Accueil Explorer Aide
S'inscrire Connexion
wangyong
/
yuyue
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Branche: master
Branches Tags
yuyue
/
Modules
/
Lib
/
Payment
/
Alipay.class.php

Alipay.class.php 12 KB
Lien permanent Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449 
  1. <?php
    2. 

  2. namespace Lib\Payment; 
    3. 

  3. /**
    4. 

  4.  * 支付宝接口类
    5. 

  5.  */
    6. 

  6. class Alipay{
    7. 

  7. 	/**
    8. 

  8. 	 *支付宝网关地址(新)
    9. 

  9. 	 */
    10. 

  10. 	private $alipay_gateway_new = 'https://mapi.alipay.com/gateway.do?';
    11. 

  11. 	/**
    12. 

  12. 	 * 消息验证地址
    13. 

  13. 	 *
    14. 

  14. 	 * @var string
    15. 

  15. 	 */
    16. 

  16. 	private $alipay_verify_url = 'http://notify.alipay.com/trade/notify_query.do?';
    17. 

  17. 	/**
    18. 

  18. 	 * 支付接口标识
    19. 

  19. 	 *
    20. 

  20. 	 * @var string
    21. 

  21. 	 */
    22. 

  22.     private $code      = 'alipay';
    23. 

  23.     /**
    24. 

  24. 	 * 支付接口配置信息
    25. 

  25. 	 *
    26. 

  26. 	 * @var array
    27. 

  27. 	 */
    28. 

  28.     private $payment;
    29. 

  29.      /**
    30. 

  30. 	 * 订单信息
    31. 

  31. 	 *
    32. 

  32. 	 * @var array
    33. 

  33. 	 */
    34. 

  34.     private $order;
    35. 

  35.     /**
    36. 

  36. 	 * 发送至支付宝的参数
    37. 

  37. 	 *
    38. 

  38. 	 * @var array
    39. 

  39. 	 */
    40. 

  40.     private $parameter;
    41. 

  41.     /**
    42. 

  42.      * 订单类型 product_buy商品购买,predeposit预存款充值
    43. 

  43.      * @var unknown
    44. 

  44.      */
    45. 

  45.     private $order_type;
    46. 

  46.     
    47. 

  47.     public function __construct($payment_info=array(),$order_info=array()){
    48. 

  48.     //	if (!extension_loaded('openssl')) $this->alipay_verify_url = 'http://notify.alipay.com/trade/notify_query.do?';
    49. 

  49.     	if(!empty($payment_info) and !empty($order_info)){
    50. 

  50.     		$this->payment	= $payment_info;
    51. 

  51.     		$this->order	= $order_info;
    52. 

  52.     	}else{
    53. 

  53.     		$this->payment	= $payment_info;
    54. 

  54.     	
    55. 

  55.     	}
    56. 

  56.     }
    57. 

  57. 

  58.     /**
    59. 

  59.      * 获取支付接口的请求地址
    60. 

  60.      *
    61. 

  61.      * @return string
    62. 

  62.      */
    63. 

  63.     public function get_payurl(){
    64. 

  64.     	$this->parameter = array(
    65. 

  65.             'service'		    => $this->payment['alipay_service'],	//服务名
    66. 

  66.             'partner'		    => $this->payment['alipay_partner'],	//合作伙伴ID
    67. 

  67.             'key'               => $this->payment['alipay_key'],
    68. 

  68.             '_input_charset'	=> strtolower('utf-8'),		//网站编码
    69. 

  69.             'notify_url'	    => $this->order['notify_url'],	//通知URL
    70. 

  70.             
    71. 

  71.             'sign_type'		    => 'MD5',	//签名方式
    72. 

  72.             'return_url'	    => $this->order['return_url'],	//返回URL   
    73. 

  73.               
    74. 

  74.             'subject'		    => $this->order['subject'],	//商品名称       
    75. 

  75.             'out_trade_no'	    => $this->order['pay_order_no'],		//外部交易编号
    76. 

