244 lines
8.3 KiB
PHP
244 lines
8.3 KiB
PHP
|
<?
|
|||
|
require_once(dirname(__FILE__)."/common.php");
|
|||
|
|
|||
|
function verifySign($data, $sign, $cer_data)
|
|||
|
{
|
|||
|
$s = base64_encode($cer_data);
|
|||
|
$s = "-----BEGIN CERTIFICATE-----\n".wordwrap($s, 64, "\n", true)."\n-----END CERTIFICATE-----\n";
|
|||
|
//$cert = openssl_x509_read($s);
|
|||
|
$pubkey = openssl_get_publickey($s);
|
|||
|
//var_dump($pubkey);
|
|||
|
|
|||
|
return openssl_verify($data, base64_decode($sign), $pubkey, OPENSSL_ALGO_SHA1);
|
|||
|
}
|
|||
|
function cancel_order($order_ids){
|
|||
|
global $db;
|
|||
|
foreach ($order_ids as $v){
|
|||
|
$order_id = $v;
|
|||
|
// 删除order 和 order_detail
|
|||
|
$oInfo = $db->get_one("select * from tb_order where id=".$order_id);
|
|||
|
$date_id = $oInfo['date_id'];
|
|||
|
$data = $db->get_one("select * from tb_order_detail where order_id=".$order_id);
|
|||
|
foreach ($data as $item){
|
|||
|
$db->update("tb_date_dish", array('book_num'=>"book_num"-$item['dish_amount']), "date_id='{$date_id}' and dish_id='{$item['dish_id']}'");
|
|||
|
}
|
|||
|
$db->delete("tb_order_detail", "order_id='{$order_id}'");
|
|||
|
$db->delete("tb_order", "id='{$order_id}'");
|
|||
|
}
|
|||
|
}
|
|||
|
function update_order($order_ids, $data){
|
|||
|
global $db;
|
|||
|
if(!is_array($order_ids)){
|
|||
|
$order_ids = explode(',', $order_ids);
|
|||
|
}
|
|||
|
foreach ($order_ids as $k => $v){
|
|||
|
$db->update("tb_order", $data, "id='{$v}'");
|
|||
|
}
|
|||
|
}
|
|||
|
function clear_cart($uid){
|
|||
|
global $db;
|
|||
|
$db->delete("tb_cart", "uid='{$uid}'");
|
|||
|
}
|
|||
|
function createReceiveMealNum($dish_ids, $company_id, $date_id, $oid, $uid){
|
|||
|
global $db;
|
|||
|
$info = $db->get_one("select * from tb_dish_receive_meal where status='1' and company_id='{$company_id}'");
|
|||
|
if(empty($info)){
|
|||
|
return "";
|
|||
|
}
|
|||
|
$serialNumDish = explode(',', $info['dish_ids']);
|
|||
|
$dish_ids_arr = explode(',', $dish_ids);
|
|||
|
$jiaoji = array_intersect($serialNumDish, $dish_ids_arr);
|
|||
|
if(empty($jiaoji)){
|
|||
|
return "";
|
|||
|
}
|
|||
|
// 获取已经编号的
|
|||
|
$getSerialInfo = $db->get_one("select max(serial_num) max_num from tb_dish_receive_meal_num where company_id='{$company_id}' and date_id='{$date_id}'");
|
|||
|
// 生成编号
|
|||
|
$serialArr = array(
|
|||
|
'company_id' => $company_id,
|
|||
|
'oid' => $oid,
|
|||
|
'serial_num' => $getSerialInfo['max_num']+1,
|
|||
|
'date_id' => $date_id,
|
|||
|
'add_time' => date('Y-m-d H:i:s'),
|
|||
|
'uid' => $uid,
|
|||
|
);
|
|||
|
$insertDataStr = "";
|
|||
|
foreach ($serialArr as $k => $v){
|
|||
|
$insertDataStr .= ",{$k}='{$v}'";
|
|||
|
}
|
|||
|
$insertDataStr = substr($insertDataStr, 1, strlen($insertDataStr)-1);
|
|||
|
$db->query("insert into tb_dish_receive_meal_num set {$insertDataStr}", 'SILENT');
|
|||
|
return $db->affected_rows();
|
|||
|
}
|
|||
|
|
|||
|
//function err_log($outTradeNo, $fee, $msg, $json){
