微信支付jsapi并写入数据库--回调函数(notify.php)的使用
调用链接
http://2019.weiqingdao.cn/apps/enter/web/wei_ceshi/00ceshi/008/zhifu.php?goods_id=45&num=2
<?php
header('Content-type:text/html; Charset=utf-8');
session_start();
require './php/connect.php';
$params = array(
// 系统参数
"mchid" => '', //微信支付商户号 PartnerID 通过微信支付商户资料审核后邮件发送
"appid" => '', //微信支付申请对应的公众号的APPID
"appKey" => '', //微信支付申请对应的公众号的APP Key
"apiKey" => '', //https://pay.weixin.qq.com 帐户设置-安全设置-API安全-API密钥-设置API密钥
// 订单信息
"outTradeNo" => date("YmdHis") . str_pad(mt_rand(0, 99999), 5, 0, STR_PAD_LEFT), //你自己的商品订单号
"payAmount" => 0.01, //付款金额,单位:元
"orderName" => 'zhifu', //订单标题
"notifyUrl" => '.链接地址./notify.php', //付款成功后的回调地址(不要有问号)
"payTime" => time(), //付款时间
// sql信息
'goods_id' => 45, //商品id
'num' => 1, //数量
'user_id' => 0 //购买人id
);
// 更改参数,也可以直接使用定义的,不过实际上根据商品信息和传递的参数生成数据
$params['goods_id'] = isset($_GET['goods_id']) ? $_GET['goods_id'] : 45;
$params['num'] = isset($_GET['num']) ? $_GET['num'] : 2;
$params['user_id'] = $pdo->query("SELECT id FROM a_user WHERE phone='{$_SESSION['phone']}' and password='{$_SESSION['password']}'")->fetch(PDO::FETCH_ASSOC)['id'];
$params['user_id'] = $params['user_id'] ? $params['user_id'] : 0;
$params['payTime'] = date("Y-m-d H:i:s", $params['payTime']);
$paramsres = $pdo->query("SELECT price,title from a_book_info where info_id={$params['goods_id']}")->fetch(PDO::FETCH_ASSOC);
$params['payAmount'] = $paramsres['price'] * $params['num'];
$params['orderName'] = $paramsres['title'];
print_r('<pre>', $params);
//①、获取用户openid
$wxPay = new WxpayService($params["mchid"], $params["appid"], $params["appKey"], $params["apiKey"]);
$openId = $wxPay->GetOpenid(); //获取openid
if (!$openId) exit('获取openid失败');
//②、统一下单
$jsApiParameters = $wxPay->createJsBizPackage($openId, $params['payAmount'], $params['outTradeNo'], $params['orderName'], $params['notifyUrl'], $params['payTime']); //下单
$jsApiParameters = json_encode($jsApiParameters);
// ③下单sql
$sql = "INSERT INTO `a_buy`(open_id , `payAmount`,outTradeNo, `orderName`, `status`,info_id,xd_id,payTime )
VALUES ('$openId', {$params['payAmount']},'{$params['outTradeNo']}','{$params['orderName']}','待付款',{$params['goods_id']},{$params['user_id']},'{$params['payTime']}')";
$res = $pdo->exec($sql);
var_dump($res);
var_dump($sql);
?>
<html>
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>微信支付样例-支付</title>
<script type="text/javascript">
//调用微信JS api 支付
function jsApiCall() {
WeixinJSBridge.invoke(
'getBrandWCPayRequest',
<?php echo $jsApiParameters; ?>,
function(res) {
WeixinJSBridge.log(res.err_msg);
if (res.err_msg == 'get_brand_wcpay_request:ok') {
alert("支付成功");
window.history.back()
} else {
alert('支付失败:' + res.err_code + res.err_desc + res.err_msg);
}
}
);
}
if (typeof WeixinJSBridge == "undefined") {
if (document.addEventListener) {
document.addEventListener('WeixinJSBridgeReady', jsApiCall, false);
} else if (document.attachEvent) {
document.attachEvent('WeixinJSBridgeReady', jsApiCall);
document.attachEvent('onWeixinJSBridgeReady', jsApiCall);
}
} else {
jsApiCall();
}
</script>
</head>
</html>
<?php
class WxpayService
{
protected $mchid;
protected $appid;
protected $appKey;
protected $apiKey;
public $data = null;
public function __construct($mchid, $appid, $appKey, $key)
{
$this->mchid = $mchid; //https://pay.weixin.qq.com 产品中心-开发配置-商户号
$this->appid = $appid; //微信支付申请对应的公众号的APPID
$this->appKey = $appKey; //微信支付申请对应的公众号的APP Key
$this->apiKey = $key; //https://pay.weixin.qq.com 帐户设置-安全设置-API安全-API密钥-设置API密钥
}
/**
* 通过跳转获取用户的openid,跳转流程如下:
* 1、设置自己需要调回的url及其其他参数,跳转到微信服务器https://open.weixin.qq.com/connect/oauth2/authorize
* 2、微信服务处理完成之后会跳转回用户redirect_uri地址,此时会带上一些参数,如:code
* @return 用户的openid
*/
public function GetOpenid()
{