  76.             'payment_type'	    => 1,			//支付类型
    77. 

  77.             'logistics_type'    => 'EXPRESS',	//物流配送方式:POST(平邮)、EMS(EMS)、EXPRESS(其他快递)
    78. 

  78.             'logistics_payment'	=> 'BUYER_PAY',	 //物流费用付款方式:SELLER_PAY(卖家支付)、BUYER_PAY(买家支付)、BUYER_PAY_AFTER_RECEIVE(货到付款)
    79. 

  79.            	'logistics_fee'		=> '0.00',
    80. 

  80.             'receive_name'		=> $this->order['name'],//收货人姓名
    81. 

  81.             'seller_email'		=> $this->payment['alipay_account'],	//卖家邮箱
    82. 

  82.             'price'             => $this->order['pay_total'],//订单总价
    83. 

  83.             'quantity'          => 1,//商品数量
    84. 

  84. 

  85.         );
    86. 

  86. 		
    87. 

  87.         $this->parameter['sign']	= $this->sign($this->parameter);
    88. 

  88. 	
    89. 

  89.         return $this->create_url();
    90. 

  90.     }
    91. 

  91. 

  92. 	/**
    93. 

  93. 	 * 通知地址验证
    94. 

  94. 	 *
    95. 

  95. 	 * @return bool
    96. 

  96. 	 */
    97. 

  97. 	public function notify_verify() {
    98. 

  98. 		$param	= $_POST;
    99. 

  99. 		$param['key']	= $this->payment['alipay_key'];
    100. 

  100. 		$veryfy_url = $this->alipay_verify_url. "partner=" .$this->payment['alipay_partner']. "&notify_id=".$param["notify_id"];
    101. 

  101. 		$veryfy_result  = $this->getHttpResponse($veryfy_url);
    102. 

  102. 		$mysign = $this->sign($param);
    103. 

  103. 		if (preg_match("/true$/i",$veryfy_result) && $mysign == $param["sign"])  {
    104. 

  104. 		   // $this->order_type = $param['extra_common_param'];
    105. 

  105. 			return true;
    106. 

  106. 		} else {
    107. 

  107. 			return false;
    108. 

  108. 		}
    109. 

  109. 	}
    110. 

  110. 

  111. 	/**
    112. 

  112. 	 * 返回地址验证
    113. 

  113. 	 *
    114. 

  114. 	 * @return bool
    115. 

  115. 	 */
    116. 

  116. 	public function return_verify() {
    117. 

  117. 

  118. 			//生成签名结果
    119. 

  119. 			$isSign = $this->getSignVeryfy($_GET, $_GET["sign"]);
    120. 

  120. 		
    121. 

  121. 			//获取支付宝远程服务器ATN结果(验证是否是支付宝发来的消息)
    122. 

  122. 			$responseTxt = 'true';
    123. 

  123. 			if (! empty($_GET["notify_id"])) {
    124. 

  124. 				$responseTxt = $this->getResponse($_GET["notify_id"]);			
    125. 

  125. 			}
    126. 

  126. 

  127. 			if (preg_match("/true$/i",$responseTxt) && $isSign) {
    128. 

  128. 				return true;
    129. 

  129. 			} else {
    130. 

  130. 				return false;
    131. 

  131. 			}		
    132. 

  132. 		
    133. 

  133. 	}
    134. 

  134. 

  135. /**
    136. 

  136.  * 除去数组中的空值和签名参数
    137. 

  137.  * @param $para 签名参数组
    138. 

  138.  * return 去掉空值与签名参数后的新签名参数组
    139. 

  139.  */
    140. 

  140. function paraFilter($para) {
    141. 

  141. 	$para_filter = array();
    142. 

  142. 	while (list ($key, $val) = each ($para)) {
    143. 

  143. 		if($key == "sign" || $key == "sign_type" || $val == "")continue;
    144. 

  144. 		else	$para_filter[$key] = $para[$key];
    145. 

  145. 	}
    146. 

