Wxpay.php 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333
  1. <?php
  2. namespace app\common\library;
  3. class WxPay {
  4. /**
  5. * 初始化参数
  6. *
  7. * @param array $options
  8. * @param $options ['app_id'] APPID:绑定支付的APPID(必须配置,开户邮件中可查看)
  9. * @param $options ['mch_id'] MCHID:商户号(必须配置,开户邮件中可查看)
  10. * @param $options ['key'] KEY:商户支付密钥,参考开户邮件设置(必须配置,登录商户平台自行设置)
  11. * @param $options ['appsecret'] 公众帐号secert(仅JSAPI支付的时候需要配置),
  12. * @param $options ['notify_url'] 支付宝回调地址
  13. */
  14. public function __construct($options = array()) {
  15. $this->config = !empty($options) ? $options : get_addon_config('epay')['wechat'];
  16. }
  17. /**
  18. * 微信支付App
  19. * @param string $data 业务参数 body out_trade_no total_fee
  20. * @param string $data ['out_trade_no'] 订单号 必填
  21. * @param string $data ['total_fee'] 订单金额 必填
  22. * @param string $data ['body'] 订单详情 必填
  23. * @return $response 返回app所需字符串
  24. */
  25. public function WxPayApp($d) {
  26. $wxConfig = $this->config;
  27. $out_trade_no = $d['out_trade_no'];
  28. $total_fee = abs(floatval($d['total_fee'])) * 100;// 微信支付 单位为分
  29. $nonce_str = $this->getRandChar(32);
  30. $ip = $this->get_client_ip();
  31. if ($ip == '::1')
  32. $ip = '1.1.1.1';
  33. $data ["appid"] = $wxConfig["app_id"];
  34. $data ["body"] = $d['body'];
  35. $data ["mch_id"] = $wxConfig['mch_id'];
  36. $data ["nonce_str"] = $nonce_str;
  37. $data ["notify_url"] = $wxConfig["notify_url"];
  38. $data ["out_trade_no"] = $out_trade_no;
  39. $data ["spbill_create_ip"] = $ip;
  40. $data ["total_fee"] = $total_fee;
  41. $data ["trade_type"] = "APP";
  42. $data['time_expire'] = date('YmdHis', time() + 120);
  43. $s = $this->getSign($data);
  44. $data ["sign"] = $s;
  45. $xml = $this->arrayToXml($data);
  46. $url = 'https://api.mch.weixin.qq.com/pay/unifiedorder';
  47. $response = $this->postXmlCurl($xml, $url);
  48. $re = $this->xmlstr_to_array($response);
  49. if ($re ['return_code'] == 'FAIL') {
  50. return $re['return_msg'];
  51. }
  52. // 二次签名
  53. $reapp = $this->getOrder($re['prepay_id']);
  54. return $reapp;
  55. }
  56. /**
  57. * 微信App支付退款申请
  58. * @param array $d 业务参数 body out_trade_no total_fee
  59. * @param string $data ['out_trade_no'] 订单号 必填
  60. * @param string $data ['total_fee'] 订单金额 必填
  61. * @return $response 返回app所需字符串
  62. */
  63. public function WxPayRefund($order_data) {
  64. $wxConfig = get_addon_config('epay')['wechat'];
  65. $data['appid'] = $wxConfig['app_id'];
  66. $data['mch_id'] = $wxConfig['mch_id'];
  67. $data['nonce_str'] = $this->getRandChar(32);;
  68. if (isset($wxConfig['refund_notify'])) {
  69. $data['notify_url'] = $wxConfig['refund_notify'];
  70. }
  71. $data['out_trade_no'] = $order_data['out_trade_no'];
  72. $data['out_refund_no'] = $order_data['out_refund_no'];
  73. $data['total_fee'] = $order_data['total_fee'];
  74. $data['refund_fee'] = $order_data['refund_fee'];
  75. $data['refund_desc'] = $order_data['refund_desc'];
  76. $data['sign'] = $this->getSign($data);
  77. $xml = $this->arrayToXml($data);
  78. $url = 'https://api.mch.weixin.qq.com/secapi/pay/refund';
  79. $response = $this->postXmlCurl($xml, $url);
  80. $re = $this->xmlstr_to_array($response);
  81. /*if ($re ['return_code'] == 'FAIL') {
  82. return $re['return_msg'];
  83. }*/
  84. return $re;
  85. }
  86. /**
  87. * 微信退款通知
  88. * @return array 验证正确返回状态及订单数据
  89. */
  90. public function WxPayRefundNotifyCheck() {
  91. $postStr = $GLOBALS['HTTP_RAW_POST_DATA'];
  92. if (!$postStr) {
  93. $postStr = file_get_contents("php://input");
