pay/webapp/controller/PayController.class.php

<?php

class PayController {

    const SCAN_PAY_API_URL = 'https://gwapi.yemadai.com/pay/aggregatePay';
    const PRI_KEY = 'MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALaDZP3ysvKxkBLWlW/aAT/YM5/34uQcj2gQVV4q9Vkoscw3MSlmRcr4hckwenGUw0tK2LC4vEume8JBCm0ZsWiGoOwcAJp16Zzr+35hUXYVfgXoYiAG5o8N0nBIYCWO1Tk/e+wJsmkY9eHpA3Iq94EAkogttd6bqk+X4nTUIxfJAgMBAAECgYB3pECC3CMERvOr9bC2RtGE2aRV2/iHElXLoNFlToHQ9YU/2npGqj1cJXgF/9p0NFGlPKY5ipAcg0EjgOFlzW7me9C/wC7x704+WMsqZu7POvOXTlFDRVHYpd6iQqLubjToSMPeIEreSBQYjU8giiVxEZ+7mcFpBShFcXSTJWInBQJBANw5/euICWKnqtmN/PXzdKVC+Y4A2TsYgxWCQaCrjO7YytqCCoaZSJn0+rnTchI0VB2YP0nBxlz+8Jp7DkPjpMsCQQDUKR2Olmh7VB9OQ49KhsgGoNMZvZB69borAPtY8I3eSkyS3t6xTa5S9AEXV4hW1553/KewBAYvnAwS0Gkevbc7AkAzlaXjoLbKFAoR8Y9aMQ+WkkyQNaSskf5KcHtc3jIh1EgXzLQYeRknbtm3405p8zXsxLe2WBxVtiW3mbFqt4znAkEAoeLJmd5s1QYoaRimAtD7WgtnaPG7iAduSZgTMhdDuUVqTnte412J0eQ73Oq+rr0SPy37ahR3/+YLVGPQglNytwJAAcbSZ0EhcRaJUMcrrs2HQoMmQ53Gs5qJsVE5VWUh25Ryqjjo6y7kVYVVaYU1xhguMs7309Y4F4VFiPLZeLIpcw==';

    const MER_NO = '49118';
    const SUB_APPID = 'wx7d6509053659d9ed';
    const COMPANY_NO = 'sweep-f4fea613fec043f8bd81e9b70375e364';

    protected function getMysql($accountid)
    {
        $mysql_conf = getMysqlConfig(crc32($accountid));
        $conn = new phpcommon\Mysql(array(
            'host' => $mysql_conf['host'],
            'port' => $mysql_conf['port'],
            'user' => $mysql_conf['user'],
            'passwd' => $mysql_conf['passwd'],
            'dbname' => 'paydb'
        ));
        return $conn;
    }

    //ksome201908191405_xxxxx
    private function getOrderId()
    {
        $conn = $this->getMysql($_REQUEST['account_id']);
        $orderid_pre = 'ksome' . strftime('%y%m%d%H%M%S');
        $ret = $conn->execScript("INSERT INTO orderidx(createtime) VALUES(:createtime);",
                                 array(
                                     'createtime' => time()
                                 ));
        if (!$ret) {
            die();
        }
        $row = $conn->execQueryOne('SELECT LAST_INSERT_ID();', array());
        if (empty($row)) {
            die();
        }
        $orderid = $orderid_pre . '_' . $row[0];
        return $orderid;
    }

    private function _reaEncode($str) {
        $prikey = phpcommon\ReadPriKey(self::PRI_KEY);
        return openssl_sign($str, $sign, $prikey, OPENSSL_ALGO_SHA1) ? base64_encode($sign) : false;
    }

    public function aggregatePay()
    {
        if (SERVER_ENV == _ONLINE) {
            if (!phpcommon\isValidSessionId(
                $_REQUET['account_id'],
                $_REQUET['session_id']
            )) {
                echo json_encode(array(
                    'errcode' => 100,
                    'errmsg' => 'session无效',
                ));
                die();
            }
        }
        $openid = 'ouPbc4gvHQ_eRRtPKb6BhHGpheB8';
        if (isset($_REQUEST['account_id'])) {
            $openid = phpcommon\extractOpenId($_REQUEST['account_id']);
        }
        $orderid = $this->getOrderId();
        if (empty($orderid)) {
            die();
        }
        $nowtime = time();
        $advice_url = '';
        $amount = 0.01;
        if (SERVER_ENV != _ONLINE) {
            $advice_url = "https://gamepay-test.kingsome.cn/webapp/index.php?c=PayNotify&a=payNotify";
        } else {
            $advice_url = "https://gamepay.kingsome.cn/webapp/index.php?c=PayNotify&a=payNotify";
        }
        $params = array(
            'MerchantNo' => self::MER_NO,
            'MerchantOrderNo' => $orderid,
            'PayType' => 'WxJsapi_OnLine',
            'Amount' => $amount,
            'Subject' => '1',
            'Desc' => '1',
            'CompanyNo' => self::COMPANY_NO,
            'RandomStr' => $orderid,
            'SignInfo' => '',
            'AdviceUrl' => htmlentities($advice_url),
            'SubAppid' => self::SUB_APPID,
            'UserId' => $openid
        );
        $params['SignInfo'] = $this->_reaEncode(
            'AdviceUrl=' . $advice_url . '&' .
            'Amount=' . $params['Amount'] . '&' .
            'MerchantNo=' . $params['MerchantNo'] . '&' .
            'MerchantOrderNo=' . $params['MerchantOrderNo'] . '&' .
            'PayType=' . $params['PayType'] . '&' .
            'RandomStr=' . $params['RandomStr'] .
            ''
        );
        $xml_txt = phpcommon\objectToXml($params, '<AggregatePayRequest/>');
        $xml_txt = str_replace('<?xml version="1.0"?>', '<?xml version="1.0" encoding="utf-8"?>', $xml_txt);
#        echo $xml_txt;
        $requestDomain = base64_encode($xml_txt);
        $response = '';
        if (!phpcommon\HttpClient::post(self::SCAN_PAY_API_URL,
                                        'requestDomain='. urlencode($requestDomain),
                                        $response)
        ) {
            echo json_encode(array(
                'errcode' => 101,
                'errmsg' => '交易失败:' . $response,
            ));
            die();
        }
        error_log(base64_decode($response));
        $xmlobj = new \SimpleXMLElement(base64_decode($response));
        if ($xmlobj->RespCode == '0000') {
            $conn = $this->getMysql($_REQUEST['account_id']);
#            $ret = $conn->execScript();
            echo json_encode(array(
                'errcode' => 0,
                'errmsg' => '',
                'orderid' => $orderid,
                'pay_str' => (string)$xmlobj->PayStr
            ));
        } else {
            echo json_encode(array(
                'errcode' => 1,
                'errmsg' => '平台错误:' . $xmlobj->RespCode,
            ));
        }
    }

}