  146. 	return $para_filter;
    147. 

  147. }
    148. 

  148. /**
    149. 

  149.  * 对数组排序
    150. 

  150.  * @param $para 排序前的数组
    151. 

  151.  * return 排序后的数组
    152. 

  152.  */
    153. 

  153. function argSort($para) {
    154. 

  154. 	ksort($para);
    155. 

  155. 	reset($para);
    156. 

  156. 	return $para;
    157. 

  157. }
    158. 

  158. /**
    159. 

  159.  * 把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
    160. 

  160.  * @param $para 需要拼接的数组
    161. 

  161.  * return 拼接完成以后的字符串
    162. 

  162.  */
    163. 

  163. function createLinkstring($para) {
    164. 

  164. 	$arg  = "";
    165. 

  165. 	while (list ($key, $val) = each ($para)) {
    166. 

  166. 		$arg.=$key."=".$val."&";
    167. 

  167. 	}
    168. 

  168. 	//去掉最后一个&字符
    169. 

  169. 	$arg = substr($arg,0,count($arg)-2);
    170. 

  170. 	
    171. 

  171. 	//如果存在转义字符,那么去掉转义
    172. 

  172. 	if(get_magic_quotes_gpc()){$arg = stripslashes($arg);}
    173. 

  173. 	
    174. 

  174. 	return $arg;
    175. 

  175. }
    176. 

  176. 

  177. /**
    178. 

  178.  * 签名字符串
    179. 

  179.  * @param $prestr 需要签名的字符串
    180. 

  180.  * @param $key 私钥
    181. 

  181.  * return 签名结果
    182. 

  182.  */
    183. 

  183. function md5Sign($prestr, $key) {
    184. 

  184. 	$prestr = $prestr . $key;
    185. 

  185. 	return md5($prestr);
    186. 

  186. }
    187. 

  187. 

  188. /**
    189. 

  189.  * 验证签名
    190. 

  190.  * @param $prestr 需要签名的字符串
    191. 

  191.  * @param $sign 签名结果
    192. 

  192.  * @param $key 私钥
    193. 

  193.  * return 签名结果
    194. 

  194.  */
    195. 

  195. function md5Verify($prestr, $sign, $key) {
    196. 

  196. 	$prestr = $prestr . $key;
    197. 

  197. 	$mysgin = md5($prestr);
    198. 

  198. 	
    199. 

  199. 	if($mysgin == $sign) {
    200. 

  200. 		return true;
    201. 

  201. 	}
    202. 

  202. 	else {
    203. 

  203. 		return false;
    204. 

  204. 	}
    205. 

  205. }
    206. 

  206. 

  207. function getHttpResponseGET($url,$cacert_url) {
    208. 

  208. 	$curl = curl_init($url);
    209. 

  209. 

  210. 	curl_setopt($curl, CURLOPT_HEADER, 0 ); // 过滤HTTP头
    211. 

  211. 	curl_setopt($curl,CURLOPT_RETURNTRANSFER, 1);// 显示输出结果
    212. 

  212. 	curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);//SSL证书认证
    213. 

  213. 	curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);//严格认证
    214. 

  214. 	curl_setopt($curl, CURLOPT_CAINFO,$cacert_url);//证书地址
    215. 

  215. 	$responseText = curl_exec($curl);
    216. 

  216. 

  217. 	curl_close($curl);
    218. 

  218. 	
    219. 

  219. 	return $responseText;
    220. 

  220. }
    221. 

  221. 

  222.     /**
    223. 

  223.      * 获取远程服务器ATN结果,验证返回URL
    224. 

  224.      * @param $notify_id 通知校验ID
    225. 

  225.      * @return 服务器ATN结果
    226. 

  226.      * 验证结果集:
    227. 

  227.      * invalid命令参数不对 出现这个错误,请检测返回处理中partner和key是否为空 
    228. 

  228.      * true 返回正确信息
    229. 

  229.      * false 请检查防火墙或者是服务器阻止端口问题以及验证时间是否超过一分钟
    230. 

