1 year ago · b0d20d6f54
--- a/application/api/controller/Payios.php
+++ b/application/api/controller/Payios.php
@@ -143,13 +143,15 @@ class Payios extends Api
 
				         $original_transaction_id = input('original_transaction_id','','trim');
			
 
				         $receipt_data = input('apple_receipt', '', 'trim');
			
 
				         $transaction_id = input('transaction_id', '', 'trim');
			
 
				+        $out_trade_no = input('out_trade_no', '', 'trim');
			
 
				 
			
 
				         if (!$receipt_data || !$original_transaction_id || !$transaction_id) {
			
 
				             $this->error('缺少参数');
			
 
				         }
			
 
				 
			
 
				         filePut("\r\n\r\n".'新请求VIP订阅');
			
 
				-        $prefix = 'iosVIP订阅'.',传入original_transaction_id:'.$original_transaction_id.',传入transaction_id:'.$transaction_id.'。';
			
 
				+
			
 
				+        $prefix = 'iosVIP订阅登录user_id:'.$this->auth->id.',传入original_transaction_id:'.$original_transaction_id.',传入transaction_id:'.$transaction_id.'。';
			
 
				         filePut($prefix.'参数apple_receipt:'.$receipt_data);
			
 
				 
			
 
				         //检查重复订单
			
@@ -163,22 +165,10 @@ class Payios extends Api
 
				             $this->success('充值已完成');
			
 
				         }
			
 
				 
			
 
				-        Db::startTrans();
			
 
				-        //查找订单
			
 
				-        $order_map = [
			
 
				-            'original_transaction_id' => $original_transaction_id,
			
 
				-        ];
			
 
				-        $order_info = Db::name('user_vipxufei_task')->where($order_map)->order('expires_date_ms desc')->lock(true)->find();
			
 
				-        if (!$order_info) {
			
 
				-            Db::rollback();
			
 
				-            filePut($prefix.'不存在的订单');
			
 
				-            $this->error('不存在的订单');
			
 
				-        }
			
 
				 
			
 
				         // 验证支付状态
			
 
				         $result = $this->validate_apple_pay($receipt_data);
			
 
				         if (!$result['status']) {// 验证不通过
			
 
				-            Db::rollback();
			
 
				             filePut($prefix.'验证'.$result['message']);
			
 
				             $this->error($result['message']);
			
 
				         }
			
@@ -194,14 +184,26 @@ class Payios extends Api
 
				             }
			
 
				         }
			
 
				         if(empty($only_trans)){
			
 
				-            Db::rollback();
			
 
				             filePut($prefix.'未找到匹配的交易');
			
 
				             $this->error('未找到匹配的交易');
			
 
				         }
			
 
				 
			
 
				+        Db::startTrans();
			
 
				+        //查找订单，可能找到以前的，非当前用户的。根据原始id 和 用户id不是终生绑定
			
 
				+        $order_map = [
			
 
				+            'original_transaction_id' => $original_transaction_id,
			
 
				+        ];
			
 
				+        $order_info = Db::name('user_vipxufei_task')->where($order_map)->order('expires_date_ms desc')->lock(true)->find();
			
 
				+        if (!$order_info) {
			
 
				+            Db::rollback();
			
 
				+            filePut($prefix.'不存在的订单');
			
 
				+            $this->error('不存在的订单');
			
 
				+        }
			
 
				+
			
 
				         //续订，但是换了产品了,重新定义order_info
			
 
				+        //原始id换给别人用了
			
 
				         $order_info_bundle_id = $order_info['bundle_id'];
			
 
				-        if($only_trans['product_id'] != $order_info['bundle_id']){
			
 
				+        if($only_trans['product_id'] != $order_info['bundle_id'] || $order_info['user_id'] != $this->auth->id){
			
 
				 
			
 
				             $pay_order_map = [
			
 
				                 'user_id' => $this->auth->id,
			
@@ -365,25 +367,6 @@ class Payios extends Api
 
				             $this->error('未找到匹配的交易,产品id'.$order_info['bundle_id'].',原始交易id'.$transaction_id);
			
 
				         }
			
 
				 
			
 
				-        /*
			
 
				-        $count = count($result['data']['receipt']['in_app']);
			
 
				-        $use_count = $count - 1;
			
 
				-        $product_id = $result['data']['receipt']['in_app'][$use_count]['product_id'];
			
 
				-        $my_transaction_id = $result['data']['receipt']['in_app'][$use_count]['transaction_id'];
			
 
				-
			
 
				-        if($product_id != $order_info['bundle_id']){
			
 
				-            Db::rollback();
			
 
				-            filePut($prefix.'验证'.'非法请求，请立刻停止product_id:'.$product_id.'!='.$order_info['bundle_id']);
			
 
				-            $this->error('非法请求，请立刻停止，产品id错误');
			
 
				-        }
			
 
				-
			
 
				-        if($my_transaction_id != $transaction_id){
			
 
				-            Db::rollback();
			
 
				-            filePut($prefix.'验证'.'非法请求，请立刻停止transaction_id:'.$my_transaction_id.'!='.$transaction_id);
			
 
				-            $this->error('非法请求，请立刻停止，交易id错误');
			
 
				-        }*/
			
 
				-
			
 
				-
			
 
				         //逻辑开始
			
 
				         $args = json_decode($order_info['args'],true);
			
 
				         //先充值
			
@@ -524,13 +507,14 @@ class Payios extends Api
 
				     public function test(){
			
 
				         $a = input('apple_receipt');
			
 
				         $b = $this->validate_apple_pay($a);
			
 
				-        dump($b);
			
 
				+        echo json_encode($b);
			
 
				     }
			
 
				 
			
 
				     /**
			
 
				      * 验证AppStore内付
			
 
				      * @param string $receipt_data 付款后凭证
			
 
				      * @return array                验证是否成功
			
 
				+     * https://juejin.cn/post/7049626884765646884 报错代码
			
 
				      */
			
 
				     function validate_apple_pay($receipt_data = '') {
			
 
				         // 验证参数