require_once("common.php"); $act = $_GET['act']; $ftid = intval($_GET['ftid']); $channelid = intval($_GET['channelid']); if(!$ftid) { die("no ftid!"); } if(!$channelid) { die("no channelid!"); } function createSign($str, $p12data, $p12pass) { $s = openssl_pkcs12_read($p12data, $cinfo, $p12pass); $pkey = $cinfo['pkey']; $pkey = openssl_pkey_get_private($pkey); $r = openssl_sign($str, $sign, $pkey, "SHA256" ); return base64_encode($sign); } $iscomplete = $_GET['iscomplete']; if(!$act && !$iscomplete && !$_GET['code']) { header("Location: ?".$_SERVER['QUERY_STRING']."&iscomplete=1"); exit; } $ftInfo = $db->get_one("select * from tb_dining_hall where id=".$ftid); if(!$ftInfo) { die("no ftid dining_hall!"); } $company_id = intval($ftInfo['company_id']); $companyInfo = $db->get_one("select * from tb_company where id=".$company_id); if(!$companyInfo) { die("company error!"); } $pay_values = trim($ftInfo['pay_values']); $cList = $db->get_all("select * from tb_pos_channel where dining_hall_id=".$ftid." and enabled=1 order by id"); if($channelid) { $cInfo = $db->get_one("select * from tb_pos_channel where id=".$channelid); if(!$cInfo || $cInfo['dining_hall_id'] != $ftid) { header("Content-Type: text/html; charset=utf-8"); die("消费机和饭堂不对应!"); } $storeId = $cInfo['storeId']; } if(!$storeId) $storeId = '01'; $merchantId = $companyInfo['yzf_merchantId']; $yzf_version = $companyInfo['yzf_version']; if($yzf_version == 2) { $cer = $companyInfo['yzfcz_cer']; $p12 = $companyInfo['yzfcz_p12']; $p12_pass = $companyInfo['yzfcz_p12_pass']; } else { $mpw = $companyInfo['yzf_mpw']; $mkey = $companyInfo['yzf_mkey']; } if($act == 'pay') { $fee = $_POST['fee']; $code = $_POST['code']; if(!$fee || !$code) exit; //sleep(1);echoRs(1, 'ok', array('transPhone' => '18988888888', 'paytime' => date("Y-m-d H:i:s"))); $N = 0; $rid = 0; while(1) { $orderNo = date("YmdHis")."".mt_rand(100000,999999); $db->query("insert into tb_yzf_paylog set orderNo='{$orderNo}', ftid={$ftid}, channelid={$channelid}, payfee='{$fee}', code='{$code}', ip='".$_SERVER['REMOTE_ADDR']."', addtime=now()"); if($db->affected_rows() == 1) { $rid = $db->insert_id(); break; } $N++; if($N >= 100) break; } if(!$rid) { exit; } if($yzf_version == 2) { $time = date("Y-m-d H:i:s"); //$ddh = date("YmdHis")."".mt_rand(100000,999999); $post = array( 'merchantNo' => $merchantId, 'outTradeNo' => $orderNo, 'tradeAmt' => round($fee*100)."", 'ccy' => '156', 'requestDate' => $time, 'tradeChannel' => 'APP', 'accessCode' => 'EXTERNAL_PAYMENT', 'subject' => '云中美食', 'goodsInfo' => '云中美食消费', 'operator' => $merchantId, 'storeCode' => $storeId, 'authCode' => $code, ); ksort($post); $tosign = get_kvstr($post); //echo "签名原串: \n".$tosign."\n\n"; $sign = createSign($tosign, $p12, $p12_pass); //echo "签名: \n".$sign."\n\n"; $post['sign'] = $sign; $json = json_encode($post); $s = gquery("https://mapi.bestpay.com.cn/mapi/uniformReceipt/barCodePay", $json , array("Content-Type: application/json")); $a = json_decode($s, true); $db->query("update tb_yzf_paylog set success='".intval($a['success'])."',transStatus='".addslashes($a['result']['tradeStatus'])."',transPhone='".addslashes($a['result']['buyerLoginNo'])."',respDesc='".addslashes($a['result']['tradeResultDesc'])."',errorMsg='".addslashes($a['errorMsg'])."', raw_str='".addslashes($s)."' where id=". $rid); if(!