Skip to content

haishi
haishi
Commit 0a7dbd56 by 冷斌
Options

fix bug

parent 0a650bb4
Showing with 51 additions and 75 deletions
alipay/alipay_app/notify_url.php
......@@ -86,7 +86,8 @@ if ($trade_status == 'TRADE_SUCCESS') {
$result = mysqli_query($link,"select * from cmf_users_charge where orderno='$out_trade_no' and status='0' and type='1'");
$row = mysqli_fetch_assoc($result);
if($row){
mysqli_query($link,"update cmf_users set coin=coin+{$row['coin']} where id='$row[touid]'");
$coin=$row['coin']+$row['coin_give'];
mysqli_query($link,"update cmf_users set coin=coin+{$coin} where id='$row[touid]'");
mysqli_query($link,"update cmf_users_charge set status='1',trade_no='$trade_no' where id={$row['id']}");
file_put_contents('./logali.txt',date('y-m-d h:i:s').' msg:'."支付成功:\r\n",FILE_APPEND);
......
wxpay/notify_url.php
......@@ -16,10 +16,25 @@ function returnInfo($type, $msg)
function getConfig($link)
{
$result = mysqli_query($link, "select option_value from cmf_options where option_name='configpri' ");
$row = mysqli_fetch_assoc($result);
return json_decode($row['option_value'], true);
$result = mysqli_query($link, "select option_value from cmf_options where option_name='configpri' ");
$row = mysqli_fetch_assoc($result);
return json_decode($row['option_value'], true);
}
function sign($param, $key)
{
$sign = "";
foreach ($param as $k => $v) {
$sign .= $k . "=" . $v . "&";
}
$sign .= "key=" . $key;
$sign = strtoupper(md5($sign));
return $sign;
}
function checkSign($sign1, $sign2)
{
return trim($sign1) == trim($sign2);
}
$xmlInfo = file_get_contents("php://input");
......@@ -30,9 +45,9 @@ file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 返回参
$link = mysqli_connect("mysql", "zhibo", "Rni43v7RpkWUP9FD");
if (!$link) {
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 数据库连接失败:' . "\r\n", FILE_APPEND);
echo $this->returnInfo("FAIL", "数据库连接失败");
die;
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 数据库连接失败:' . "\r\n", FILE_APPEND);
echo $this->returnInfo("FAIL", "数据库连接失败");
die;
}
mysqli_select_db($link, 'zhibo');
......@@ -40,83 +55,43 @@ mysqli_query($link, "set names utf8");
$config = getConfig($link);
var_dump($config);
die;
if ($arrayInfo['return_code'] == "SUCCESS") {
$wxSign = $arrayInfo['sign'];
unset($arrayInfo['sign']);
$arrayInfo['appid'] = $config['wx_appid'];
$arrayInfo['mch_id'] = $config['wx_mchid'];
$key = $config['wx_key'];
ksort($arrayInfo);//按照字典排序参数数组
$sign = $this->sign($arrayInfo, $key);//生成签名
$this->logwx("数据打印测试签名signmy:" . $sign . ":::微信sign:" . $wxSign);//log打印保存
if ($this->checkSign($wxSign, $sign)) {
echo $this->returnInfo("SUCCESS", "OK");
$this->logwx("签名验证结果成功:" . $sign);//log打印保存
$this->orderServer();//订单处理业务逻辑
exit;
} else {
echo $this->returnInfo("FAIL", "签名失败");
$this->logwx("签名验证结果失败:本地加密:" . $sign . ':::::三方加密' . $wxSign);//log打印保存
exit;
}
} else {
echo $this->returnInfo("FAIL", "签名失败");
$this->logwx($arrayInfo['return_code']);//log打印保存
exit;
}
if ($trade_status == 'TRADE_SUCCESS') {
//判断该笔订单是否在商户网站中已经做过处理
//如果没有做过处理,根据订单号(out_trade_no)在商户网站的订单系统中查到该笔订单的详细,并执行商户的业务程序
//如果有做过处理,不执行商户的业务程序
//注意:
//付款完成后,支付宝系统发送该交易状态通知
//请务必判断请求时的total_fee、seller_id与通知时获取的total_fee、seller_id为一致的
//调试用,写文本函数记录程序运行情况是否正常
//logResult("这里写入想要调试的代码变量值,或其他运行的结果记录");
$out_trade_no = $_POST['out_trade_no'];
//支付宝交易号
$trade_no = $_POST['trade_no'];
$link = mysqli_connect("mysql", "zhibo", "Rni43v7RpkWUP9FD");
if ($link) {
mysqli_select_db($link, 'zhibo');
mysqli_query($link, "set names utf8");
$result = mysqli_query($link, "select * from cmf_users_charge where orderno='$out_trade_no' and status='0' and type='1'");
$wxSign = $arrayInfo['sign'];
unset($arrayInfo['sign']);
$arrayInfo['appid'] = $config['wx_appid'];
$arrayInfo['mch_id'] = $config['wx_mchid'];
$key = $config['wx_key'];
ksort($arrayInfo);//按照字典排序参数数组
$sign = sign($arrayInfo, $key);//生成签名
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 数据打印测试签名signmy:' . $sign . ":::微信sign:" . $wxSign . "\r\n", FILE_APPEND);
if (checkSign($wxSign, $sign)) {
echo returnInfo("SUCCESS", "OK");
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 签名验证结果成功:' . $sign . "\r\n", FILE_APPEND);
$out_trade_no = $arrayInfo['out_trade_no'];
$trade_no = $arrayInfo['transaction_id'];
$result = mysqli_query($link, "select * from cmf_users_charge where orderno='$out_trade_no' and status='0' and type='2'");
$row = mysqli_fetch_assoc($result);
if ($row) {
mysqli_query($link, "update cmf_users set coin=coin+{$row['coin']} where id='$row[touid]'");
$coin=$row['coin']+$row['coin_give'];
mysqli_query($link, "update cmf_users set coin=coin+{$coin} where id='$row[touid]'");
mysqli_query($link, "update cmf_users_charge set status='1',trade_no='$trade_no' where id={$row['id']}");
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . "支付成功:\r\n", FILE_APPEND);
} else {
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . "orderno:" . $out_trade_no . ' 订单信息不存在' . "\r\n", FILE_APPEND);
}
exit;
} else {
echo returnInfo("FAIL", "签名失败");
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 签名失败:' . "\r\n", FILE_APPEND);
exit;
}
echo "success"; //请不要修改或删除
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
} else {
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . ' 验证失败:' . http_build_query($_POST) . "\r\n", FILE_APPEND);
//验证失败
echo "fail";
//调试用,写文本函数记录程序运行情况是否正常
//logResult("这里写入想要调试的代码变量值,或其他运行的结果记录");
echo returnInfo("FAIL", "签名失败");
if (empty($arrayInfo['return_code'])) {
$arrayInfo['return_code'] = '000000';
}
file_put_contents('./logali.txt', date('y-m-d h:i:s') . ' msg:' . $arrayInfo['return_code'] . "\r\n", FILE_APPEND);
exit;
}
?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment