From cac2a1194890c4925a6e325a6fb5eeb77208c477 Mon Sep 17 00:00:00 2001
From: aozhiwei <aozhiwei@kingsome.cn>
Date: Mon, 7 Aug 2023 11:00:19 +0800
Subject: [PATCH] 1

---
 webapp/services/callback/InAppPurchase.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/webapp/services/callback/InAppPurchase.php b/webapp/services/callback/InAppPurchase.php
index 700e58af..df3fda6e 100644
--- a/webapp/services/callback/InAppPurchase.php
+++ b/webapp/services/callback/InAppPurchase.php
@@ -47,9 +47,9 @@ class InAppPurchase {
 
     public function process()
     {
-        error_log('InappPurchase:' . json_encode($_REQUEST));
-        error_log('----- inappPurchaseDiamonds -----');
         $data = json_decode(file_get_contents('php://input'), true);
+        error_log('InappPurchase:' . json_encode($_REQUEST));
+        error_log('----- inappPurchaseDiamonds -----' . json_encode($data));
 
         if (!$this->verifySign($data)) {
             myself()->_rspErr(1, "signature error");
@@ -82,9 +82,9 @@ class InAppPurchase {
             }
         }
         $signStr = 'channel=' . $channel . '&' . implode("&", $strings);
-        error_log('InAppPurchase verify ' . $signStr);
 
-        $signature = hash_hmac('sha256', $sign, BUY_SERVER_PKEY);
+        $signature = hash_hmac('sha256', $signStr, BUY_SERVER_PKEY);
+        error_log('InAppPurchase verify ' . $signStr . ' sign1=' . $sign . ' sign2=' . $signature);
         return $sign == $signature;
     }