$a) { echoRs(0, '支付失败1!'); } if($a['success'] && $a['result'] && $a['result']['tradeStatus']) { if($a['result']['tradeStatus'] == 'WAITFORPAY') { echoRs_n(2, '支付中', array('transPhone' => $a['result']['buyerLoginNo'], 'orderNo' => $orderNo)); } else if($a['result']['tradeStatus'] == 'SUCCESS') { echoRs_n(1, 'ok', array('transPhone' => $a['result']['buyerLoginNo'], 'paytime' => date("Y-m-d H:i:s"))); } else if($a['result']['tradeStatus'] == 'FAIL') { if($a['result']['tradeResultDesc']) echoRs(0, $a['result']['buyerLoginNo'].": ".$a['result']['tradeResultDesc']); else echoRs(0, '支付失败4!'); } else { echoRs(0, '支付失败3!'); } } else { if($a['errorMsg']) echoRs(0, $a['errorMsg']); else echoRs(0, '支付失败2!'); } } else { $post = array(); $post['merchantId'] = $merchantId; $post['barcode'] = $code; $post['orderNo'] = $orderNo; $post['orderReqNo'] = $post['orderNo']."_seq"; $post['channel'] = "05"; $post['busiType'] = "0000001"; $post['orderDate'] = date("YmdHis"); $post['orderAmt'] = round($fee*100); $post['productAmt'] = $post['orderAmt']; $post['attachAmt'] = "0"; $post['goodsName'] = "饭堂消费"; $post['storeId'] = $storeId; $tosign = "MERCHANTID=".$post['merchantId']."&ORDERNO=".$post['orderNo']."&ORDERREQNO=".$post['orderReqNo']."&ORDERDATE=".$post['orderDate']."&BARCODE=".$post['barcode']."&ORDERAMT=".$post['orderAmt']."&KEY=". $mkey; $post['mac'] = strtoupper(md5($tosign)); $qs = ''; foreach($post as $key => $v) { if($qs != '') $qs .= "&"; $qs .= $key . "=" . urlencode($v); } $url = "https://webpaywg.bestpay.com.cn/barcode/placeOrder?".$qs; //echo $url;exit; $s = gquery($url); $a = json_decode($s, true); $db->query("update tb_yzf_paylog set success='".addslashes($a['success'])."',transStatus='".addslashes($a['result']['transStatus'])."',transPhone='".addslashes($a['result']['transPhone'])."',respDesc='".addslashes($a['result']['respDesc'])."',errorMsg='".addslashes($a['errorMsg'])."', raw_str='".addslashes($s)."' where id=". $rid); if(!$a) { echoRs(0, '支付失败1!'); } //file_put_contents("yzf.txt", date("Y-m-d H:i:s").":".print_r($a, 1)."\n", FILE_APPEND); if($a['success'] && $a['result'] && $a['result']['transStatus']) { if($a['result']['transStatus'] == 'A') { echoRs_n(2, '支付中', array('transPhone' => $a['result']['transPhone'], 'orderNo' => $orderNo)); } else if($a['result']['transStatus'] == 'B') { echoRs_n(1, 'ok', array('transPhone' => $a['result']['transPhone'], 'paytime' => date("Y-m-d H:i:s"))); } else if($a['result']['transStatus'] == 'C') { if($a['result']['respDesc']) echoRs(0, $a['result']['transPhone'].": ".$a['result']['respDesc']); else echoRs(0, '支付失败4!'); } else { echoRs(0, '支付失败3!'); } } else { if($a['errorMsg']) echoRs(0, $a['errorMsg']); else echoRs(0, '支付失败2!'); } } exit; } if($act == 'getPayStatus') { $orderNo = trim($_POST['orderNo']); //$orderNo = '20191011153939951369'; if(!$orderNo) exit; if($yzf_version == 2) { $row = $db->get_one("select * from tb_yzf_paylog where orderNo = '{$orderNo}'"); if(!$row) { echoRs(0, '订单不存在!'); } $post = array(); $post['merchantNo'] = $merchantId; $post['outTradeNo'] = $orderNo; $post['tradeDate'] = $row['addtime']; ksort($post); $tosign = get_kvstr($post); //echo "签名原串: \n".$tosign."\n\n"; $sign = createSign($tosign, $p12, $p12_pass); //echo "签名: \n".$sign."\n\n"; $post['sign'] = $sign; $json = json_encode($post); $s = gquery("https://mapi.bestpay.com.cn/mapi/uniformReceipt/tradeQuery", $json , array("Content-Type: application/json")); $a = json_decode($s, true); if(!