diff --git a/sql/paydb.sql b/sql/paydb.sql
index c917775..ce8582d 100644
--- a/sql/paydb.sql
+++ b/sql/paydb.sql
@@ -79,6 +79,24 @@ CREATE TABLE `orderinfo` (
) ENGINE=InnoDB AUTO_INCREMENT=10001 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
/*!40101 SET character_set_client = @saved_cs_client */;
+--
+-- Table structure for table `notify_his`
+--
+
+DROP TABLE IF EXISTS `notify_his`;
+/*!40101 SET @saved_cs_client = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `notify_his` (
+ `idx` int(11) NOT NULL AUTO_INCREMENT COMMENT '自增id',
+ `orderid` varchar(60) DEFAULT '' COMMENT '订单id',
+ `request_data` mediumblob COMMENT 'request_data',
+ `ipv4` varchar(50) NOT NULL DEFAULT '' COMMENT '账号创建时ipv4地址',
+ `createtime` int(11) NOT NULL DEFAULT '0' COMMENT '创建时间',
+ PRIMARY KEY (`idx`),
+ KEY `orderid` (`orderid`)
+) ENGINE=InnoDB AUTO_INCREMENT=10001 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+/*!40101 SET character_set_client = @saved_cs_client */;
+
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
diff --git a/webapp/controller/PayController.class.php b/webapp/controller/PayController.class.php
index 876cb1a..94af333 100644
--- a/webapp/controller/PayController.class.php
+++ b/webapp/controller/PayController.class.php
@@ -4,8 +4,9 @@ class PayController {
const SCAN_PAY_API_URL = 'https://gwapi.yemadai.com/pay/scanpay';
# const PRI_KEY = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaxbGPoh7l8zq7AwhsSsuOj1wNH1YArG/oZvjCZn2xkeeemhWMh13t03mdz6VVaCsqOc3suN9zCG9tPMxSzSDmtvtcqfqQnFG80Fmi7TCPhju9yW+povjC6GrQnGWdafBpwh0jT/Wqa+GKlygVDXMxhwbDExn/aWStPCaB1pkMcwIDAQAB';
+ const PRI_KEY = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaxbGPoh7l8zq7AwhsSsuOj1wNH1YArG/oZvjCZn2xkeeemhWMh13t03mdz6VVaCsqOc3suN9zCG9tPMxSzSDmtvtcqfqQnFG80Fmi7TCPhju9yW+povjC6GrQnGWdafBpwh0jT/Wqa+GKlygVDXMxhwbDExn/aWStPCaB1pkMcwIDAQAB';
const PUB_KEY = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVd+f/YkGDi8s9AKhZvmHCxZ2+sPKIsr+JVS2Uj4pP6qApuNq5lEwtF4c6LzHJbUUxKge/OttiR7pR481tqW3PgeSYjyU6rayx0rSEo8/xqVHnh4XugbJREUVyq/Evp79f0BePO69zC0AdYZSjXOAVG8uduRzHl4RWb7BiDLBL3QIDAQAB';
- const PRI_KEY = 'MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJyCbZ+14jK2NwJ6v1mE4ZR8H+sOyUs33LzNys8mJj8+1zDxTIlv0tr0JnR/m8swKw9Jes7QsQw05edmtndeQ9bLbJeXSzqpuI3Dw35etBRD7Ec93NBtX49ezf51qmqxTRRwYcMUsIhXqliuK/2G1B75EbfgGfprA1MVNQv6YX8bAgMBAAECgYAF0xjPU86KQpvDfNv4MejPRNtPPSqioP6XDDWbBflwax9JFAHcL4wyV9nChik/I5jGpd5rKfsc0C8qMHlj8d8mZV9hgh8YeUFsfH8i02SbnR8l4MvutxnDaq2PDatTPnK6Qd7PPvKqwOnfT3BHhL415yJ0ia8+uzwVONYCYcvvqQJBAMpNEa+dx/d1xY50M9n6ds4uxKEBJN+DoMqtBRUu2tdvqgITgY7es8LW2Kn+5GTCIiSdWbvmL2GSIlwqfMz92a8CQQDGDbEzgECX0kp5J3odgLm5C5nrfmk3HG2+vt0eUUWP+a5iBKqCXXW9lx+8AYs5MKxkvQkA2m13Wxm+r1ND0UhVAkEAo4MVd3e1R/umGVUtD9OUsWQ1w9jz38E5dnfQcuWzNoxnwlPX1Q2GCEa1Svndyt7qz+NqwyfzRg7ivNIOm3XWuwJAHAILsTDN8ap3hbKjflCZ8yVE2xzBXF3U10i+lG8B215/3rSyOEVnRSx9/GRrf+b2OjjRcSFyoZJsjZ7Vs52BEQJBAILJlhPhaSQ2QG+gxkdqUmcTtU28ImI2MGzJmNAkfSzSOoogO5SCw8/6qxRZqyuTxZWUm0dEs7YEln3LT7PObuM=';
+# const PRI_KEY = 'MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJyCbZ+14jK2NwJ6v1mE4ZR8H+sOyUs33LzNys8mJj8+1zDxTIlv0tr0JnR/m8swKw9Jes7QsQw05edmtndeQ9bLbJeXSzqpuI3Dw35etBRD7Ec93NBtX49ezf51qmqxTRRwYcMUsIhXqliuK/2G1B75EbfgGfprA1MVNQv6YX8bAgMBAAECgYAF0xjPU86KQpvDfNv4MejPRNtPPSqioP6XDDWbBflwax9JFAHcL4wyV9nChik/I5jGpd5rKfsc0C8qMHlj8d8mZV9hgh8YeUFsfH8i02SbnR8l4MvutxnDaq2PDatTPnK6Qd7PPvKqwOnfT3BHhL415yJ0ia8+uzwVONYCYcvvqQJBAMpNEa+dx/d1xY50M9n6ds4uxKEBJN+DoMqtBRUu2tdvqgITgY7es8LW2Kn+5GTCIiSdWbvmL2GSIlwqfMz92a8CQQDGDbEzgECX0kp5J3odgLm5C5nrfmk3HG2+vt0eUUWP+a5iBKqCXXW9lx+8AYs5MKxkvQkA2m13Wxm+r1ND0UhVAkEAo4MVd3e1R/umGVUtD9OUsWQ1w9jz38E5dnfQcuWzNoxnwlPX1Q2GCEa1Svndyt7qz+NqwyfzRg7ivNIOm3XWuwJAHAILsTDN8ap3hbKjflCZ8yVE2xzBXF3U10i+lG8B215/3rSyOEVnRSx9/GRrf+b2OjjRcSFyoZJsjZ7Vs52BEQJBAILJlhPhaSQ2QG+gxkdqUmcTtU28ImI2MGzJmNAkfSzSOoogO5SCw8/6qxRZqyuTxZWUm0dEs7YEln3LT7PObuM=';
const MER_NO = '49118';
protected function getMysql($accountid)
@@ -110,7 +111,7 @@ class PayController {
'OrderTime=' . $params['OrderTime'] . '&' .
