PageRenderTime 24ms CodeModel.GetById 34ms RepoModel.GetById 1ms app.codeStats 0ms

/alipay.php

https://bitbucket.org/johnroyer/phpwind8.7
PHP | 132 lines | 120 code | 11 blank | 1 comment | 46 complexity | 0612ae63ca0bf237d2b30898cd41f639 MD5 | raw file
    

  1. <?php

    2. 

  2. require_once('global.php');

    3. 

  3. require_once(R_P.'require/posthost.php');

    4. 

  4. //* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php');

    5. 

  5. pwCache::getData(D_P.'data/bbscache/ol_config.php');

    6. 

  6. 

    7. 

  7. S::gp(array('action','out_trade_no','trade_status','buyer_email','notify_id','extra_common_param'));

    8. 

  8. $ret_url = $extra_common_param ? getExtra($extra_common_param) : 'userpay.php';

    9. 

  9. !empty($_POST) && $_GET = $_POST;

    10. 

  10. $isPwPay = false;

    11. 

  11. 

    12. 

  12. if ($action || empty($ol_alipaykey) || empty($ol_alipaypartnerID)) {

    13. 

  13. 	$ol_alipaypartnerID = '2088301270630891';

    14. 

  14. 	$isPwPay = true;

    15. 

  15. }

    16. 

  16. $veryfy_result2 = PostHost("http://notify.alipay.com/trade/notify_query.do","notify_id=$notify_id&partner=" . $ol_alipaypartnerID, 'POST');

    17. 

  17. 

    18. 

  18. if ($isPwPay) {

    19. 

  19. 	$url = '';

    20. 

  20. 	foreach ($_GET as $key => $value) {

    21. 

  21. 		if ($key <> 'action' && $value) {

    22. 

  22. 			$url .= "$key=".urlencode($value)."&";

    23. 

  23. 		}

    24. 

  24. 	}

    25. 

  25. 	$veryfy_result1 = PostHost("http://pay.phpwind.net/pay/alipay_notify.php", $url, 'POST');

    26. 

  26. } else {

    27. 

  27. 	ksort($_GET);

    28. 

  28. 	reset($_GET);

    29. 

  29. 	$arg = '';

    30. 

  30. 	foreach ($_GET as $key => $value) {

    31. 

  31. 		if ($value && !in_array($key, array('action','sign','sign_type'))) {

    32. 

  32. 			$value = str_replace('&#41;',')',$value);

    33. 

  33. 			$arg .= "$key=$value&";

    34. 

  34. 		}

    35. 

  35. 	}

    36. 

  36. 	$veryfy_result1 = ($_GET['sign'] == md5(substr($arg,0,-1).$ol_alipaykey)) ? 'true' : 'false';

    37. 

  37. }

    38. 

  38. if (!eregi("true$",$veryfy_result1) || !eregi("true$",$veryfy_result2)) {

    39. 

  39. 	paymsg($ret_url,'alipay_failure','fail');

    40. 

  40. }

    41. 

  41. 

    42. 

  42. if (empty($action)) {

    43. 

  43. 

    44. 

  44. 	if (!$ol_onlinepay) {

    45. 

  45. 		Showmsg($ol_whycolse);

    46. 

  46. 	}

    47. 

  47. 	if (!$ol_payto) {

    48. 

  48. 		Showmsg('olpay_seterror');

    49. 

  49. 	}

    50. 

  50. 	if (procLock('alipay',$winduid)) {

    51. 

  51. 		$rt = $db->get_one('SELECT c.*,m.username,m.groupid,m.groups FROM pw_clientorder c LEFT JOIN pw_members m USING(uid) WHERE order_no=' . S::sqlEscape($out_trade_no));

    52. 

  52. 		if (empty($rt)) {

    53. 

  53. 			procUnLock('alipay',$winduid);

    54. 

  54. 			paymsg($ret_url,'alipay_ordersfailure');

    55. 

  55. 		}

    56. 

  56. 		$fee = $rt['number'] * $rt['price'];

    57. 

  57. 	

    58. 

  58. 		if ($fee != $_GET['total_fee'] || $_GET['seller_email'] != $ol_payto) {

    59. 

  59. 			procUnLock('alipay',$winduid);

    60. 

  60. 			paymsg($ret_url,'alipay_failure');

    61. 

  61. 		}

    62. 

  62. 		if ($trade_status == 'TRADE_FINISHED' || $trade_status == 'TRADE_SUCCESS') {

    63. 

  63. 			if ($rt['state'] == 2) {

    64. 

  64. 				procUnLock('alipay',$winduid);

    65. 

  65. 				paymsg($ret_url,'alipay_orderssuccess');

    66. 

  66. 			}

    67. 

  67. 	

    68. 