  230.      */
    231. 

  231. 	function getResponse($notify_id) {
    232. 

  232. 		$transport = strtolower(trim('http'));
    233. 

  233. 		$partner = trim($this->payment['alipay_partner']);
    234. 

  234. 		$veryfy_url = '';
    235. 

  235. 		if($transport == 'https') {
    236. 

  236. 			$veryfy_url = $this->https_verify_url;
    237. 

  237. 		}
    238. 

  238. 		else {
    239. 

  239. 			$veryfy_url = $this->alipay_verify_url;
    240. 

  240. 		}
    241. 

  241. 		$veryfy_url = $this->alipay_verify_url."partner=" . $partner . "&notify_id=" . $notify_id;
    242. 

  242. 		$cacert=ROOT_PATH.'Public/pay/cacert.pem';
    243. 

  243. 	
    244. 

  244. 		$responseTxt = $this->getHttpResponseGET($veryfy_url, $cacert);
    245. 

  245. 		
    246. 

  246. 		return $responseTxt;
    247. 

  247. 	}
    248. 

  248. 	function getSignVeryfy($para_temp, $sign) {
    249. 

  249. 		//除去待签名参数数组中的空值和签名参数
    250. 

  250. 		$para_filter = $this->paraFilter($para_temp);
    251. 

  251. 		
    252. 

  252. 		//对待签名参数数组排序
    253. 

  253. 		$para_sort = $this->argSort($para_filter);
    254. 

  254. 		
    255. 

  255. 		//把数组所有元素,按照“参数=参数值”的模式用“&”字符拼接成字符串
    256. 

  256. 		$prestr = $this->createLinkstring($para_sort);
    257. 

  257. 		
    258. 

  258. 		$isSgin = false;
    259. 

  259. 		switch (strtoupper(trim(strtoupper('MD5')))) {
    260. 

  260. 			case "MD5" :
    261. 

  261. 				$isSgin = $this->md5Verify($prestr, $sign, $this->payment['alipay_key']);
    262. 

  262. 			
    263. 

  263. 				break;
    264. 

  264. 			default :
    265. 

  265. 				$isSgin = false;
    266. 

  266. 		}
    267. 

  267. 		
    268. 

  268. 		return $isSgin;
    269. 

  269. 	}
    270. 

  270. 

  271. 	 /**
    272. 

  272.      * 针对notify_url验证消息是否是支付宝发出的合法消息
    273. 

  273.      * @return 验证结果
    274. 

  274.      */
    275. 

  275. 	function verifyNotify(){
    276. 

  276. 		if(empty($_POST)) {//判断POST来的数组是否为空
    277. 

  277. 			return false;
    278. 

  278. 		}
    279. 

  279. 		else {
    280. 

  280. 			//生成签名结果
    281. 

  281. 			$isSign = $this->getSignVeryfy($_POST, $_POST["sign"]);
    282. 

  282. 			//获取支付宝远程服务器ATN结果(验证是否是支付宝发来的消息)
    283. 

  283. 			$responseTxt = 'false';
    284. 

  284. 			if (! empty($_POST["notify_id"])) {$responseTxt = $this->getResponse($_POST["notify_id"]);}		
    285. 

  285. 			
    286. 

  286. 			//验证
    287. 

  287. 			//$responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关
    288. 

  288. 			//isSign的结果不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关
    289. 

  289. 			if (preg_match("/true$/i",$responseTxt) && $isSign) {
    290. 

  290. 				return true;
    291. 

  291. 			} else {
    292. 

  292. 				return false;
    293. 

  293. 			}
    294. 

  294. 		}
    295. 

  295. 	}
    296. 

  296. 	
    297. 

  297. 	
    298. 

  298. 	/**
    299. 

  299. 	 * 
    300. 

  300. 	 * 取得订单支付状态,成功或失败
    301. 

  301. 	 * @param array $param
    302. 

  302. 	 * @return array
    303. 

  303. 	 */
    304. 