|
|||
|
// global $db;
|
|||
|
// $log = array(
|
|||
|
// 'orderNo' => $outTradeNo,
|
|||
|
// 'ftid' => 0,
|
|||
|
// 'channelid' => 0,
|
|||
|
// 'payfee' => $fee,
|
|||
|
// 'code' => '',
|
|||
|
// 'errorMsg' => $msg,
|
|||
|
// 'raw_str' => $json,
|
|||
|
// 'ip' => '',
|
|||
|
// 'addtime' => date('Y-m-d H:i:s'),
|
|||
|
// );
|
|||
|
// $db->insert("tb_yzf_paylog", $log);
|
|||
|
//}
|
|||
|
function err_log($uid, $outTradeNo, $msg, $json){
|
|||
|
global $db;
|
|||
|
$log = array(
|
|||
|
'uid' => $uid,
|
|||
|
'outTradeNo' => $outTradeNo,
|
|||
|
'msg' => $msg,
|
|||
|
'json' => $json,
|
|||
|
'ip' => $_SERVER['REMOTE_ADDR'],
|
|||
|
'add_time' => date('Y-m-d H:i:s'),
|
|||
|
);
|
|||
|
$db->insert("tb_yzf_err_log", $log);
|
|||
|
}
|
|||
|
|
|||
|
$json = file_get_contents("php://input");
|
|||
|
|
|||
|
if($json){
|
|||
|
$a = json_decode($json, true);
|
|||
|
|
|||
|
$ORDERSEQ = $a['outTradeNo'];
|
|||
|
$ORDERAMOUNT = $a['tradeAmt'];
|
|||
|
$tradeNo = $a['tradeNo'];
|
|||
|
|
|||
|
$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ORDERSEQ}'");
|
|||
|
if(!$row) {
|
|||
|
err_log($row['uid'], $ORDERSEQ, "no order", $json);
|
|||
|
echo "no order";
|
|||
|
exit;
|
|||
|
}
|
|||
|
$uid = $row['uid'];
|
|||
|
$rList = array();
|
|||
|
$order_ids = array();
|
|||
|
if(!empty($row['rList'])){
|
|||
|
$rList = unserialize($row['rList']);
|
|||
|
$order_ids = array_column($rList, 'oid');
|
|||
|
}else{
|
|||
|
err_log($row['uid'], $ORDERSEQ, "no rList", $json);
|
|||
|
echo "no rList";
|
|||
|
exit;
|
|||
|
}
|
|||
|
|
|||
|
$cInfo = $db->get_one("select a.*,b.cellphone,c.merchantNo, c.institutionCode, c.yzf_p12, c.yzf_p12_pass, c.yzf_cer, c.allow_pay from
|
|||
|
tb_dining_hall a
|
|||
|
left join tb_user b on a.id=b.dining_hall_id
|
|||
|
left join tb_certificate c on a.id=c.dining_hall_id and c.company_id=b.company_id
|
|||
|
where
|
|||
|
b.id='{$uid}' and a.enabled=1 and b.enabled=1");
|
|||
|
if(!$cInfo || !$cInfo['merchantNo'] || !$cInfo['institutionCode'] || !$cInfo['yzf_p12'] || !$cInfo['yzf_p12_pass'] || !$cInfo['yzf_cer'] || !strstr(','.$cInfo['allow_pay'].',', ',yzf,')){
|
|||
|
echo "USER ERROR";
|
|||
|
err_log($row['uid'], $ORDERSEQ, "USER ERROR", $json);
|
|||
|
exit;
|
|||
|
|
|||
|
}
|
|||
|
$merid = $cInfo['merchantNo'];
|
|||
|
$yzf_cer = $cInfo['yzf_cer'];
|
|||
|
|
|||
|
$sign = $a['sign'];
|
|||
|
if(!$sign){
|
|||
|
err_log($row['uid'], $ORDERSEQ, "no sign", $json);
|
|||
|
cancel_order($order_ids);
|
|||
|
exit;
|
|||
|
}
|
|||
|
unset($a['sign']);
|
|||
|
foreach($a as $key => $item) {
|
|||
|
if($item === null) $a[$key] = 'null';
|
|||
|
}
|
|||
|
ksort($a);
|
|||
|
$tosign = get_kvstr($a);
|
|||
|
$r = verifySign($tosign, $sign, $yzf_cer);
|
|||
|
|
|||
|
if(!$r){
|
|||
|
cancel_order($order_ids);
|
|||
|
err_log($row['uid'], $ORDERSEQ, "sign err", $json);
|
|||
|
die("sign err!");
|
|||
|
};
|
|||
|
if(round($row['AMOUNT']*100) != $ORDERAMOUNT) {
|
