<?
require_once(dirname(__FILE__)."/common.php");

function verifySign($data, $sign, $cer_data)
{
    $s = base64_encode($cer_data);
    $s = "-----BEGIN CERTIFICATE-----\n".wordwrap($s, 64, "\n", true)."\n-----END CERTIFICATE-----\n";
    //$cert = openssl_x509_read($s);
    $pubkey = openssl_get_publickey($s);
    //var_dump($pubkey);

    return openssl_verify($data, base64_decode($sign), $pubkey, OPENSSL_ALGO_SHA1);
}
function cancel_order($order_ids){
    global $db;
    foreach ($order_ids as $v){
        $order_id = $v;
        // 删除order 和 order_detail
        $oInfo = $db->get_one("select * from tb_order where id=".$order_id);
        $date_id = $oInfo['date_id'];
        $data = $db->get_one("select * from tb_order_detail where order_id=".$order_id);
        foreach ($data as $item){
            $db->update("tb_date_dish", array('book_num'=>"book_num"-$item['dish_amount']), "date_id='{$date_id}' and dish_id='{$item['dish_id']}'");
        }
        $db->delete("tb_order_detail", "order_id='{$order_id}'");
        $db->delete("tb_order", "id='{$order_id}'");
    }
}
function update_order($order_ids, $data){
    global $db;
    if(!is_array($order_ids)){
        $order_ids = explode(',', $order_ids);
    }
    foreach ($order_ids as $k => $v){
        $db->update("tb_order", $data, "id='{$v}'");
    }
}
function clear_cart($uid){
    global $db;
    $db->delete("tb_cart", "uid='{$uid}'");
}
function createReceiveMealNum($dish_ids, $company_id, $date_id, $oid, $uid){
    global $db;
    $info = $db->get_one("select * from tb_dish_receive_meal where status='1' and company_id='{$company_id}'");
    if(empty($info)){
        return "";
    }
    $serialNumDish = explode(',', $info['dish_ids']);
    $dish_ids_arr = explode(',', $dish_ids);
    $jiaoji = array_intersect($serialNumDish, $dish_ids_arr);
    if(empty($jiaoji)){
        return "";
    }
    // 获取已经编号的
    $getSerialInfo = $db->get_one("select max(serial_num) max_num from tb_dish_receive_meal_num where company_id='{$company_id}' and date_id='{$date_id}'");
    // 生成编号
    $serialArr = array(
        'company_id' => $company_id,
        'oid' => $oid,
        'serial_num' => $getSerialInfo['max_num']+1,
        'date_id' => $date_id,
        'add_time' => date('Y-m-d H:i:s'),
        'uid' => $uid,
    );
    $insertDataStr = "";
    foreach ($serialArr as $k => $v){
        $insertDataStr .= ",{$k}='{$v}'";
    }
    $insertDataStr = substr($insertDataStr, 1, strlen($insertDataStr)-1);
    $db->query("insert into tb_dish_receive_meal_num set {$insertDataStr}", 'SILENT');
    return $db->affected_rows();
}

//function err_log($outTradeNo, $fee, $msg, $json){
//  global $db;
//  $log = array(
//    'orderNo' => $outTradeNo,
//    'ftid' => 0,
//    'channelid' => 0,
//    'payfee' => $fee,
//    'code' => '',
//    'errorMsg' => $msg,
//    'raw_str' => $json,
//    'ip' => '',
//    'addtime' => date('Y-m-d H:i:s'),
//  );
//  $db->insert("tb_yzf_paylog", $log);
//}
function err_log($uid, $outTradeNo, $msg, $json){
  global $db;
  $log = array(
    'uid' => $uid,
    'outTradeNo' => $outTradeNo,
    'msg' => $msg,
    'json' => $json,
    'ip' => $_SERVER['REMOTE_ADDR'],
    'add_time' => date('Y-m-d H:i:s'),
  );
  $db->insert("tb_yzf_err_log", $log);
}

$json = file_get_contents("php://input");

if($json){
    $a = json_decode($json, true);

    $ORDERSEQ = $a['outTradeNo'];
    $ORDERAMOUNT = $a['tradeAmt'];
    $tradeNo = $a['tradeNo'];

    $row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ORDERSEQ}'");
    if(!$row) {
      err_log($row['uid'], $ORDERSEQ, "no order", $json);
        echo "no order";
        exit;
    }
    $uid = $row['uid'];
    $rList = array();
    $order_ids = array();
    if(!empty($row['rList'])){
        $rList = unserialize($row['rList']);
        $order_ids = array_column($rList, 'oid');
    }else{
      err_log($row['uid'], $ORDERSEQ, "no rList", $json);
      echo "no rList";
        exit;
    }