//通过code获得openid
if (!isset($_GET['code'])) {
//触发微信返回code码
$scheme = $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://';
$uri = $_SERVER['PHP_SELF'] . $_SERVER['QUERY_STRING'];
if ($_SERVER['REQUEST_URI']) $uri = $_SERVER['REQUEST_URI'];
$baseUrl = urlencode($scheme . $_SERVER['HTTP_HOST'] . $uri); // 例如:https://www.baidu.com/s?ie=UTF-8&wd=$_SERVER%5B%27QUERY_STRING%27%5D
$url = $this->__CreateOauthUrlForCode($baseUrl);
Header("Location: $url");
exit();
} else {
//获取code码,以获取openid
$code = $_GET['code'];
$openid = $this->getOpenidFromMp($code);
return $openid;
}
}
/**
* 通过code从工作平台获取openid机器access_token
* @param string $code 微信跳转回来带上的code
* @return openid
*/
public function GetOpenidFromMp($code)
{
$url = $this->__CreateOauthUrlForOpenid($code);
$res = self::curlGet($url);
//取出openid
$data = json_decode($res, true);
$this->data = $data;
$openid = $data['openid'];
return $openid;
}
/**
* 构造获取open和access_toke的url地址
* @param string $code,微信跳转带回的code
* @return 请求的url
*/
private function __CreateOauthUrlForOpenid($code)
{
$urlObj["appid"] = $this->appid;
$urlObj["secret"] = $this->appKey;
$urlObj["code"] = $code;
$urlObj["grant_type"] = "authorization_code";
$bizString = $this->ToUrlParams($urlObj);
return "https://api.weixin.qq.com/sns/oauth2/access_token?" . $bizString;
}
/**
* 构造获取code的url连接
* @param string $redirectUrl 微信服务器回跳的url,需要url编码
* @return 返回构造好的url
*/
private function __CreateOauthUrlForCode($redirectUrl)
{
$urlObj["appid"] = $this->appid;
$urlObj["redirect_uri"] = "$redirectUrl";
$urlObj["response_type"] = "code";
$urlObj["scope"] = "snsapi_base";
$urlObj["state"] = "STATE" . "#wechat_redirect";
$bizString = $this->ToUrlParams($urlObj);
return "https://open.weixin.qq.com/connect/oauth2/authorize?" . $bizString;
}
/**
* 拼接签名字符串
* @param array $urlObj
* @return 返回已经拼接好的字符串
*/
private function ToUrlParams($urlObj)
{
$buff = "";
foreach ($urlObj as $k => $v) {
if ($k != "sign") $buff .= $k . "=" . $v . "&";
}
$buff = trim($buff, "&");
return $buff;
}
/**
* 统一下单
* @param string $openid 调用【网页授权获取用户信息】接口获取到用户在该公众号下的Openid
* @param float $totalFee 收款总费用 单位元
* @param string $outTradeNo 唯一的订单号
* @param string $orderName 订单名称
* @param string $notifyUrl 支付结果通知url 不要有问号
* @param string $timestamp 支付时间
* @return string
*/
public function createJsBizPackage($openid, $totalFee, $outTradeNo, $orderName, $notifyUrl, $timestamp)
{
$config = array(
'mch_id' => $this->mchid,
'appid' => $this->appid,
'key' => $this->apiKey,
);
//$orderName = iconv('GBK','UTF-8',$orderName);
$unified = array(
'appid' => $config['appid'],
'attach' => 'pay', //商家数据包,原样返回,如果填写中文,请注意转换为utf-8
'body' => $orderName,
'mch_id' => $config['mch_id'],
'nonce_str' => self::createNonceStr(),
'notify_url' => $notifyUrl,
'openid' => $openid, //rade_type=JSAPI,此参数必传
'out_trade_no' => $outTradeNo,
'spbill_create_ip' => '127.0.0.1',
'total_fee' => intval($totalFee * 100), //单位 转为分
'trade_type' => 'JSAPI',
);
$unified['sign'] = self::getSign($unified, $config['key']);
$responseXml = self::curlPost('https://api.mch.weixin.qq.com/pay/unifiedorder', self::arrayToXml($unified));
//禁止引用外部xml实体
libxml_disable_entity_loader(true);
$unifiedOrder = simplexml_load_string($responseXml, 'SimpleXMLElement', LIBXML_NOCDATA);
if ($unifiedOrder === false) {
die('parse xml error');
}
if ($unifiedOrder->return_code != 'SUCCESS') {
die($unifiedOrder->return_msg);
}
if ($unifiedOrder->result_code != 'SUCCESS') {
die($unifiedOrder->err_code);
}
$arr = array(
"appId" => $config['appid'],
"timeStamp" => "$timestamp", //这里是字符串的时间戳,不是int,所以需加引号
"nonceStr" => self::createNonceStr(),
"package" => "prepay_id=" . $unifiedOrder->prepay_id,
"signType" => 'MD5',
);
$arr['paySign'] = self::getSign($arr, $config['key']);