  304. 	public function getPayResult($param){
    305. 

  305. 		return $param['trade_status'] == 'TRADE_SUCCESS';
    306. 

  306. 	}
    307. 

  307. 

  308. 	/**
    309. 

  309. 	 * 
    310. 

  310. 	 *
    311. 

  311. 	 * @param string $name
    312. 

  312. 	 * @return 
    313. 

  313. 	 */
    314. 

  314. 	public function __get($name){
    315. 

  315. 	    return $this->$name;
    316. 

  316. 	}
    317. 

  317. 

  318. 	/**
    319. 

  319. 	 * 远程获取数据
    320. 

  320. 	 * $url 指定URL完整路径地址
    321. 

  321. 	 * @param $time_out 超时时间。默认值:60
    322. 

  322. 	 * return 远程输出的数据
    323. 

  323. 	 */
    324. 

  324. 	private function getHttpResponse($url,$time_out = "60") {
    325. 

  325. 		$urlarr     = parse_url($url);
    326. 

  326. 		$errno      = "";
    327. 

  327. 		$errstr     = "";
    328. 

  328. 		$transports = "http";
    329. 

  329. 		$responseText = "";
    330. 

  330. 		if($urlarr["scheme"] == "https") {
    331. 

  331. 			$transports = "ssl://";
    332. 

  332. 			$urlarr["port"] = "443";
    333. 

  333. 		} else {
    334. 

  334. 			$transports = "tcp://";
    335. 

  335. 			$urlarr["port"] = "80";
    336. 

  336. 		}
    337. 

  337. 		$fp=@fsockopen($transports . $urlarr['host'],$urlarr['port'],$errno,$errstr,$time_out);
    338. 

  338. 		if(!$fp) {
    339. 

  339. 			die("ERROR: $errno - $errstr<br />\n");
    340. 

  340. 		} else {
    341. 

  341. 			if (trim(CHARSET) == '') {
    342. 

  342. 				fputs($fp, "POST ".$urlarr["path"]." HTTP/1.1\r\n");
    343. 

  343. 			} else {
    344. 

  344. 				fputs($fp, "POST ".$urlarr["path"].'?_input_charset='.CHARSET." HTTP/1.1\r\n");
    345. 

  345. 			}
    346. 

  346. 			fputs($fp, "Host: ".$urlarr["host"]."\r\n");
    347. 

  347. 			fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
    348. 

  348. 			fputs($fp, "Content-length: ".strlen($urlarr["query"])."\r\n");
    349. 

  349. 			fputs($fp, "Connection: close\r\n\r\n");
    350. 

  350. 			fputs($fp, $urlarr["query"] . "\r\n\r\n");
    351. 

  351. 			while(!feof($fp)) {
    352. 

  352. 				$responseText .= @fgets($fp, 1024);
    353. 

  353. 			}
    354. 

  354. 			fclose($fp);
    355. 

  355. 			$responseText = trim(stristr($responseText,"\r\n\r\n"),"\r\n");
    356. 

  356. 			return $responseText;
    357. 

  357. 		}
    358. 

  358. 	}
    359. 

  359. 

  360.     /**
    361. 

  361.      * 制作支付接口的请求地址
    362. 

  362.      *
    363. 

  363.      * @return string
    364. 

  364.      */
    365. 

  365.     private function create_url() {
    366. 

  366. 		$url        = $this->alipay_gateway_new;
    367. 

  367. 		$filtered_array	= $this->para_filter($this->parameter);
    368. 

  368. 		$sort_array = $this->arg_sort($filtered_array);
    369. 

  369. 		$arg        = "";
    370. 

  370. 		while (list ($key, $val) = each ($sort_array)) {
    371. 

  371. 			$arg.=$key."=".urlencode($val)."&";
    372. 

  372. 		}
    373. 

  373. 		$url.= $arg."sign=" .$this->parameter['sign'] ."&sign_type=".$this->parameter['sign_type'];
    374. 

  374. 		
    375. 

  375. 		return $url;
    376. 

