($data, $sign, $cer_data)
{
	$s = base64_encode($cer_data);
	$s = "-----BEGIN CERTIFICATE-----\n".wordwrap($s, 64, "\n", true)."\n-----END CERTIFICATE-----\n";
	//$cert = openssl_x509_read($s);
	$pubkey = openssl_get_publickey($s);
	//var_dump($pubkey);

	return openssl_verify($data, base64_decode($sign), $pubkey, OPENSSL_ALGO_SHA1);
}
function is_mobile() { 
    $isphone = stristr($_SERVER['HTTP_USER_AGENT'], "windows nt")?false:true;
    return $isphone; 
}
$ua = $_SERVER['HTTP_USER_AGENT'];
$ispc = stristr($ua, "windows nt")?true:false;

//file_put_contents("rs_".rand().".txt", print_r($_GET, 1)."\n\n".print_r($_POST, 1)."\n\n".file_get_contents("php://input")."\n\n");

$json = file_get_contents("php://input");
/*$json = '{"ccy":"156","discountAmt":"0","goodsInfo":"订餐系统充值0.01元","institutionCode":null,"merchantNo":"3178032723083685","originalTradeNo":null,"outTradeNo":"TEST1542871488","payAmt":"1","resultCode":null,"resultMsg":null,"serialVersionUID":"-4533305937881824905","sign":"GoUcjtdcsp1Q6NSoKz/cX06PYZnFwMghTHSky8KtQQspvysEHdiMWCSeB7/oe+x5DY+Rv7Q+Ohz7hbXBTTSpGLT3l2vzMYj87hW6kpDEAPODuXzUE++WA7VFGODAS0MuYWa24eABARAA8r6071pPcBvEbsUC6exBo5T20Cd7/fg=","tradeAmt":"1","tradeFinishedDate":"Thu Nov 22 15:25:21 CST 2018","tradeNo":"20181122100000210002106736310910","tradeReason":null,"tradeStatus":"SUCCESS","tradeType":"REAL_TIME_PRO"}';*/
if($json) {
	$a = json_decode($json, true);
	if(!$a) exit;

	$ORDERSEQ = $a['outTradeNo'];
	$ORDERAMOUNT = $a['tradeAmt'];
	$tradeNo = $a['tradeNo'];

	$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ORDERSEQ}'");
	if(!$row) {
		echo "no order";
		exit;
	}
	$uid = $row['uid'];
	$cInfo = $db->get_one("select a.cellphone, b.* from tb_user a, tb_company b where a.company_id=b.id and a.id = ".$uid);
	if(!$cInfo || !$cInfo['yzfcz_merchantId'] || !$cInfo['yzfcz_p12'] || !$cInfo['yzfcz_p12_pass'] || !$cInfo['yzfcz_cer'] || !strstr(','.$cInfo['allow_pay'].',', ',yzf,')) {
		echo "USER ERROR";
	}

	$merid = $cInfo['yzfcz_merchantId'];
	$yzfcz_cer = $cInfo['yzfcz_cer'];

	$sign = $a['sign'];
	if(!$sign) exit;
	unset($a['sign']);
	foreach($a as $key => $item) {
		if($item === null) $a[$key] = 'null';
	}
	ksort($a);
	$tosign = get_kvstr($a);
	//echo $tosign."\n\n";
	//echo $sign."\n\n";
	$r = verifySign($tosign, $sign, $yzfcz_cer);
	if(!$r) die("sign err!");

	
	if(round($row['AMOUNT']*100) != $ORDERAMOUNT) {
		echo "AMOUNT ERROR";
		exit;
	}

	
	if($a['tradeStatus'] == 'SUCCESS') {
		$db->query("insert into tb_recharge_pay_suc set ORDERSEQ='{$ORDERSEQ}', AMOUNT='".($ORDERAMOUNT/100)."', addtime=now()", 'SILENT');
		if($db->affected_rows() == 1) {
			require_once("include/pay.inc.php");
			$payInfo = array(
				'ac_type' => '2',
				'rtype' => '1',
				'recharge_fund_type' => '1',
				'oid' => $row['id'],
			);
			$r = gpay_add_user_account_uid($uid, $row['AMOUNT'], $payInfo);
			$db->query("update tb_recharge_pay set UPTRANSEQ='{$tradeNo}', BANKID='', RETNCODE='SUCCESS', RETNINFO='', paytime=now(),notify_rs='".addslashes(trim(strip_tags($json)))."' where id=".$row['id']);
			//file_put_contents("1.txt", $_SERVER["HTTP_USER_AGENT"].": ".$UPTRANSEQ."\n\n\n", FILE_APPEND);
			
		} else {
			//echo "has";	
		}
		$echo = "{
		\"success\":true,
		\"result\":
			{
			\"statusCode\": 200,
			\"outTradeNo\":\"{$ORDERSEQ}\",
			\"tradeNo\":\"{$tradeNo}\"
			}
		}";
		echo $echo;
		//file_put_contents("echo.txt", $echo);
	}

	exit;
}

$result = $_GET['result'];
if($result) {
	if(strstr($result, '成功')) {
		gredirect("../m/bills.html");
	} else {
		gredirect("../m/");
	}
} else {
	gredirect("../m/");
}
提交 2024-04-01 15:54:27 +08:00			`<?`
			`require_once(dirname(__FILE__)."/common.php");`