return $arr;
}
public static function curlGet($url = '', $options = array())
{
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
if (!empty($options)) {
curl_setopt_array($ch, $options);
}
//https请求 不验证证书和host
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
public static function curlPost($url = '', $postData = '', $options = array())
{
if (is_array($postData)) {
$postData = http_build_query($postData);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_TIMEOUT, 30); //设置cURL允许执行的最长秒数
if (!empty($options)) {
curl_setopt_array($ch, $options);
}
//https请求 不验证证书和host
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
public static function createNonceStr($length = 16)
{
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$str = '';
for ($i = 0; $i < $length; $i++) {
$str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
return $str;
}
public static function arrayToXml($arr)
{
$xml = "<xml>";
foreach ($arr as $key => $val) {
if (is_numeric($val)) {
$xml .= "<" . $key . ">" . $val . "</" . $key . ">";
} else
$xml .= "<" . $key . "><![CDATA[" . $val . "]]></" . $key . ">";
}
$xml .= "</xml>";
return $xml;
}
public static function getSign($params, $key)
{
ksort($params, SORT_STRING);
$unSignParaString = self::formatQueryParaMap($params, false);
$signStr = strtoupper(md5($unSignParaString . "&key=" . $key));
return $signStr;
}
protected static function formatQueryParaMap($paraMap, $urlEncode = false)
{
$buff = "";
ksort($paraMap);
foreach ($paraMap as $k => $v) {
if (null != $v && "null" != $v) {
if ($urlEncode) {
$v = urlencode($v);
}
$buff .= $k . "=" . $v . "&";
}
}
$reqPar = '';
if (strlen($buff) > 0) {
$reqPar = substr($buff, 0, strlen($buff) - 1);
}
return $reqPar;
}
}
<?php
require './php/connect.php';
$info = file_get_contents("php://input");
$order = xmlToArray($info);
$trade['order'] = $order['out_trade_no']; /* 微信分配的小程序ID,即订单号 */
$trade["total_fee"] = $order["total_fee"]; /* 金额 */
$trade["sign"] = $order["sign"]; /* 签名 */
// https://pay.weixin.qq.com/wiki/doc/api/jsapi.php?chapter=9_7&index=8
// // 3,针对信息做处理,
// // 3.1根据返回的信息在生成签名防止数据泄漏导致出现“假通知”,造成资金损失。
$newSign = verifySign($order);
// // 3.2根据订单id去数据库或者换成查找订单消息
$data = $pdo->query("SELECT payAmount,status from a_buy WHERE outTradeNo='{$trade['order']}'")->fetch(PDO::FETCH_ASSOC); //需要注意单位为分
if (($data['payAmount'] * 100) == $trade['total_fee'] && $newSign == $trade["sign"]) {
if ($data['status'] == '待付款') {
// 更改订单状态
$pdo->exec("UPDATE a_buy set status='待发货' WHERE outTradeNo='{$trade['order']}'");
logInfo($info); //写入日志
}
return
'<xml>
<return_code><![CDATA[SUCCESS]]></return_code>
<return_msg><![CDATA[OK]]></return_msg>
</xml>';
var_dump($data);
} else {
// 失败的请求
}
// 将xml装换为数组
function xmlToArray($data)
{
return (array)simplexml_load_string($data, 'SimpleXMLElement', LIBXML_NOCDATA);
}
// 将付款成功后的数据写入log 日志文件
function logInfo($info, $fileName = 'log')
{
$debugInfo = debug_backtrace();
$message = date("Y-m-d H-i-s") . PHP_EOL . $info . PHP_EOL;;
$message .= '[' . $debugInfo[0]['file'] . ']' . 'line' . $debugInfo[0]["line"] . PHP_EOL;
file_put_contents($fileName . '-' . date("Y-m-d") . '.log', $message, FILE_APPEND);
}
// 判断返回的签名和根据数据生成的数据判断是否相同,防止数据泄漏导致出现“假通知”,造成资金损失。
function verifySign($params, $apikey = "c17FZND q71Tt9")
{
ksort($params);
$string = "";
foreach ($params as $k => $v) {
if ($k != "sign" && $v != "" && !is_array($v)) {
$string .= $k . "=" . $v . "&";
}
}
$string = $string . "key=" . $apikey;
$string = md5($string);
$result = strtoupper($string);
return $result;
}
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 在鹅厂做java开发是什么体验
· 百万级群聊的设计实践
· WPF到Web的无缝过渡:英雄联盟客户端的OpenSilver迁移实战
· 永远不要相信用户的输入:从 SQL 注入攻防看输入验证的重要性
· 浏览器原生「磁吸」效果!Anchor Positioning 锚点定位神器解析