diff --git a/sql/paydb.sql b/sql/paydb.sql
index 3a68f0e..c917775 100644
--- a/sql/paydb.sql
+++ b/sql/paydb.sql
@@ -30,6 +30,20 @@ CREATE TABLE `version` (
 ) ENGINE=InnoDB AUTO_INCREMENT=10001 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 /*!40101 SET character_set_client = @saved_cs_client */;
 
+--
+-- Table structure for table `orderidx`
+--
+
+DROP TABLE IF EXISTS `orderidx`;
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `orderidx` (
+  `idx` int(11) NOT NULL AUTO_INCREMENT COMMENT '自增id',
+  `createtime` int(11) NOT NULL DEFAULT '0' COMMENT '创建时间',
+  PRIMARY KEY (`idx`)
+) ENGINE=InnoDB AUTO_INCREMENT=10001 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+/*!40101 SET character_set_client = @saved_cs_client */;
+
 --
 -- Table structure for table `orderinfo`
 --
@@ -57,6 +71,7 @@ CREATE TABLE `orderinfo` (
   `sp_pay_result` int(11) NOT NULL DEFAULT '0' COMMENT '0: 未确认 1: 支付成功 -1:支付失败',
 
   PRIMARY KEY (`idx`),
+  UNIQUE KEY `orderid` (`orderid`),
   KEY `accountid` (`accountid`),
   KEY `openid` (`openid`),
   KEY `channel_index` (`channel`),
diff --git a/webapp/controller/PayController.class.php b/webapp/controller/PayController.class.php
index 29e1a3d..cae8994 100644
--- a/webapp/controller/PayController.class.php
+++ b/webapp/controller/PayController.class.php
@@ -3,27 +3,62 @@
 class PayController {
 
     const SCAN_PAY_API_URL = 'https://gwapi.yemadai.com/pay/scanpay';
+    const PRI_KEY = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaxbGPoh7l8zq7AwhsSsuOj1wNH1YArG/oZvjC
+Zn2xkeeemhWMh13t03mdz6VVaCsqOc3suN9zCG9tPMxSzSDmtvtcqfqQnFG80Fmi7TCPhju9yW+p
+ovjC6GrQnGWdafBpwh0jT/Wqa+GKlygVDXMxhwbDExn/aWStPCaB1pkMcwIDAQAB';
+    const PUB_KEY = 'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVd+f/YkGDi8s9AKhZvmHCxZ2+sPKIsr+JVS2U
+j4pP6qApuNq5lEwtF4c6LzHJbUUxKge/OttiR7pR481tqW3PgeSYjyU6rayx0rSEo8/xqVHnh4Xu
+gbJREUVyq/Evp79f0BePO69zC0AdYZSjXOAVG8uduRzHl4RWb7BiDLBL3QIDAQAB';
+    const MER_NO = '49118';
 
-    public function getOrderId()
+    protected function getMysql($accountid)
     {
-        $channel = phpcommon\extractChannel($_REQUEST['accountid']);
+        $mysql_conf = getMysqlConfig(crc32($accountid));
+        $conn = new phpcommon\Mysql(array(
+            'host' => $mysql_conf['host'],
+            'port' => $mysql_conf['port'],
+            'user' => $mysql_conf['user'],
+            'passwd' => $mysql_conf['passwd'],
+            'dbname' => 'paydb'
+        ));
+        return $conn;
+    }
 
-        $sdk = sdkwarpper\createSdkByChannel($channel);
-        if (!$sdk) {
-            echo 'is null';
-        } else {
-            $gameid = isset($_REQUEST['gameid']) ? $_REQUEST['gameid'] : 1008;
-            switch ($channel)
-            {
-            case SELFSDK_CHANNEL:
-                break;
-            case WEIXIN_CHANNEL:
-                break;
-            default:
-                break;
-            }
-            $sdk->getOrderId();
+    //ksome201908191405_xxxxx
+    private function getOrderId()
+    {
+        $conn = $this->getMysql($_REQUEST['account_id']);
+        $orderid_pre = 'ksome' . strftime('%y%m%d%H%M%S');
+        $ret = $conn->execScript("INSERT INTO orderidx(createtime) VALUES(:createtime);",
+                                 array(
+                                     'createtime' => time()
+                                 ));
+        if (!$ret) {
+            die();
         }
+        $row = $conn->execQueryOne('SELECT LAST_INSERT_ID();', array());
+        if (empty($row)) {
+            die();
+        }
+        $orderid = $orderid_pre . '_' . $row[0];
+        echo $orderid;
+    }
+
+    private function _redPubkey()
+    {
+        $pem = "-----BEGIN PUBLIC KEY-----\n" . chunk_split(self::$pubkey, 64, "\n") . "-----END PUBLIC KEY-----\n";
+        return openssl_pkey_get_public($pem);
+    }
+
+    private function _redPrikey()
+    {
+        $pem = "-----BEGIN RSA PRIVATE KEY-----\n" . chunk_split(self::$prikey, 64, "\n") . "-----END RSA PRIVATE KEY-----\n";
+        return openssl_pkey_get_private($pem);
+    }
+
+    private function _reaEncode($str) {
+        $prikey = self::_redPrikey();
+        return openssl_sign($str, $sign, $prikey, OPENSSL_ALGO_SHA1) ? base64_encode($sign) : false;
     }
 
     public function scanPay()
@@ -42,6 +77,15 @@ class PayController {
             'remark' => '',
             'MerName' => '',
         );
+        $this->getOrderId();
+        die();
+        $params['SignInfo'] = $this->reaEncode(
+            'MerNo=' . $params['MerNo'] . '&' .
+            'BillNo=' . $params['BillNo'] . '&' .
+            'Amount=' . $params['Amount'] . '&' .
+            'OrderTime=' . $params['OrderTime'] . '&' .
+            'AdviceUrl=' . $params['AdviceUrl']
+        );
         $requestDomain = '';
         if (phpcommon\HttpClient::post(self::SCAN_PAY_API_URL,
                                        array(