'AdviceUrl=' . $advice_url
);
- // var_dump(phpcommon\objectToXml($params, ''));
+ var_dump(phpcommon\objectToXml($params, ''));
$requestDomain = base64_encode(phpcommon\objectToXml($params, ''));
$response = '';
if (phpcommon\HttpClient::post(self::SCAN_PAY_API_URL,
diff --git a/webapp/controller/PayNotifyController.class.php b/webapp/controller/PayNotifyController.class.php
index 106ed32..577686f 100644
--- a/webapp/controller/PayNotifyController.class.php
+++ b/webapp/controller/PayNotifyController.class.php
@@ -2,9 +2,86 @@
class PayNotifyController {
+ const PUB_KEY = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVd+f/YkGDi8s9AKhZvmHCxZ2+sPKIsr+JVS2Uj4pP6qApuNq5lEwtF4c6LzHJbUUxKge/OttiR7pR481tqW3PgeSYjyU6rayx0rSEo8/xqVHnh4XugbJREUVyq/Evp79f0BePO69zC0AdYZSjXOAVG8uduRzHl4RWb7BiDLBL3QIDAQAB';
+
+ protected function getMysql($accountid)
+ {
+ $mysql_conf = getMysqlConfig(crc32($accountid));
+ $conn = new phpcommon\Mysql(array(
+ 'host' => $mysql_conf['host'],
+ 'port' => $mysql_conf['port'],
+ 'user' => $mysql_conf['user'],
+ 'passwd' => $mysql_conf['passwd'],
+ 'dbname' => 'paydb'
+ ));
+ return $conn;
+ }
+
+ private function _redPubkey()
+ {
+ $pem = "-----BEGIN PUBLIC KEY-----\n" .
+ chunk_split(self::PUB_KEY, 64, "\n") .
+ "-----END PUBLIC KEY-----\n";
+ echo $pem;
+ return openssl_pkey_get_public($pem);
+ }
+
+ private function _redPrikey()
+ {
+ $pem = "-----BEGIN RSA PRIVATE KEY-----\n" .
+ chunk_split(self::PRI_KEY, 64, "\n") .
+ "-----END RSA PRIVATE KEY-----\n";
+ error_log($pem);
+ return openssl_pkey_get_private($pem);
+ }
+
+ private function _reaEncode($str) {
+ $prikey = self::_redPrikey();
+ return openssl_sign($str, $sign, $prikey, OPENSSL_ALGO_SHA1) ? base64_encode($sign) : false;
+ }
+
public function payNotify()
{
error_log('payNotify:' . json_encode($_REQUEST));
+ $sign_info = $this->_reaEncode(
+ 'MerNo=' . $_REQUEST['MerNo'] . '&' .
+ 'BillNo=' . $_REQUEST['BillNo'] . '&' .
+ 'OrderNo=' . $_REQUEST['OrderNo'] . '&' .
+ 'Amount=' . $_REQUEST['Amount'] . '&' .
+ 'Succeed=' . $_REQUEST['Succeed']
+ );
+ if ($sign_info != $_REQUEST['SignInfo']) {
+ die('sign error');
+ }
+ $conn = $this->getMysql($_REQUEST['OrderNo']);
+ $conn->execScript("INSERT INTO notify_his(orderid, request_data, ipv4, createtime)" .
+ "VALUES(:orderid, :request_data, :ipv4, :createtime);",
+ array(
+ ':orderid' => $_REQUEST['OrderNo'],
+ ':request_data' => json_encode($_REQUEST),
+ ':ipv4' => phpcommon\getIPv4(),
+ ':createtime' => time()
+ ));
+ if ($_REQUEST['Succeed'] == '88') {
+ $row = $conn->execQueryOne('SELECT orderid, accountid, sp_pay_result, status FROM orderinfo ' .
+ 'WHERE orderid=:orderid;',
+ array(
+ 'orderid' => $_REQUEST['OrderNo']
+ )
+ );
+ if ($row) {
+ if ($row['status'] == 0 && $row['sp_pay_result'] == 0) {
+ $ret = $conn->execScript('UPDATE orderinfo SET sp_pay_result = 1 WHERE orderid=:orderid',
+ array(
+ 'orderid' => $_REQUEST['OrderNo']
+ ));
+ if ($ret) {
+ die('ok');
+ }
+ }
+ }
+ }
+ die('sign error');
}
}