update

wxpay/notify_url.php

+<?php
+
+function xmlToArray($xmlStr)
+{
+    return (array)simplexml_load_string($xmlStr, 'SimpleXMLElement', LIBXML_NOCDATA);
+}
+
+function returnInfo($type, $msg)
+{
+    if ($type == "SUCCESS") {
+        return $returnXml = "<xml><return_code><![CDATA[{$type}]]></return_code></xml>";
+    } else {
+        return $returnXml = "<xml><return_code><![CDATA[{$type}]]></return_code><return_msg><![CDATA[{$msg}]]></return_msg></xml>";
+    }
+}
+
+function getConfig($link)
+{
+    $result = mysqli_query($link, "select option_value from cmf_options where option_name='configpri' ");
+    $row = mysqli_fetch_assoc($result);
+    return json_decode($row['option_value'], true);
+}
+
+function sign($param, $key)
+{
+    $sign = "";
+    foreach ($param as $k => $v) {
+        $sign .= $k . "=" . $v . "&";
+    }
+    $sign .= "key=" . $key;
+    $sign = strtoupper(md5($sign));
+    return $sign;
+}
+
+function checkSign($sign1, $sign2)
+{
+    return trim($sign1) == trim($sign2);
+}
+
+$xmlInfo = file_get_contents("php://input");
+
+$arrayInfo = xmlToArray($xmlInfo);
+
+file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . ' 返回参数：' . http_build_query($xmlInfo) . "\r\n", FILE_APPEND);
+
+$link = mysqli_connect("mysql", "zhibo", "Rni43v7RpkWUP9FD");
+if (!$link) {
+    file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . ' 数据库连接失败：' . "\r\n", FILE_APPEND);
+    echo $this->returnInfo("FAIL", "数据库连接失败");
+    die;
+}
+
+mysqli_select_db($link, 'zhibo');
+mysqli_query($link, "set names utf8");
+
+$config = getConfig($link);
+
+if ($arrayInfo['return_code'] == "SUCCESS") {
+    $wxSign = $arrayInfo['sign'];
+    unset($arrayInfo['sign']);
+    $arrayInfo['appid'] = $config['wx_appid'];
+    $arrayInfo['mch_id'] = $config['wx_mchid'];
+    $key = $config['wx_key'];
+    ksort($arrayInfo);//按照字典排序参数数组
+    $sign = sign($arrayInfo, $key);//生成签名
+    file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . ' 数据打印测试签名signmy：' . $sign . ":::微信sign:" . $wxSign . "\r\n", FILE_APPEND);
+    if (checkSign($wxSign, $sign)) {
+        echo returnInfo("SUCCESS", "OK");
+        file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . ' 签名验证结果成功：' . $sign . "\r\n", FILE_APPEND);
+        $out_trade_no = $arrayInfo['out_trade_no'];
+        $trade_no = $arrayInfo['transaction_id'];
+        $result = mysqli_query($link, "select * from cmf_users_charge where orderno='$out_trade_no' and status='0' and type='2'");
+        $row = mysqli_fetch_assoc($result);
+        if ($row) {
+			$coin=$row['coin']+$row['coin_give'];
+            mysqli_query($link, "update cmf_users set coin=coin+{$coin}  where id='$row[touid]'");
+            mysqli_query($link, "update cmf_users_charge set status='1',trade_no='$trade_no' where id={$row['id']}");
+            file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . "支付成功:\r\n", FILE_APPEND);
+        } else {
+            file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . "orderno:" . $out_trade_no . ' 订单信息不存在' . "\r\n", FILE_APPEND);
+        }
+
+        exit;
+    } else {
+        echo returnInfo("FAIL", "签名失败");
+        file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . ' 签名失败：' . "\r\n", FILE_APPEND);
+        exit;
+    }
+} else {
+    echo returnInfo("FAIL", "签名失败");
+    if (empty($arrayInfo['return_code'])) {
+        $arrayInfo['return_code'] = '000000';
+    }
+    file_put_contents('./logali.txt', date('y-m-d h:i:s') . '  msg:' . $arrayInfo['return_code'] . "\r\n", FILE_APPEND);
+    exit;
+}
+?>