  94. }
  95. $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
  96. if ($postObj === false) {
  97. error_log('parse xml error', 3, './wechat_errorlog.txt');
  98. }
  99. if ($postObj->return_code != 'SUCCESS') {
  100. error_log($postObj->return_msg, 3, './wechat_errorlog.txt');
  101. }
  102. $arr = (array)$postObj;
  103. file_put_contents('wx_refund_error_logs.txt', date('Y-m-d H:i:s').'退款数据1!'.json_encode($arr), FILE_APPEND);
  104. if($arr['return_code'] == 'SUCCESS') {
  105. $wxConfig = $this->config;
  106. //解密信息
  107. require_once("Plugins/WxPay/OpenSSLAES.php");
  108. $aes = new \OpenSSLAES(md5($wxConfig['key']));
  109. $decrypted = $aes->decrypt($arr['req_info']);
  110. $reqObj = simplexml_load_string($decrypted, 'SimpleXMLElement', LIBXML_NOCDATA);
  111. $arr['req_info'] = (array)$reqObj;
  112. file_put_contents('wx_refund_error_logs.txt', date('Y-m-d H:i:s').'退款数据2!'.json_encode($arr), FILE_APPEND);
  113. return array('status' => true, 'data' => $arr);
  114. }
  115. return array('status' => false);
  116. }
  117. /**
  118. * 微信签名验证
  119. * @param string $data 业务参数
  120. * @return array
  121. */
  122. public function WxPayNotifyCheck() {
  123. $postStr = $GLOBALS['HTTP_RAW_POST_DATA'];
  124. if(!$postStr){
  125. $postStr = file_get_contents("php://input");
  126. }
  127. $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
  128. if ($postObj === false) {
  129. error_log('parse xml error', 3, './wechat_errorlog.txt');
  130. }
  131. if ($postObj->return_code != 'SUCCESS') {
  132. error_log($postObj->return_msg, 3, './wechat_errorlog.txt');
  133. }
  134. $arr = (array)$postObj;
  135. unset($arr['sign']);
  136. if ($this->getSign($arr) == $postObj->sign) {
  137. return array('status' => true, 'data' => $arr);
  138. } else
  139. return array('status' => false);
  140. }
  141. /**
  142. * 以下为微信所需相关方法,请勿修改
  143. */
  144. // 执行第二次签名,才能返回给客户端使用
  145. public function getOrder($prepayId) {
  146. $data ["appid"] = $this->config ["app_id"];
  147. $data ["noncestr"] = $this->getRandChar(32);
  148. $data ["package"] = "Sign=WXPay";
  149. $data ["partnerid"] = $this->config ['mch_id'];
  150. $data ["prepayid"] = $prepayId;
  151. $data ["timestamp"] = time();
  152. $s = $this->getSign($data);
  153. $data ["sign"] = $s;
  154. return $data;
  155. }
  156. //生成签名
  157. function getSign($Obj) {
  158. foreach ($Obj as $k => $v) {
  159. $Parameters [strtolower($k)] = $v;
  160. }
  161. // 签名步骤一:按字典序排序参数
  162. ksort($Parameters);
  163. $String = $this->formatBizQueryParaMap($Parameters, false);
  164. // echo "【string】 =".$String."</br>";
  165. // 签名步骤二:在string后加入KEY
  166. $String = $String . "&key=" . $this->config ['key'];
  167. // echo "<textarea style='width: 50%; height: 150px;'>$String</textarea> <br />";
  168. // 签名步骤三:MD5加密
  169. $result_ = strtoupper(md5($String));
  170. return $result_;
  171. }
  172. // 获取指定长度的随机字符串
  173. function getRandChar($length) {
  174. $str = null;
  175. $strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
  176. $max = strlen($strPol) - 1;
  177. for ($i = 0; $i < $length; $i++) {
  178. $str .= $strPol [rand(0, $max)]; // rand($min,$max)生成介于min和max两个数之间的一个随机整数
  179. }
  180. return $str;
  181. }
  182. // 数组转xml
  183. function arrayToXml($arr) {
  184. $xml = "<xml>";
  185. foreach ($arr as $key => $val) {
  186. if (is_numeric($val)) {
  187. $xml .= "<" . $key . ">" . $val . "</" . $key . ">";
  188. } else
  189. $xml .= "<" . $key . "><![CDATA[" . $val . "]]></" . $key . ">";