  68. 			if (file_exists(R_P."require/olpay/pay_{$rt[type]}.php")) {

    69. 

  69. 				require_once S::escapePath(R_P."require/olpay/pay_{$rt[type]}.php");

    70. 

  70. 			}

    71. 

  71. 			$db->update("UPDATE pw_clientorder SET payemail=" . S::sqlEscape($buyer_email) . ",state=2 WHERE order_no=" . S::sqlEscape($out_trade_no));

    72. 

  72. 			procUnLock('alipay',$winduid);

    73. 

  73. 			paymsg($ret_url,'alipay_orderssuccess');

    74. 

  74. 		} else {

    75. 

  75. 			procUnLock('alipay',$winduid);

    76. 

  76. 			paymsg($ret_url,'alipay_topayfailure');

    77. 

  77. 		}

    78. 

  78. 	} else {

    79. 

  79. 		Showmsg('proclock');

    80. 

  80. 	}

    81. 

  81. } elseif ($action == 'trade') {

    82. 

  82. 

    83. 

  83. 	$rt = $db->get_one("SELECT tid,ifpay FROM pw_tradeorder WHERE order_no=".S::sqlEscape($out_trade_no));

    84. 

  84. 

    85. 

  85. 	if (empty($rt) || $rt['ifpay'] == '3') {

    86. 

  86. 		paymsg('index.php','alipay_ordersfailure');

    87. 

  87. 	}

    88. 

  88. 	switch ($trade_status) {

    89. 

  89. 		case 'WAIT_SELLER_SEND_GOODS':

    90. 

  90. 			$db->update("UPDATE pw_tradeorder SET ifpay='1',tradedate=".S::sqlEscape($timestamp).",payment='2' WHERE order_no=".S::sqlEscape($out_trade_no));

    91. 

  91. 			break;

    92. 

  92. 		case 'WAIT_BUYER_CONFIRM_GOODS':

    93. 

  93. 			$db->update("UPDATE pw_tradeorder SET ifpay='2',tradedate=".S::sqlEscape($timestamp)." WHERE order_no=".S::sqlEscape($out_trade_no));

    94. 

  94. 			break;

    95. 

  95. 		case 'TRADE_FINISHED':

    96. 

  96. 			$db->update("UPDATE pw_tradeorder SET ifpay='3',tradedate=".S::sqlEscape($timestamp)." WHERE order_no=".S::sqlEscape($out_trade_no));

    97. 

  97. 			$db->update("UPDATE pw_trade SET salenum=salenum+1 WHERE tid=".S::sqlEscape($rt['tid']));

    98. 

  98. 			break;

    99. 

  99. 		default:

    100. 

  100. 			$db->update("UPDATE pw_tradeorder SET ifpay='4',tradedate=".S::sqlEscape($timestamp)." WHERE order_no=".S::sqlEscape($out_trade_no));

    101. 

  101. 	}

    102. 

  102. 	paymsg('index.php','operate_success');

    103. 

  103. } elseif ($action == 'pcalipay') {//團購、活動

    104. 

  104. 	list($pcmid) = explode('_',$out_trade_no);

    105. 

  105. 	$rt = $db->get_one("SELECT tid,ifpay FROM pw_pcmember WHERE pcmid=".S::sqlEscape($pcmid));

    106. 

  106. 

    107. 

  107. 	if (empty($rt) || $rt['ifpay'] == '1') {

    108. 

  108. 		paymsg("read.php?tid=$rt[tid]",'pcalipay_success');

    109. 

  109. 	}

    110. 

  110. 	if ($trade_status == 'WAIT_SELLER_SEND_GOODS') {

    111. 

  111. 		$db->update("UPDATE pw_pcmember SET ifpay=1 WHERE pcmid=".S::sqlEscape($pcmid));

    112. 

  112. 	}

    113. 

  113. 	paymsg("read.php?tid=$rt[tid]",'pcalipay_success');

    114. 

  114. }

    115. 

  115. 

    116. 

  116. function paymsg($url,$msg,$notify = 'success') {

    117. 

  117. 	if (empty($_POST)) {

    118. 

  118. 		refreshto($url,$msg);

    119. 

  119. 	}

    120. 

  120. 	exit($notify);

    121. 

  121. }

    122. 

  122. function getExtra($extra) {

    123. 

  123. 	$return = '';

    124. 

  124. 	$extra && $extra = explode('.',$extra);

    125. 

  125. 	if(S::isArray($extra)) {

    126. 

  126. 		foreach ($extra as $v) {

    127. 

  127. 			is_numeric($v) && $return .= chr($v);

    128. 

  128. 		}

    129. 

  129. 	}

    130. 

  130. 	return $return;

    131. 

  131. }

    132. 

  132. ?>
    133.