www.gusucode.com > ecShop PHP网上商城系统 粉丝修复版 v2.7.3源码程序 > ecshop_xf_v2.7.3/includes/modules/payment/syl.php
<?php /** * ECSHOP 上海银联在线支付 * ============================================================================ * 版权所有 2005-2010 上海商派网络科技有限公司,并保留所有权利。 * 网站地址: http://www.ecshop.com; * ---------------------------------------------------------------------------- * 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和 * 使用;不允许对程序代码以任何形式任何目的的再发布。 * ============================================================================ * $Author: douqinghua $ * $Id: upop.php 17063 2010-03-25 06:35:46Z douqinghua $ */ if (!defined('IN_ECS')) { die('Hacking attempt'); } // 包含配置文件 $payment_lang = ROOT_PATH . 'languages/' .$GLOBALS['_CFG']['lang']. '/payment/syl.php'; if (file_exists($payment_lang)) { global $_LANG; include_once($payment_lang); } /* 模块的基本信息 */ if (isset($set_modules) && $set_modules == TRUE) { $i = isset($modules) ? count($modules) : 0; /* 代码 */ $modules[$i]['code'] = basename(__FILE__, '.php'); /* 描述对应的语言项 */ $modules[$i]['desc'] = 'syl_desc'; /* 是否支持货到付款 */ $modules[$i]['is_cod'] = '0'; /* 是否支持在线支付 */ $modules[$i]['is_online'] = '1'; /* 作者 */ $modules[$i]['author'] = 'ECSHOP TEAM'; /* 网址 */ $modules[$i]['website'] = 'http://www.ecshop.com'; /* 版本号 */ $modules[$i]['version'] = '1.0.0'; /* 配置信息 */ $modules[$i]['config'] = array( array('name' => 'syl_merAbbr', 'type' => 'text', 'value' => ''), //array('name' => 'upop_account', 'type' => 'text', 'value' => ''), //array('name' => 'upop_security_key', 'type' => 'text', 'value' => ''), ); return; } /** * 类 */ class syl { /** * 生成支付代码 * @param array $order 订单信息 * @param array $payment 支付方式信息 */ function config($payment) { define("PRI_KEY", ROOT_PATH."data/pay/".$payment['syl_merAbbr']); //公钥文件,示例中已经包含 define("PUB_KEY", "PgPubk.key"); //支付请求地址(测试) define("REQ_URL_PAY","http://payment.ChinaPay.com/pay/TransGet"); //支付请求地址(生产) //define("REQ_URL_PAY","https://payment.ChinaPay.com/pay/TransGet"); $this->site_url = $this->getSiteUrl(); include_once(ROOT_PATH."data/pay/netpayclient.php"); $merid = buildKey(PRI_KEY); return $merid; } function getSiteUrl(){ $host = $_SERVER[SERVER_NAME]; $port = ($_SERVER[SERVER_PORT]=="80")?"":":$_SERVER[SERVER_PORT]"; return "http://" . $host . $port . $this->getcwdOL(); } function getcwdOL() { $total = $_SERVER[PHP_SELF]; $file = explode("/", $total); $file = $file[sizeof($file)-1]; return substr($total, 0, strlen($total)-strlen($file)-1); } function get_code($order, $payment) { $merid=$this->config($payment); $ordid = "000" . $order['order_sn']; $transamt = padstr($order['order_amount'] * 100,12); $curyid = "156"; $transdate = date('Ymd'); $transtype = ""; $version = "20070129"; // //页面返回地址(您服务器上可访问的URL),最长80位,当用户完成支付后,银行页面会自动跳转到该页面,并POST订单结果信息,可选 // $pagereturl = "$site_url/netpayclient_order_feedback.php"; // //后台返回地址(您服务器上可访问的URL),最长80位,当用户完成支付后,我方服务器会POST订单结果信息到该页面,必填 // $bgreturl = "$site_url/netpayclient_order_feedback.php"; //$frontEndUrl = $GLOBALS['ecs']->url().'respond.php'; //$backEndUrl = $GLOBALS['ecs']->url().'respond.php'; $frontEndUrl = return_url(basename(__FILE__, '.php')); $backEndUrl = return_url(basename(__FILE__, '.php')); //支付网关号,4位,上线时建议留空,以跳转到银行列表页面由用户自由选择,本示例选用0001农商行网关便于测试,可选 $gateid = "0001"; //备注,最长60位,交易成功后会原样返回,可用于额外的订单跟踪等,可选 $priv1 = $order['log_id']; $plain = $merid . $ordid . $transamt . $curyid . $transdate . $transtype . $priv1; //生成签名值,必填 $this->chkvalue = sign($plain); $html = $this->create_html($merid , $ordid , $transamt , $curyid ,$transdate , $transtype , $order['log_id'],REQ_URL_PAY,$frontEndUrl); return $html; } function create_html($merid , $ordid , $transamt , $curyid ,$transdate , $transtype , $order_log_id,$act_url,$frontEndUrl) { $html = <<<eot <form action={$act_url} method="post" target="_blank"> <input type="hidden" name="MerId" value="{$merid}" /> <input type="hidden" name="Version" value="20070129" /> <input type="hidden" name="OrdId" value="{$ordid}" /> <input type="hidden" name="TransAmt" value="{$transamt}" /> <input type="hidden" name="CuryId" value="{$curyid}" /> <input type="hidden" name="TransDate" value="{$transdate}" /> <input type="hidden" name="TransType" value="{$transtype}" /> <input type="hidden" name="BgRetUrl" value="{$frontEndUrl}"/> <input type="hidden" name="PageRetUrl" value="{$frontEndUrl}"/> <input type="hidden" name="GateId" value=""/> <input type="hidden" name="Priv1" value="{$order_log_id}" /> <input type="hidden" name="ChkValue" value="{$this->chkvalue}" /> <input type="submit" value="支付"> </form> eot; return $html; } /** * 响应操作 $_REQUEST["Priv1"] 为 log_id */ function respond() { $payment = get_payment($_GET['code']); $merid=$this->config($payment); $flag = buildKey(PUB_KEY); //获取交易应答的各项值 $merid = $_REQUEST["merid"]; $orderno = $_REQUEST["orderno"]; $transdate = $_REQUEST["transdate"]; $amount = $_REQUEST["amount"]; $currencycode = $_REQUEST["currencycode"]; $transtype = $_REQUEST["transtype"]; $status = $_REQUEST["status"]; $checkvalue = $_REQUEST["checkvalue"]; $gateId = $_REQUEST["GateId"]; $priv1 = $_REQUEST["Priv1"]; $flag = verifyTransResponse($merid, $orderno, $amount, $currencycode, $transdate, $transtype, $status, $checkvalue); if( flag && $status == '1001') { // 检查价格是否一致 if (!check_money($priv1, $amount/100)) { return false; } order_paid($priv1, 2); return true; } else { return false; } } /** * 格式订单号 */ function _formatSN($sn) { return str_repeat('0', 9 - strlen($sn)) . $sn; } function sign($params,$security_key,$sign_method) { if (strtolower($sign_method) == "md5") { ksort($params); $sign_str = ""; $sign_ignore_params=array('bank','signMethod','signature'); foreach ($params as $key => $val) { if (in_array($key,$sign_ignore_params)) { continue; } $sign_str .= sprintf("%s=%s&", $key, $val); } return md5($sign_str . md5($security_key)); } else { exit("Unknown sign_method set in quickpay_conf"); } } } ?>