From a1f2f6ae48de5f9af215838cd90b956974c116ab Mon Sep 17 00:00:00 2001 From: songliang Date: Fri, 9 Jun 2023 17:35:25 +0800 Subject: [PATCH] ... --- webapp/controller/ShopController.class.php | 135 ++++++++++++++------- 1 file changed, 88 insertions(+), 47 deletions(-) diff --git a/webapp/controller/ShopController.class.php b/webapp/controller/ShopController.class.php index f306d2ad..c71b1f38 100644 --- a/webapp/controller/ShopController.class.php +++ b/webapp/controller/ShopController.class.php @@ -62,7 +62,7 @@ class ShopController extends BaseAuthedController //27 = 韩国 const TOKEN_TYPE_KRW = '27'; - + // 限购类型 const DAILY_BUY_LIMIT = 1; const WEEKLY_BUY_LIMIT = 2; @@ -79,7 +79,7 @@ class ShopController extends BaseAuthedController // } // } - if(getReqVal('a', '') != 'buyGoodsDirect'){ + if (getReqVal('a', '') != 'buyGoodsDirect') { parent::_handlePre(); } } @@ -286,69 +286,110 @@ class ShopController extends BaseAuthedController public function buyGoodsDirect() { - // let repdata = { - // account_id: string - // order_id: string - // status: string - // id: string - // txhash: string - // } - // 我返回给你这些数据和一个sign字段, - // sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 iG4Rpsa)6U31$H#^T85$^^3 + // let repdata = { + // account_id: string + // order_id: string + // status: string + // id: string + // txhash: string + // } + // 我返回给你这些数据和一个sign字段, + // sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是 iG4Rpsa)6U31$H#^T85$^^3 + // PENDING = 0, // 初始状态 + // TRANSFERING = 1, //只有国库模式才会有该状态 + // TRANSFERED = 2, //只有国库模式才会有该状态 + // SUCCESS = 9, // 成功的最终状态 + // TRANSFER_FAIL = 98, // 转账错误 + // FAIL = 99, // 也是错误 + // - $token_type = getReqVal('token_type', ''); - $goods_num = getReqVal('goods_num', 0); + $account_id = getReqVal('account_id', ''); + $order_id = getReqVal('order_id', ''); + $status = getReqVal('status', ''); + $id = getReqVal('id', ''); + $txhash = getReqVal('txhash', ''); - $order_id = 28; - error_log("buyGoodsDirect-------"); + $sign = getReqVal('sign', ''); + + $data = array( + 'account_id' => $account_id, + 'id' => $id, + 'order_id' => $order_id, + 'status' => $status, + 'txhash' => $txhash, + ); + + $hash_data = http_build_query($data); + + $signature = hash_hmac('sha256', $hash_data, 'iG4Rpsa)6U31$H#^T85$^^3'); + + if ($signature != $sign) { + $this->_rspErr(1, "signature error, signature: {$signature}, sign: {$sign}"); + return; + } + + error_log("buyGoodsDirect-------" . $order_id . "---" . $status); $conn = myself()->_getMysql(''); - + $order = SqlHelper::selectOne($conn, 't_shop_buy_order', array('account_id', 'item_id', 'goods_num', 'status'), array('idx' => $order_id)); $id = $order['item_id']; $goods_num = $order['goods_num']; - $status = $order['status']; + $o_status = $order['status']; + $token_type = $order['token_type']; - if ($status != 0) { - $this->_rspErr(1, "order status error, status: {$status}"); + if ($o_status != 0) { + $this->_rspErr(1, "order status error, status: {$o_status}"); return; } - $buyStatus = 1; // 1: 成功, 2: 失败 - SqlHelper::update($conn, 't_shop_buy_order', array('idx' => $order_id), array('status' => $buyStatus) ); + $buyStatus = 0; // 1: 成功, 2: 失败 + switch ($status) { + case "9": + $buyStatus = 1; + break; + case "99": + case "98": + $buyStatus = 2; + break; + } + + SqlHelper::update($conn, 't_shop_buy_order', array('idx' => $order_id), array('status' => $buyStatus)); $row = mt\ShopGoods::get($id); + if ($row) { + $desired_token_type = $row['token_type']; + $check_token_type = splitStr1($desired_token_type); + // $token_pos = array_search($token_type, $check_token_type, true); + // if (!in_array($token_type, $check_token_type)) { + // $this->_rspErr(1, "token_type parameter error, desired_token_type: {$desired_token_type}"); + // return; + // } - $desired_token_type = $row['token_type']; - $check_token_type = splitStr1($desired_token_type); - $token_pos = array_search($token_type, $check_token_type, true); - if (!in_array($token_type, $check_token_type)) { - $this->_rspErr(1, "token_type parameter error, desired_token_type: {$desired_token_type}"); - return; + if ($goods_num > $row['max_amount']) { + $this->_rspErr(1, "goods_num parameter error, max_amount: {$row['max_amount']}"); + return; + } + + // 这里命名混乱了, 购买个数,一捆个数命名冲突 + $goods_count = $row['goods_num']; + + $itemMeta = mt\Item::get($row['goods_id']); + $propertyChgService = new services\PropertyChgService(); + for ($i = 0; $i < $goods_num; $i++) { + $this->internalAddItem($propertyChgService, $itemMeta, $goods_count); + } + $awardService = new services\AwardService(); + $awardService->addItem($row['goods_id'], $goods_num); + ShopBuyRecord::add($id, $goods_num); } - if ($goods_num > $row['max_amount']) { - $this->_rspErr(1, "goods_num parameter error, max_amount: {$row['max_amount']}"); - return; - } - - // 这里命名混乱了, 购买个数,一捆个数命名冲突 - $goods_count = $row['goods_num']; - - $itemMeta = mt\Item::get($row['goods_id']); - $propertyChgService = new services\PropertyChgService(); - for ($i = 0; $i < $goods_num; $i++) { - $this->internalAddItem($propertyChgService, $itemMeta, $goods_count); - } - $awardService = new services\AwardService(); - $awardService->addItem($row['goods_id'], $goods_num); - ShopBuyRecord::add($id, $goods_num); - $this->_rspOk(); } - public function startGoodsDirect() { + public function startGoodsDirect() + { $id = getReqVal('id', 0); $token_type = getReqVal('token_type', ''); $goods_num = getReqVal('goods_num', 0); @@ -376,7 +417,8 @@ class ShopController extends BaseAuthedController } } - public function statusGoodsDirect() { + public function statusGoodsDirect() + { $order_id = getReqVal('order_id', ''); $conn = myself()->_getMysql(''); @@ -978,5 +1020,4 @@ class ShopController extends BaseAuthedController $row = $conn->execQueryOne('SELECT LAST_INSERT_ID() as lastId;', array()); return $row['lastId']; } - }