  190. }
  191. $xml .= "</xml>";
  192. return $xml;
  193. }
  194. // post https请求,CURLOPT_POSTFIELDS xml格式
  195. function postXmlCurl($xml, $url, $second = 30) {
  196. // 初始化curl
  197. $ch = curl_init();
  198. // 超时时间
  199. curl_setopt($ch, CURLOPT_TIMEOUT, $second);
  200. // 这里设置代理,如果有的话
  201. // curl_setopt($ch,CURLOPT_PROXY, '8.8.8.8');
  202. // curl_setopt($ch,CURLOPT_PROXYPORT, 8080);
  203. curl_setopt($ch, CURLOPT_URL, $url);
  204. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
  205. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
  206. // 设置header
  207. curl_setopt($ch, CURLOPT_HEADER, FALSE);
  208. // 要求结果为字符串且输出到屏幕上
  209. curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
  210. // post提交方式
  211. curl_setopt($ch, CURLOPT_POST, TRUE);
  212. curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
  213. // 证书
  214. curl_setopt($ch, CURLOPT_SSLKEY, APP_PATH . '../addons/epay/certs/apiclient_key.pem');
  215. curl_setopt($ch, CURLOPT_SSLCERT, APP_PATH . '../addons/epay/certs/apiclient_cert.pem');
  216. // 运行curl
  217. $data = curl_exec($ch);
  218. // 返回结果
  219. if ($data) {
  220. curl_close($ch);
  221. return $data;
  222. } else {
  223. $error = curl_errno($ch);
  224. echo "curl出错,错误码:$error" . "<br>";
  225. echo "<a href='http://curl.haxx.se/libcurl/c/libcurl-errors.html'>错误原因查询</a></br>";
  226. curl_close($ch);
  227. return false;
  228. }
  229. }
  230. //获取当前服务器的IP
  231. function get_client_ip() {
  232. if ($_SERVER ['REMOTE_ADDR']) {
  233. $cip = $_SERVER ['REMOTE_ADDR'];
  234. } elseif (getenv("REMOTE_ADDR")) {
  235. $cip = getenv("REMOTE_ADDR");
  236. } elseif (getenv("HTTP_CLIENT_IP")) {
  237. $cip = getenv("HTTP_CLIENT_IP");
  238. } else {
  239. $cip = "unknown";
  240. }
  241. return $cip;
  242. }
  243. // 将数组转成uri字符串
  244. function formatBizQueryParaMap($paraMap, $urlencode) {
  245. $buff = "";
  246. ksort($paraMap);
  247. foreach ($paraMap as $k => $v) {
  248. if ($urlencode) {
  249. $v = urlencode($v);
  250. }
  251. $buff .= strtolower($k) . "=" . $v . "&";
  252. }
  253. if (strlen($buff) > 0) {
  254. $reqPar = substr($buff, 0, strlen($buff) - 1);
  255. }
  256. return $reqPar;
  257. }
  258. //xml转成数组
  259. function xmlstr_to_array($xmlstr) {
  260. $doc = new \DOMDocument ();
  261. $doc->loadXML($xmlstr);
  262. return $this->domnode_to_array($doc->documentElement);
  263. }
  264. //dom转成数组
  265. function domnode_to_array($node) {
  266. $output = array();
  267. switch ($node->nodeType) {
  268. case XML_CDATA_SECTION_NODE :
  269. case XML_TEXT_NODE :
  270. $output = trim($node->textContent);
  271. break;
  272. case XML_ELEMENT_NODE :
  273. for ($i = 0, $m = $node->childNodes->length; $i < $m; $i++) {
  274. $child = $node->childNodes->item($i);
  275. $v = $this->domnode_to_array($child);
  276. if (isset ($child->tagName)) {
  277. $t = $child->tagName;
  278. if (!isset ($output [$t])) {
  279. $output [$t] = array();
  280. }
  281. $output [$t] [] = $v;
  282. } elseif ($v) {
  283. $output = ( string )$v;
  284. }
  285. }
  286. if (is_array($output)) {
  287. if ($node->attributes->length) {
  288. $a = array();
  289. foreach ($node->attributes as $attrName => $attrNode) {
  290. $a [$attrName] = ( string )$attrNode->value;
  291. }
  292. $output ['@attributes'] = $a;
  293. }
  294. foreach ($output as $t => $v) {
  295. if (is_array($v) && count($v) == 1 && $t != '@attributes') {
  296. $output [$t] = $v [0];
  297. }
  298. }
  299. }
  300. break;
  301. }
  302. return $output;
  303. }
  304. }