game2006api/webapp/services/callback/OutAppPurchase.php

<?php

namespace services;

require_once("mt/ShopGoods.php");
require_once("mt/Item.php");

require_once("models/ShopBuyRecord.php");
require_once("models/OutAppOrder.php");
require_once("models/FirstTopup.php");

require_once("services/LogService.php");
require_once("ShopAddItemService.php");

use phpcommon\SqlHelper;

use mt;
use models\ShopBuyRecord;
use models\OutAppOrder;
use models\FirstTopup;

use services\LogService;

// let repdata = {
//     account_id: string
//     order_id: string
//     status: string
//     id: string
//     txhash: string
//   }
// 我返回给你这些数据和一个sign字段,
// sign使用上面 repdata 按key 顺序排后, 组成key1=val1&key2=val2后, 使用hmac_sha256 hash, key是
// PENDING = 0,	// 初始状态
// TRANSFERING = 1, //只有国库模式才会有该状态
// TRANSFERED = 2, //只有国库模式才会有该状态
// SUCCESS = 9,		// 成功的最终状态
// TRANSFER_FAIL = 98, // 转账错误
// FAIL = 99,	// 也是错误
//

class OutAppPurchase {

    public function process()
    {
        error_log("OutAppPurchase --- " . json_encode($_REQUEST));

        if (!$this->verifySign()) {
            error_log("verifySign error --- " . json_encode($_REQUEST));
            myself()->_rspErr(1, 'verifySign error');
            return;
        }
        $accountId = getReqVal('account_id', '');
        $orderId = getReqVal('order_id', '');
        $status = getReqVal('status', '');
        $id = getReqVal('id', '');
        $txhash = getReqVal('txhash', '');
        $sign = getReqVal('sign', '');

        $orderDb = OutAppOrder::find($orderId);
        if (!$orderDb) {
            myself()->_rspErr(0, 'not found order');
            return;
        }
        if ($orderDb['status'] == OutAppOrder::FINISHED_STATE) {
            myself()->_rspErr(0, 'order is finished');
            return;
        }
        if ($status != 9) {
            OutAppOrder::markFailed($orderDb['order_id']);
            myself()->_rspErr(0, 'order is failed');
            return;
        }
        OutAppOrder::markFinished($orderDb['order_id']);
        FirstTopup::add($accountId);
        // 以下是看商品表中是否配置了充值额外奖励
        $goodsMeta = mt\ShopGoods::get($orderDb['goods_id']);
        if (!$goodsMeta) {
            myself()->_rspErr(0, 'goods_id is failed');
            return;
        }
        $itemNum = $goodsMeta['bonus_num'];
        $itemId = $goodsMeta['bonus'];
        $itemMeta = mt\Item::get($itemId);
        if ($itemMeta && $itemNum > 0) {
            if ($itemId == V_ITEM_DIAMOND) {
                $addItemService = new ShopAddItemService();
                $addItemService->addItemByAccountId($orderDb['account_id'], $itemId, $itemNum);
            } else {

            }
        }

        myself()->_rspOk();
    }

    private function verifySign()
    {
        $params = array_merge($_REQUEST, array());
        ksort($params);
        $excludeKeys = array(
            'c' => true,
            'a' => true,
            'action' => true,
            'sign' => true
        );
        $arrSign = array();
        foreach($params as $key => $val){
            if (!array_key_exists($key, $excludeKeys)) {
                array_push($arrSign, $key . '=' . $val);
            }
        }
        $signStr = implode('&', $arrSign);
        $sign = hash_hmac('sha256', $signStr, BUY_SERVER_PKEY);
        return $sign == getReqVal('sign', '');
    }

}