www.gusucode.com > Ectouch手机端网购商城系统PHP版源码程序 > ectouch/plugins/payment/paypal.php
<?php
/**
* ECTouch Open Source Project
* ============================================================================
* Copyright (c) 2012-2014 http://ectouch.cn All rights reserved.
* ----------------------------------------------------------------------------
* 文件名称:paypal.php
* ----------------------------------------------------------------------------
* 功能描述:Paypal支付插件
* ----------------------------------------------------------------------------
* Licensed ( http://www.ectouch.cn/docs/license.txt )
* ----------------------------------------------------------------------------
*/
/* 访问控制 */
defined('IN_ECTOUCH') or die('Deny Access');
$payment_lang = ROOT_PATH . 'plugins/payment/language/' . C('lang') . '/' . basename(__FILE__);
if (file_exists($payment_lang)) {
include_once ($payment_lang);
L($_LANG);
}
/* 模块的基本信息 */
if (isset($set_modules) && $set_modules == TRUE)
{
$i = isset($modules) ? count($modules) : 0;
/* 代码 */
$modules[$i]['code'] = basename(__FILE__, '.php');
/* 描述对应的语言项 */
$modules[$i]['desc'] = 'paypal_desc';
/* 是否支持货到付款 */
$modules[$i]['is_cod'] = '0';
/* 是否支持在线支付 */
$modules[$i]['is_online'] = '1';
/* 作者 */
$modules[$i]['author'] = 'ECTOUCH TEAM';
/* 网址 */
$modules[$i]['website'] = 'http://www.paypal.com';
/* 版本号 */
$modules[$i]['version'] = '1.0.0';
/* 配置信息 */
$modules[$i]['config'] = array(
array('name' => 'paypal_account', 'type' => 'text', 'value' => ''),
array('name' => 'paypal_currency', 'type' => 'select', 'value' => 'USD')
);
return;
}
/**
* 类
*/
class paypal
{
/**
* 生成支付代码
* @param array $order 订单信息
* @param array $payment 支付方式信息
*/
function get_code($order, $payment)
{
$data_order_id = $order['log_id'];
$data_amount = $order['order_amount'];
$data_return_url = return_url(basename(__FILE__, '.php'), array('type'=>0));
$data_pay_account = $payment['paypal_account'];
$currency_code = $payment['paypal_currency'];
$data_notify_url = return_url(basename(__FILE__, '.php'), array('type'=>1));
$cancel_return = __URL__;
$def_url = '<br /><form style="text-align:center;" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">' . // 不能省略
"<input type='hidden' name='cmd' value='_xclick'>" . // 不能省略
"<input type='hidden' name='business' value='$data_pay_account'>" . // 贝宝帐号
"<input type='hidden' name='item_name' value='$order[order_sn]'>" . // payment for
"<input type='hidden' name='amount' value='$data_amount'>" . // 订单金额
"<input type='hidden' name='currency_code' value='$currency_code'>" . // 货币
"<input type='hidden' name='return' value='$data_return_url'>" . // 付款后页面
"<input type='hidden' name='invoice' value='$data_order_id'>" . // 订单号
"<input type='hidden' name='charset' value='utf-8'>" . // 字符集
"<input type='hidden' name='no_shipping' value='1'>" . // 不要求客户提供收货地址
"<input type='hidden' name='no_note' value=''>" . // 付款说明
"<input type='hidden' name='notify_url' value='$data_notify_url'>" .
"<input type='hidden' name='rm' value='2'>" .
"<input type='hidden' name='cancel_return' value='$cancel_return'>" .
"<input type='submit' value='" . L('paypal_button') . "' class='btn btn-info' style='padding:0.8rem'>" . // 按钮
"</form><br />";
return $def_url;
}
/**
* 响应操作
*/
function callback($data)
{
$payment = model('Payment')->get_payment($data['code']);
$merchant_id = $payment['paypal_account']; ///获取商户编号
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) ."\r\n\r\n";
$fp = stream_socket_client("tcp://www.paypal.com:80", $errno, $errstr, 5);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$order_sn = $_POST['invoice'];
$memo = !empty($_POST['memo']) ? $_POST['memo'] : '';
$action_note = $txn_id . '(' . L('paypal_txn_id') . ')' . $memo;
// check that txn_id has not been previously processed
$count = model('Base')->model->table('order_action')->where("action_note LIKE '" . mysql_like_quote($txn_id) . "%'")->count();
if($count > 0){
fclose($fp);
return true;
}
if ($fp) {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, 'VERIFIED') == 0) {
// check the payment_status is Completed
if ($payment_status != 'Completed' && $payment_status != 'Pending') {
fclose($fp);
return false;
}
// check that receiver_email is your Primary PayPal email
if ($receiver_email != $merchant_id) {
fclose($fp);
return false;
}
// check that payment_amount/payment_currency are correct
$order_amount = model('Base')->model->table('pay_log')->field('order_amount')->where("log_id = '$order_sn'")->getOne();
if ($order_amount != $payment_amount){
fclose($fp);
return false;
}
if ($payment['paypal_currency'] != $payment_currency) {
fclose($fp);
return false;
}
// process payment
model('Payment')->order_paid($order_sn, PS_PAYED, $action_note);
fclose($fp);
return true;
} elseif (strcmp($res, 'INVALID') == 0) {
// log for manual investigation
fclose($fp);
return false;
}
}
}else{
fclose($fp);
return false;
}
}
/**
* Paypal异步通知
*
* @return string
*/
public function notify($data)
{
$this->callback($data);
}
}
?>