<?
require_once(dirname(__FILE__)."/common.php");

function verifySign($data, $sign, $cer_data)
{
	$s = base64_encode($cer_data);
	$s = "-----BEGIN CERTIFICATE-----\n".wordwrap($s, 64, "\n", true)."\n-----END CERTIFICATE-----\n";
	//$cert = openssl_x509_read($s);
	$pubkey = openssl_get_publickey($s);
	//var_dump($pubkey);

	return openssl_verify($data, base64_decode($sign), $pubkey, OPENSSL_ALGO_SHA1);
}
function is_mobile() { 
    $isphone = stristr($_SERVER['HTTP_USER_AGENT'], "windows nt")?false:true;
    return $isphone; 
}
$ua = $_SERVER['HTTP_USER_AGENT'];
$ispc = stristr($ua, "windows nt")?true:false;

//file_put_contents("rs_".rand().".txt", print_r($_GET, 1)."\n\n".print_r($_POST, 1)."\n\n".file_get_contents("php://input")."\n\n");

$json = file_get_contents("php://input");
/*$json = '{"ccy":"156","discountAmt":"0","goodsInfo":"订餐系统充值0.01元","institutionCode":null,"merchantNo":"3178032723083685","originalTradeNo":null,"outTradeNo":"TEST1542871488","payAmt":"1","resultCode":null,"resultMsg":null,"serialVersionUID":"-4533305937881824905","sign":"GoUcjtdcsp1Q6NSoKz/cX06PYZnFwMghTHSky8KtQQspvysEHdiMWCSeB7/oe+x5DY+Rv7Q+Ohz7hbXBTTSpGLT3l2vzMYj87hW6kpDEAPODuXzUE++WA7VFGODAS0MuYWa24eABARAA8r6071pPcBvEbsUC6exBo5T20Cd7/fg=","tradeAmt":"1","tradeFinishedDate":"Thu Nov 22 15:25:21 CST 2018","tradeNo":"20181122100000210002106736310910","tradeReason":null,"tradeStatus":"SUCCESS","tradeType":"REAL_TIME_PRO"}';*/
if($json) {
	$a = json_decode($json, true);
	if(!$a) exit;

	$ORDERSEQ = $a['outTradeNo'];
	$ORDERAMOUNT = $a['tradeAmt'];
	$tradeNo = $a['tradeNo'];

	$row = $db->get_one("select * from tb_recharge_pay where ORDERSEQ='{$ORDERSEQ}'");
	if(!$row) {
		echo "no order";
		exit;
	}
	$uid = $row['uid'];
	$cInfo = $db->get_one("select a.cellphone, b.* from tb_user a, tb_company b where a.company_id=b.id and a.id = ".$uid);
	if(!$cInfo || !$cInfo['yzfcz_merchantId'] || !$cInfo['yzfcz_p12'] || !$cInfo['yzfcz_p12_pass'] || !$cInfo['yzfcz_cer'] || !strstr(','.$cInfo['allow_pay'].',', ',yzf,')) {
		echo "USER ERROR";
	}

	$merid = $cInfo['yzfcz_merchantId'];
	$yzfcz_cer = $cInfo['yzfcz_cer'];

	$sign = $a['sign'];
	if(!$sign) exit;
	unset($a['sign']);
	foreach($a as $key => $item) {
		if($item === null) $a[$key] = 'null';
	}
	ksort($a);
	$tosign = get_kvstr($a);
	//echo $tosign."\n\n";
	//echo $sign."\n\n";
	$r = verifySign($tosign, $sign, $yzfcz_cer);
	if(!$r) die("sign err!");

	
	if(round($row['AMOUNT']*100) != $ORDERAMOUNT) {
		echo "AMOUNT ERROR";
		exit;
	}

	
	if($a['tradeStatus'] == 'SUCCESS') {
		$db->query("insert into tb_recharge_pay_suc set ORDERSEQ='{$ORDERSEQ}', AMOUNT='".($ORDERAMOUNT/100)."', addtime=now()", 'SILENT');
		if($db->affected_rows() == 1) {
			require_once("include/pay.inc.php");
			$payInfo = array(
				'ac_type' => '2',
				'rtype' => '1',
				'recharge_fund_type' => '1',
				'oid' => $row['id'],
			);
			$r = gpay_add_user_account_uid($uid, $row['AMOUNT'], $payInfo);
			$db->query("update tb_recharge_pay set UPTRANSEQ='{$tradeNo}', BANKID='', RETNCODE='SUCCESS', RETNINFO='', paytime=now(),notify_rs='".addslashes(trim(strip_tags($json)))."' where id=".$row['id']);
			//file_put_contents("1.txt", $_SERVER["HTTP_USER_AGENT"].": ".$UPTRANSEQ."\n\n\n", FILE_APPEND);
			
		} else {
			//echo "has";	
		}
		$echo = "{
		\"success\":true,
		\"result\":
			{
			\"statusCode\": 200,
			\"outTradeNo\":\"{$ORDERSEQ}\",
			\"tradeNo\":\"{$tradeNo}\"
			}
		}";
		echo $echo;
		//file_put_contents("echo.txt", $echo);
	}

	exit;
}

$result = $_GET['result'];
if($result) {
	if(strstr($result, '成功')) {
		gredirect("../m/bills.html");
	} else {
		gredirect("../m/");
	}
} else {
	gredirect("../m/");
}