field('id,money,days,title,info,bundle_id,is_lianxu')->where('is_show',1)->order('weight asc,id asc')->select(); $data['vipconfig'] = $list; $data['vip_endtime'] = model('wallet')->getWallet($this->auth->id,'vip_endtime'); $data['is_vip'] = $data['vip_endtime'] > time() ? 1 : 0; $data['avatar'] = localpath_to_netpath($this->auth->avatar,['nickname'=>$this->auth->nickname],true); $this->success('success',$data); } //vip用的，创建订单 public function vip_recharge_ios(){ $rc_id = input('rc_id',0); $platform = 'app'; $uid = $this->auth->id; if(!$rc_id){ $this->error('请选择会员套餐'); } if(!$this->user_auth_limit()){ $this->error('请先完成实名认证'); } //赋值money $recharge_config = Db::name('payvip_config_ios')->where('id',$rc_id)->find(); $money = $recharge_config['money']; if($money<=0) { $this->error('支付金额必须大于0'); } if($money > 10000){ $this->error('支付金额太大'); } //创建订单 $data = []; $data['user_id'] = $uid; $data['out_trade_no'] = createUniqueNo('V',$uid); // 数据库订单号加密 $data['order_amount'] = $money; $data['createtime'] = time(); $data['pay_type'] = 'ios'; $data['platform'] = $platform; $data['order_status'] = 0; $data['table_name'] = 'vip_recharge'; $data['table_id'] = 0; $data['args'] = json_encode(['days'=>$recharge_config['days']]); $data['bundle_id'] = $recharge_config['bundle_id']; $orderid = Db::name('pay_order')->insertGetId($data); $this->success('success',$data['out_trade_no']); } //vip,苹果内购支付回调 //因前端不传入订单号，作废，且与gold_notify_iosnew 已完成合并 public function vip_notify_ios(){ //苹果内购的验证收据 $receipt_data = input('apple_receipt', '', 'trim'); $order_no = input('order_no', '', 'trim'); filePut('VIP ios充值:参数apple_receipt='.$receipt_data.',order_no='.$order_no); if (!$receipt_data || !$order_no) { $this->error('缺少参数'); } Db::startTrans(); // 查找订单 $order_info = Db::name('pay_order')->where(['out_trade_no' => $order_no])->lock(true)->find(); if (!$order_info) { Db::rollback(); filePut('VIP ios充值:订单丢失out_trade_no='.$order_no); $this->error('订单丢失'); } if ($order_info['order_status'] == 1) { Db::rollback(); $this->success('充值成功'); } // 验证支付状态 $result = $this->validate_apple_pay($receipt_data); if (!$result['status']) {// 验证不通过 Db::rollback(); filePut('VIP ios充值:验证out_trade_no='.$order_no.','.$result['message']); $this->error($result['message']); } $count = count($result['data']['receipt']['in_app']); $use_count = $count - 1; $args = json_decode($order_info['args'],true); if ($result['data']['receipt']['in_app'][$use_count]['product_id'] != $order_info['bundle_id']) { Db::rollback(); filePut('VIP ios充值:非法请求，请立刻停止out_trade_no='.$order_no.','.$result['message'].','.$result['data']['receipt']['in_app'][$use_count]['product_id'].'!='.$order_info['bundle_id']); $this->error('非法请求，请立刻停止'); } //逻辑开始 //先充值 $user_info = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->lock(true)->find(); if($user_info['vip_endtime'] < time()){ //过期了 $vip_endtime = time() + (intval($args['days']) * 86400); }else{ //追加vip $vip_endtime = $user_info['vip_endtime'] + (intval($args['days']) * 86400); } $update_data = [ 'vip_endtime'=>$vip_endtime, ]; $result = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->update($update_data); if($result === false) { Db::rollback(); filePut('VIP ios充值:验证out_trade_no='.$order_no.',逻辑续费vip时间失败'); $this->error('充值失败'); } // 修改订单状态 $ros = Db::name('pay_order')->where(['out_trade_no' => $order_no])->update(['order_status'=>1,'notifytime'=>time()]); if($ros === false) { filePut('VIP ios充值:充值失败out_trade_no='.$order_no.','.$result['message'].','.'