    $cInfo = $db->get_one("select a.*,b.cellphone,c.merchantNo, c.institutionCode, c.yzf_p12, c.yzf_p12_pass, c.yzf_cer, c.allow_pay from 
     tb_dining_hall a 
     left join tb_user b on a.id=b.dining_hall_id 
    left join tb_certificate c on a.id=c.dining_hall_id and c.company_id=b.company_id
where 
      b.id='{$uid}' and a.enabled=1 and b.enabled=1");
    if(!$cInfo || !$cInfo['merchantNo'] || !$cInfo['institutionCode'] || !$cInfo['yzf_p12'] || !$cInfo['yzf_p12_pass'] || !$cInfo['yzf_cer'] || !strstr(','.$cInfo['allow_pay'].',', ',yzf,')){
        echo "USER ERROR";
        err_log($row['uid'], $ORDERSEQ, "USER ERROR", $json);
        exit;

    }
    $merid = $cInfo['merchantNo'];
    $yzf_cer = $cInfo['yzf_cer'];

    $sign = $a['sign'];
    if(!$sign){
      err_log($row['uid'], $ORDERSEQ, "no sign", $json);
      cancel_order($order_ids);
        exit;
    }
    unset($a['sign']);
    foreach($a as $key => $item) {
        if($item === null) $a[$key] = 'null';
    }
    ksort($a);
    $tosign = get_kvstr($a);
    $r = verifySign($tosign, $sign, $yzf_cer);

    if(!$r){
        cancel_order($order_ids);
        err_log($row['uid'], $ORDERSEQ, "sign err", $json);
        die("sign err!");
    };
    if(round($row['AMOUNT']*100) != $ORDERAMOUNT) {
        cancel_order($order_ids);
        err_log($row['uid'], $ORDERSEQ, "AMOUNT ERROR", $json);
        echo "AMOUNT ERROR";
        exit;
    }
    if($a['tradeStatus'] == 'SUCCESS') {
        $db->query("insert into tb_recharge_pay_suc set ORDERSEQ='{$ORDERSEQ}', AMOUNT='".($ORDERAMOUNT/100)."', addtime=now()", 'SILENT');
        if($db->affected_rows() == 1) {
            update_order($order_ids ,array('uid'=>$uid, 'yzf_code'=> $ORDERSEQ));
            clear_cart($uid);
            require_once("include/pay.inc.php");
            $payInfo = array(
                'ac_type' => '2',
                'rtype' => '1',
                'recharge_fund_type' => '1',
                'oid' => $row['id'],
            );
            $r = gpay_add_user_account_uid($uid, $row['AMOUNT'], $payInfo);
            $db->query("update tb_recharge_pay set UPTRANSEQ='{$tradeNo}', BANKID='', RETNCODE='SUCCESS', RETNINFO='', paytime=now(),notify_rs='".addslashes(trim(strip_tags($json)))."' where id=".$row['id']);
            // 已经在type_id=2 充值，之后进行消费记录tb_recharge
            if($rList) { //扣费
                $r = gpay_pay_user_account($uid, $rList, $updateInfo);
                if($r != 'suc') {
                    foreach($rList as $item) { //支付失败，删除订单
                        cancel_order($item['oid']);
                    }

                    $pay_info = "";
                    if($r == 'yebz') {
                        $pay_info = "余额不足，下单失败";
                    } else {
                        $pay_info = "下单失败，请重试！";
                    }
                    $db->query("update tb_recharge_pay set pay_info='{$pay_info}' where id=".$row['id']);
                    echo "yebz";
                    err_log($row['uid'], $ORDERSEQ, "yebz", $json);
                  exit;
                }else{
//                    array('ac' => $total['total_price'], 'rtype' => RECHARGE_TYPE_PAY, 'ftid' => $date->dining_hall_id, 'oid' => $oid);
                    foreach ($rList as $k => $v){
                        $order_info = $db->get_one("select a.date_id,a.uid,a.id,group_concat(b.dish_id) dish_ids,c.company_id from tb_order a left join tb_order_detail b on a.id=b.order_id left join tb_user c on a.uid=c.id where a.id='{$v['oid']}' group by a.id");
                        createReceiveMealNum($order_info['dish_ids'], $order_info['company_id'], $order_info['date_id'], $order_info['id'], $order_info['uid']);
                    }
                    update_order($order_ids ,array('uid'=>$uid, 'yzf_code'=> $ORDERSEQ));
                    clear_cart($uid);
                }
            }
        }else{

        }
        $echo = "{
		\"success\":true,
		\"result\":
			{
			\"statusCode\": 200,
			\"outTradeNo\":\"{$ORDERSEQ}\",
			\"tradeNo\":\"{$tradeNo}\"
			}
		}";
        echo $echo;
    }
    exit;
}

//header("location: ftdc://");
//exit;
//$result = $_GET['result'];
//if($result) {
//    if(strstr($result, '成功')) {
////        gredirect("../m/listOrder.html");
//    } else {
////        gredirect("../m/");
//    }
//} else {
////    gredirect("../m/");
//}
?>
<script>
  location.href = "ftdc://";
</script>