|||
|
cancel_order($order_ids);
|
|||
|
err_log($row['uid'], $ORDERSEQ, "AMOUNT ERROR", $json);
|
|||
|
echo "AMOUNT ERROR";
|
|||
|
exit;
|
|||
|
}
|
|||
|
if($a['tradeStatus'] == 'SUCCESS') {
|
|||
|
$db->query("insert into tb_recharge_pay_suc set ORDERSEQ='{$ORDERSEQ}', AMOUNT='".($ORDERAMOUNT/100)."', addtime=now()", 'SILENT');
|
|||
|
if($db->affected_rows() == 1) {
|
|||
|
update_order($order_ids ,array('uid'=>$uid, 'yzf_code'=> $ORDERSEQ));
|
|||
|
clear_cart($uid);
|
|||
|
require_once("include/pay.inc.php");
|
|||
|
$payInfo = array(
|
|||
|
'ac_type' => '2',
|
|||
|
'rtype' => '1',
|
|||
|
'recharge_fund_type' => '1',
|
|||
|
'oid' => $row['id'],
|
|||
|
);
|
|||
|
$r = gpay_add_user_account_uid($uid, $row['AMOUNT'], $payInfo);
|
|||
|
$db->query("update tb_recharge_pay set UPTRANSEQ='{$tradeNo}', BANKID='', RETNCODE='SUCCESS', RETNINFO='', paytime=now(),notify_rs='".addslashes(trim(strip_tags($json)))."' where id=".$row['id']);
|
|||
|
// 已经在type_id=2 充值,之后进行消费记录tb_recharge
|
|||
|
if($rList) { //扣费
|
|||
|
$r = gpay_pay_user_account($uid, $rList, $updateInfo);
|
|||
|
if($r != 'suc') {
|
|||
|
foreach($rList as $item) { //支付失败,删除订单
|
|||
|
cancel_order($item['oid']);
|
|||
|
}
|
|||
|
|
|||
|
$pay_info = "";
|
|||
|
if($r == 'yebz') {
|
|||
|
$pay_info = "余额不足,下单失败";
|
|||
|
} else {
|
|||
|
$pay_info = "下单失败,请重试!";
|
|||
|
}
|
|||
|
$db->query("update tb_recharge_pay set pay_info='{$pay_info}' where id=".$row['id']);
|
|||
|
echo "yebz";
|
|||
|
err_log($row['uid'], $ORDERSEQ, "yebz", $json);
|
|||
|
exit;
|
|||
|
}else{
|
|||
|
// array('ac' => $total['total_price'], 'rtype' => RECHARGE_TYPE_PAY, 'ftid' => $date->dining_hall_id, 'oid' => $oid);
|
|||
|
foreach ($rList as $k => $v){
|
|||
|
$order_info = $db->get_one("select a.date_id,a.uid,a.id,group_concat(b.dish_id) dish_ids,c.company_id from tb_order a left join tb_order_detail b on a.id=b.order_id left join tb_user c on a.uid=c.id where a.id='{$v['oid']}' group by a.id");
|
|||
|
createReceiveMealNum($order_info['dish_ids'], $order_info['company_id'], $order_info['date_id'], $order_info['id'], $order_info['uid']);
|
|||
|
}
|
|||
|
update_order($order_ids ,array('uid'=>$uid, 'yzf_code'=> $ORDERSEQ));
|
|||
|
clear_cart($uid);
|
|||
|
}
|
|||
|
}
|
|||
|
}else{
|
|||
|
|
|||
|
}
|
|||
|
$echo = "{
|
|||
|
\"success\":true,
|
|||
|
\"result\":
|
|||
|
{
|
|||
|
\"statusCode\": 200,
|
|||
|
\"outTradeNo\":\"{$ORDERSEQ}\",
|
|||
|
\"tradeNo\":\"{$tradeNo}\"
|
|||
|
}
|
|||
|
}";
|
|||
|
echo $echo;
|
|||
|
}
|
|||
|
exit;
|
|||
|
}
|
|||
|
|
|||
|
//header("location: ftdc://");
|
|||
|
//exit;
|
|||
|
//$result = $_GET['result'];
|
|||
|
//if($result) {
|
|||
|
// if(strstr($result, '成功')) {
|
|||
|
//// gredirect("../m/listOrder.html");
|
|||
|
// } else {
|
|||
|
//// gredirect("../m/");
|
|||
|
// }
|
|||
|
//} else {
|
|||
|
//// gredirect("../m/");
|
|||
|
//}
|
|||
|
?>
|
|||
|
<script>
|
|||
|
location.href = "ftdc://";
|
|||
|
</script>
|