PageRenderTime 61ms CodeModel.GetById 34ms app.highlight 22ms RepoModel.GetById 1ms app.codeStats 0ms

/alipay.php

https://bitbucket.org/johnroyer/phpwind8.7
PHP | 132 lines | 120 code | 11 blank | 1 comment | 46 complexity | 0612ae63ca0bf237d2b30898cd41f639 MD5 | raw file
  1<?php
  2require_once('global.php');
  3require_once(R_P.'require/posthost.php');
  4//* include_once pwCache::getPath(D_P.'data/bbscache/ol_config.php');
  5pwCache::getData(D_P.'data/bbscache/ol_config.php');
  6
  7S::gp(array('action','out_trade_no','trade_status','buyer_email','notify_id','extra_common_param'));
  8$ret_url = $extra_common_param ? getExtra($extra_common_param) : 'userpay.php';
  9!empty($_POST) && $_GET = $_POST;
 10$isPwPay = false;
 11
 12if ($action || empty($ol_alipaykey) || empty($ol_alipaypartnerID)) {
 13	$ol_alipaypartnerID = '2088301270630891';
 14	$isPwPay = true;
 15}
 16$veryfy_result2 = PostHost("http://notify.alipay.com/trade/notify_query.do","notify_id=$notify_id&partner=" . $ol_alipaypartnerID, 'POST');
 17
 18if ($isPwPay) {
 19	$url = '';
 20	foreach ($_GET as $key => $value) {
 21		if ($key <> 'action' && $value) {
 22			$url .= "$key=".urlencode($value)."&";
 23		}
 24	}
 25	$veryfy_result1 = PostHost("http://pay.phpwind.net/pay/alipay_notify.php", $url, 'POST');
 26} else {
 27	ksort($_GET);
 28	reset($_GET);
 29	$arg = '';
 30	foreach ($_GET as $key => $value) {
 31		if ($value && !in_array($key, array('action','sign','sign_type'))) {
 32			$value = str_replace('&#41;',')',$value);
 33			$arg .= "$key=$value&";
 34		}
 35	}
 36	$veryfy_result1 = ($_GET['sign'] == md5(substr($arg,0,-1).$ol_alipaykey)) ? 'true' : 'false';
 37}
 38if (!eregi("true$",$veryfy_result1) || !eregi("true$",$veryfy_result2)) {
 39	paymsg($ret_url,'alipay_failure','fail');
 40}
 41
 42if (empty($action)) {
 43
 44	if (!$ol_onlinepay) {
 45		Showmsg($ol_whycolse);
 46	}
 47	if (!$ol_payto) {
 48		Showmsg('olpay_seterror');
 49	}
 50	if (procLock('alipay',$winduid)) {
 51		$rt = $db->get_one('SELECT c.*,m.username,m.groupid,m.groups FROM pw_clientorder c LEFT JOIN pw_members m USING(uid) WHERE order_no=' . S::sqlEscape($out_trade_no));
 52		if (empty($rt)) {
 53			procUnLock('alipay',$winduid);
 54			paymsg($ret_url,'alipay_ordersfailure');
 55		}
 56		$fee = $rt['number'] * $rt['price'];
 57	
 58		if ($fee != $_GET['total_fee'] || $_GET['seller_email'] != $ol_payto) {
 59			procUnLock('alipay',$winduid);
 60			paymsg($ret_url,'alipay_failure');
 61		}
 62		if ($trade_status == 'TRADE_FINISHED' || $trade_status == 'TRADE_SUCCESS') {
 63			if ($rt['state'] == 2) {
 64				procUnLock('alipay',$winduid);
 65				paymsg($ret_url,'alipay_orderssuccess');
 66			}
 67	
 68			if (file_exists(R_P."require/olpay/pay_{$rt[type]}.php")) {
 69				require_once S::escapePath(R_P."require/olpay/pay_{$rt[type]}.php");
 70			}
 71			$db->update("UPDATE pw_clientorder SET payemail=" . S::sqlEscape($buyer_email) . ",state=2 WHERE order_no=" . S::sqlEscape($out_trade_no));
 72			procUnLock('alipay',$winduid);
 73			paymsg($ret_url,'alipay_orderssuccess');
 74		} else {
 75			procUnLock('alipay',$winduid);
 76			paymsg($ret_url,'alipay_topayfailure');
 77		}
 78	} else {
 79		Showmsg('proclock');
 80	}
 81} elseif ($action == 'trade') {
 82
 83	$rt = $db->get_one("SELECT tid,ifpay FROM pw_tradeorder WHERE order_no=".S::sqlEscape($out_trade_no));
 84
 85	if (empty($rt) || $rt['ifpay'] == '3') {
 86		paymsg('index.php','alipay_ordersfailure');
 87	}
 88	switch ($trade_status) {
 89		case 'WAIT_SELLER_SEND_GOODS':
 90			$db->update("UPDATE pw_tradeorder SET ifpay='1',tradedate=".S::sqlEscape($timestamp).",payment='2' WHERE order_no=".S::sqlEscape($out_trade_no));
 91			break;
 92		case 'WAIT_BUYER_CONFIRM_GOODS':
 93			$db->update("UPDATE pw_tradeorder SET ifpay='2',tradedate=".S::sqlEscape($timestamp)." WHERE order_no=".S::sqlEscape($out_trade_no));
 94			break;
 95		case 'TRADE_FINISHED':
 96			$db->update("UPDATE pw_tradeorder SET ifpay='3',tradedate=".S::sqlEscape($timestamp)." WHERE order_no=".S::sqlEscape($out_trade_no));
 97			$db->update("UPDATE pw_trade SET salenum=salenum+1 WHERE tid=".S::sqlEscape($rt['tid']));
 98			break;
 99		default:
100			$db->update("UPDATE pw_tradeorder SET ifpay='4',tradedate=".S::sqlEscape($timestamp)." WHERE order_no=".S::sqlEscape($out_trade_no));
101	}
102	paymsg('index.php','operate_success');
103} elseif ($action == 'pcalipay') {//團購、活動
104	list($pcmid) = explode('_',$out_trade_no);
105	$rt = $db->get_one("SELECT tid,ifpay FROM pw_pcmember WHERE pcmid=".S::sqlEscape($pcmid));
106
107	if (empty($rt) || $rt['ifpay'] == '1') {
108		paymsg("read.php?tid=$rt[tid]",'pcalipay_success');
109	}
110	if ($trade_status == 'WAIT_SELLER_SEND_GOODS') {
111		$db->update("UPDATE pw_pcmember SET ifpay=1 WHERE pcmid=".S::sqlEscape($pcmid));
112	}
113	paymsg("read.php?tid=$rt[tid]",'pcalipay_success');
114}
115
116function paymsg($url,$msg,$notify = 'success') {
117	if (empty($_POST)) {
118		refreshto($url,$msg);
119	}
120	exit($notify);
121}
122function getExtra($extra) {
123	$return = '';
124	$extra && $extra = explode('.',$extra);
125	if(S::isArray($extra)) {
126		foreach ($extra as $v) {
127			is_numeric($v) && $return .= chr($v);
128		}
129	}
130	return $return;
131}
132?>