$a) { echoRs(2, '未知'); } $db->query("update tb_yzf_paylog set transStatus='".addslashes($a['result']['tradeStatus'])."',respDesc='".addslashes($a['result']['tradeResultDesc'])."',errorMsg='".addslashes($a['errorMsg'])."', raw_str2='".addslashes($s)."' where orderNo='{$orderNo}' and transStatus = 'WAITFORPAY'"); if($a['success'] && $a['result'] && $a['result']['tradeStatus']) { if($a['result']['tradeStatus'] == 'WAITFORPAY') { echoRs(2, '支付中', array('transPhone' => $a['result']['buyerLoginNo'], 'orderNo' => $orderNo)); } else if($a['result']['tradeStatus'] == 'SUCCESS') { echoRs(1, 'ok', array('transPhone' => $a['result']['buyerLoginNo'], 'paytime' => date("Y-m-d H:i:s"))); } else if($a['result']['tradeStatus'] == 'FAIL') { if($a['result']['tradeResultDesc']) echoRs(0, $a['result']['buyerLoginNo'].": ".$a['result']['tradeResultDesc']); else echoRs(0, '支付失败4!'); } else { echoRs(0, '支付失败3!'); } } else { if($a['errorMsg']) echoRs(0, $a['errorMsg']); else echoRs(0, '支付失败2!'); } } else { $post = array(); $post['merchantId'] = $merchantId; $post['orderNo'] = $orderNo; $post['orderReqNo'] = $post['orderNo']."_seq"; $post['orderDate'] = date("YmdHis"); $tosign = "MERCHANTID=".$post['merchantId']."&ORDERNO=".$post['orderNo']."&ORDERREQNO=".$post['orderReqNo']."&ORDERDATE=".$post['orderDate']."&KEY=". $mkey; $post['mac'] = strtoupper(md5($tosign)); $qs = ''; foreach($post as $key => $v) { if($qs != '') $qs .= "&"; $qs .= $key . "=" . urlencode($v); } $url = "https://webpaywg.bestpay.com.cn/query/queryOrder?".$qs; $s = gquery($url); $a = json_decode($s, true); if(!$a) { echoRs(2, '未知'); } $db->query("update tb_yzf_paylog set transStatus='".addslashes($a['result']['transStatus'])."',respDesc='".addslashes($a['result']['respDesc'])."',errorMsg='".addslashes($a['errorMsg'])."', raw_str2='".addslashes($s)."' where orderNo='{$orderNo}' and transStatus = 'A'"); if($a['success'] && $a['result'] && $a['result']['transStatus']) { if($a['result']['transStatus'] == 'A') { echoRs(2, '支付中', array('transPhone' => $a['result']['transPhone'], 'orderNo' => $orderNo)); } else if($a['result']['transStatus'] == 'B') { echoRs(1, 'ok', array('transPhone' => $a['result']['transPhone'], 'paytime' => date("Y-m-d H:i:s"))); } else if($a['result']['transStatus'] == 'C') { if($a['result']['respDesc']) echoRs(0, $a['result']['transPhone'].": ".$a['result']['respDesc']); else echoRs(0, '支付失败4!'); } else { echoRs(0, '支付失败3!'); } } else { if($a['errorMsg']) echoRs(0, $a['errorMsg']); else echoRs(0, '支付失败2!'); } } exit; } if($act == 'cancalPay') { $orderNo = trim($_POST['orderNo']); if(!$orderNo) exit; $orderInfo = $db->get_one("select * from tb_yzf_paylog where orderNo='{$orderNo}'"); if(!$orderInfo) exit; if($yzf_version == 2) { $s = 'ok'; $status = 'cancel_ok'; } else { $post = array(); $post['merchantId'] = $merchantId; $post['merchantPwd'] = $mpw; $post['oldOrderNo'] = $orderNo; $post['oldOrderReqNo'] = $post['oldOrderNo']."_seq"; $post['refundReqNo'] = $post['oldOrderNo']."_cancel"; $post['refundReqDate'] = date("Ymd"); $post['transAmt'] = round($orderInfo['payfee']*100); $post['channel'] = '05'; $tosign = "MERCHANTID=".$post['merchantId']."&MERCHANTPWD=".$post['merchantPwd']."&OLDORDERNO=".$post['oldOrderNo']."&OLDORDERREQNO=".$post['oldOrderReqNo']."&REFUNDREQNO=".$post['refundReqNo']."&REFUNDREQDATE=".$post['refundReqDate']."&TRANSAMT=".$post['transAmt']."&KEY=". $mkey; $post['mac'] = strtoupper(md5($tosign)); $qs = ''; foreach($post as $key => $v) { if($qs != '') $qs .= "&"; $qs .= $key . "=" . urlencode($v); } $url = "https://webpaywg.bestpay.com.cn/reverse/reverse"; $s = gquery($url, $qs); $a = json_decode($s, true); $status = 'cancel_ok'; if(!$a) { $status = 'cancel_error'; } else if($a['success'] != 1) { $status = 'cancel_fail'; } } $db->query("update tb_yzf_paylog set transStatus='{$status}', raw_str_cancel='".addslashes($s)."' where id=".$orderInfo['id']); exit; } ?>