  376. 	}
    377. 

  377. 

  378. 	/**
    379. 

  379. 	 * 取得支付宝签名
    380. 

  380. 	 *
    381. 

  381. 	 * @return string
    382. 

  382. 	 */
    383. 

  383. 	private function sign($parameter) {
    384. 

  384. 		$mysign = "";
    385. 

  385. 		
    386. 

  386. 		$filtered_array	= $this->para_filter($parameter);
    387. 

  387. 		$sort_array = $this->arg_sort($filtered_array);
    388. 

  388. 		$arg = "";
    389. 

  389.         while (list ($key, $val) = each ($sort_array)) {
    390. 

  390. 			$arg	.= $key."=".$this->charset_encode($val,(empty($parameter['_input_charset'])?"UTF-8":$parameter['_input_charset']),(empty($parameter['_input_charset'])?"UTF-8":$parameter['_input_charset']))."&";
    391. 

  391. 		}
    392. 

  392. 		$prestr = substr($arg,0,-1);  //去掉最后一个&号
    393. 

  393. 		$prestr	.= $parameter['key'];
    394. 

  394.         if($parameter['sign_type'] == 'MD5') {
    395. 

  395. 			$mysign = md5($prestr);
    396. 

  396. 		}elseif($parameter['sign_type'] =='DSA') {
    397. 

  397. 			//DSA 签名方法待后续开发
    398. 

  398. 			die("DSA 签名方法待后续开发,请先使用MD5签名方式");
    399. 

  399. 		}else {
    400. 

  400. 			die("支付宝暂不支持".$parameter['sign_type']."类型的签名方式");
    401. 

  401. 		}
    402. 

  402. 		return $mysign;
    403. 

  403. 

  404. 	}
    405. 

  405. 

  406. 	/**
    407. 

  407. 	 * 除去数组中的空值和签名模式
    408. 

  408. 	 *
    409. 

  409. 	 * @param array $parameter
    410. 

  410. 	 * @return array
    411. 

  411. 	 */
    412. 

  412. 	private function para_filter($parameter) {
    413. 

  413. 		$para = array();
    414. 

  414. 		while (list ($key, $val) = each ($parameter)) {
    415. 

  415. 			if($key == "sign" || $key == "sign_type" || $key == "key" || $val == "")continue;
    416. 

  416. 			else	$para[$key] = $parameter[$key];
    417. 

  417. 		}
    418. 

  418. 		return $para;
    419. 

  419. 	}
    420. 

  420. 

  421. 	/**
    422. 

  422. 	 * 重新排序参数数组
    423. 

  423. 	 *
    424. 

  424. 	 * @param array $array
    425. 

  425. 	 * @return array
    426. 

  426. 	 */
    427. 

  427. 	private function arg_sort($array) {
    428. 

  428. 		ksort($array);
    429. 

  429. 		reset($array);
    430. 

  430. 		return $array;
    431. 

  431. 

  432. 	}
    433. 

  433. 

  434. 	/**
    435. 

  435. 	 * 实现多种字符编码方式
    436. 

  436. 	 */
    437. 

  437. 	private function charset_encode($input,$_output_charset,$_input_charset="UTF-8") {
    438. 

  438. 		$output = "";
    439. 

  439. 		if(!isset($_output_charset))$_output_charset  = $this->parameter['_input_charset'];
    440. 

  440. 		if($_input_charset == $_output_charset || $input == null) {
    441. 

  441. 			$output = $input;
    442. 

  442. 		} elseif (function_exists("mb_convert_encoding")){
    443. 

  443. 			$output = mb_convert_encoding($input,$_output_charset,$_input_charset);
    444. 

  444. 		} elseif(function_exists("iconv")) {
    445. 

  445. 			$output = iconv($_input_charset,$_output_charset,$input);
    446. 

  446. 		} else die("sorry, you have no libs support for charset change.");
    447. 

  447. 		return $output;
    448. 

  448. 	}
    449. 

  449. }
    450.