			`function verifySign($data, $sign, $cer_data)`
			`{`
			`$s = base64_encode($cer_data);`
			`$s = "-----BEGIN CERTIFICATE-----\n".wordwrap($s, 64, "\n", true)."\n-----END CERTIFICATE-----\n";`
			`//$cert = openssl_x509_read($s);`
			`$pubkey = openssl_get_publickey($s);`
			`//var_dump($pubkey);`

			`return openssl_verify($data, base64_decode($sign), $pubkey, OPENSSL_ALGO_SHA1);`
			`}`
			`function is_mobile() {`
			`$isphone = stristr($_SERVER['HTTP_USER_AGENT'], "windows nt")?false:true;`
			`return $isphone;`
			`}`
			`$ua = $_SERVER['HTTP_USER_AGENT'];`
			`$ispc = stristr($ua, "windows nt")?true:false;`

			`//file_put_contents("rs_".rand().".txt", print_r($_GET, 1)."\n\n".print_r($_POST, 1)."\n\n".file_get_contents("php://input")."\n\n");`

			`$json = file_get_contents("php://input");`
			/$json = '{"ccy":"156","discountAmt":"0","goodsInfo":"订餐系统充值0.01元","institutionCode":null,"merchantNo":"3178032723083685","originalTradeNo":null,"outTradeNo":"TEST1542871488","payAmt":"1","resultCode":null,"resultMsg":null,"serialVersionUID":"-4533305937881824905","sign":"GoUcjtdcsp1Q6NSoKz/cX06PYZnFwMghTHSky8KtQQspvysEHdiMWCSeB7/oe+x5DY+Rv7Q+Ohz7hbXBTTSpGLT3l2vzMYj87hW6kpDEAPODuXzUE++WA7VFGODAS0MuYWa24eABARAA8r6071pPcBvEbsUC6exBo5T20Cd7/fg=","tradeAmt":"1","tradeFinishedDate":"Thu Nov 22 15:25:21 CST 2018","tradeNo":"20181122100000210002106736310910","tradeReason":null,"tradeStatus":"SUCCESS","tradeType":"REAL_TIME_PRO"}';/
			`if($json) {`
			`$a = json_decode($json, true);`
			`if(!$a) exit;`

			`$ORDERSEQ = $a['outTradeNo'];`
			`$ORDERAMOUNT = $a['tradeAmt'];`
			`$tradeNo = $a['tradeNo'];`

			`$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ORDERSEQ}'");`
			`if(!$row) {`
			`echo "no order";`
			`exit;`
			`}`
			`$uid = $row['uid'];`
			`$cInfo = $db->get_one("select a.cellphone, b.* from tb_user a, tb_company b where a.company_id=b.id and a.id = ".$uid);`
			`if(!$cInfo \|\| !$cInfo['yzfcz_merchantId'] \|\| !$cInfo['yzfcz_p12'] \|\| !$cInfo['yzfcz_p12_pass'] \|\| !$cInfo['yzfcz_cer'] \|\| !strstr(','.$cInfo['allow_pay'].',', ',yzf,')) {`
			`echo "USER ERROR";`
			`}`

			`$merid = $cInfo['yzfcz_merchantId'];`
			`$yzfcz_cer = $cInfo['yzfcz_cer'];`

			`$sign = $a['sign'];`
			`if(!$sign) exit;`
			`unset($a['sign']);`
			`foreach($a as $key => $item) {`
			`if($item === null) $a[$key] = 'null';`
			`}`
			`ksort($a);`
			`$tosign = get_kvstr($a);`
			`//echo $tosign."\n\n";`
			`//echo $sign."\n\n";`
			`$r = verifySign($tosign, $sign, $yzfcz_cer);`
			`if(!$r) die("sign err!");`


			`if(round($row['AMOUNT']*100) != $ORDERAMOUNT) {`
			`echo "AMOUNT ERROR";`
			`exit;`
			`}`


			`if($a['tradeStatus'] == 'SUCCESS') {`
			`$db->query("insert into tb_recharge_pay_suc set ORDERSEQ='{$ORDERSEQ}', AMOUNT='".($ORDERAMOUNT/100)."', addtime=now()", 'SILENT');`
			`if($db->affected_rows() == 1) {`
			`require_once("include/pay.inc.php");`
			`$payInfo = array(`
			`'ac_type' => '2',`
			`'rtype' => '1',`
			`'recharge_fund_type' => '1',`
			`'oid' => $row['id'],`
			`);`
			`$r = gpay_add_user_account_uid($uid, $row['AMOUNT'], $payInfo);`
			`$db->query("update tb_recharge_pay set UPTRANSEQ='{$tradeNo}', BANKID='', RETNCODE='SUCCESS', RETNINFO='', paytime=now(),notify_rs='".addslashes(trim(strip_tags($json)))."' where id=".$row['id']);`
			`//file_put_contents("1.txt", $_SERVER["HTTP_USER_AGENT"].": ".$UPTRANSEQ."\n\n\n", FILE_APPEND);`

			`} else {`
			`//echo "has";`
			`}`
			`$echo = "{`
			`\"success\":true,`
			`\"result\":`
			`{`
			`\"statusCode\": 200,`
			`\"outTradeNo\":\"{$ORDERSEQ}\",`
			`\"tradeNo\":\"{$tradeNo}\"`
			`}`
			`}";`
			`echo $echo;`
			`//file_put_contents("echo.txt", $echo);`
			`}`

			`exit;`
			`}`

			`$result = $_GET['result'];`
			`if($result) {`
			`if(strstr($result, '成功')) {`
			`gredirect("../m/bills.html");`
			`} else {`
			`gredirect("../m/");`
			`}`
			`} else {`
			`gredirect("../m/");`
			`}`