修改订单状态失败'); Db::rollback(); $this->error('充值失败'); } Db::commit(); $this->success('充值成功'); //逻辑结束 } //////////////////////////////// //金币充值 public function gold_config_ios(){ $list = Db::name('paygold_webcon_ios')->field('id,money,gold,bundle_id')->where('is_show',1)->order('weigh asc,id asc')->select(); $data['goldconfig'] = $list; $wallet = model('wallet')->getWallet($this->auth->id); $data['wallet'] = $wallet; $data['money_to_gold'] = config('site.money_to_gold'); $this->success('success',$data); } //充值金币 创建订单 public function gold_recharge_ios(){ $rc_id = input_post('rc_id',0); $pay_type = 'ios'; $platform = 'app'; $uid = $this->auth->id; if(!$rc_id){ $this->error('请选择充值金额'); } if(!$this->user_auth_limit()){ $this->error('请先完成实名认证'); } //赋值money $recharge_config = Db::name('paygold_webcon_ios')->where('id',$rc_id)->find(); $money = $recharge_config['money'] ?: 0; $gold = $recharge_config['gold'] ?: 0; // if($money<=0) { $this->error('支付金额必须大于0'); } if($money > 10000){ $this->error('支付金额太大'); } //创建订单 $data['user_id'] = $uid; $data['out_trade_no'] = createUniqueNo('P',$uid); // 数据库订单号加密 $data['order_amount'] = $money; $data['createtime'] = time(); $data['pay_type'] = $pay_type; $data['platform'] = $platform; $data['order_status'] = 0; $data['table_name'] = 'gold_recharge'; $data['table_id'] = 0; $data['args'] = json_encode(['gold'=>$gold]); $data['bundle_id'] = $recharge_config['bundle_id']; $orderid = Db::name('pay_order')->insertGetId($data); $this->success('success',$data['out_trade_no']); } //金币+vip,苹果内购支付回调，app请求的接口 public function gold_notify_iosnew(){ //苹果内购的验证收据 $receipt_data = input('apple_receipt', '', 'trim'); $out_trade_no = input('out_trade_no', '', 'trim'); $transaction_id = input('transaction_id', '', 'trim'); if (!$receipt_data || !$out_trade_no || !$transaction_id) { $this->error('缺少参数'); } filePut("\r\n\r\n".'新请求'); $prefix = 'ios充值,登录user_id:'.$this->auth->id.',out_trade_no:'.$out_trade_no.',传入transaction_id:'.$transaction_id.'。'; filePut($prefix.'参数apple_receipt:'.$receipt_data); Db::startTrans(); // 查找订单 $order_map = [ // 'user_id' => $this->auth->id, 'out_trade_no' => $out_trade_no, ]; $order_info = Db::name('pay_order')->where($order_map)->lock(true)->find(); if (!$order_info) { Db::rollback(); filePut($prefix.'不存在的订单'); $this->error('不存在的订单'); } if ($order_info['order_status'] == 1) { Db::rollback(); filePut($prefix.'充值早已完成'); $this->success('充值已完成'); } // 验证支付状态 $result = $this->validate_apple_pay($receipt_data); if (!$result['status']) {// 验证不通过 Db::rollback(); filePut($prefix.'验证'.$result['message']); $this->error($result['message']); } $in_app = $result['data']['receipt']['in_app']; $only_trans = []; foreach($in_app as $key => $trans){ if($trans['transaction_id'] == $transaction_id && $trans['product_id'] == $order_info['bundle_id']){ $only_trans = $trans; } } if(empty($only_trans)){ Db::rollback(); filePut($prefix.'未找到匹配的交易,产品id'.$order_info['bundle_id'].',交易id'.$transaction_id); $this->error('未找到匹配的交易,产品id'.$order_info['bundle_id'].',交易id'.$transaction_id); } /* $count = count($result['data']['receipt']['in_app']); $use_count = $count - 1; $product_id = $result['data']['receipt']['in_app'][$use_count]['product_id']; $my_transaction_id = $result['data']['receipt']['in_app'][$use_count]['transaction_id']; if($product_id != $order_info['bundle_id']){ Db::rollback(); filePut($prefix.'验证'.'非法请求，请立刻停止product_id:'.$product_id.'!='.$order_info['bundle_id']); $this->error('非法请求，请立刻停止，产品id错误'); } if($my_transaction_id != $transaction_id){ Db::rollback(); filePut($prefix.'验证'.'非法请求，请立刻停止transaction_id:'.$my_transaction_id.'!='.$transaction_id); $this->error('非法请求，请立刻停止，交易id错误'); }*/ //逻辑开始 $args = json_decode($order_info['args'],true); //先充值 if($order_info['table_name'] == 'gold_recharge'){ $result = model('Wallet')->lockChangeAccountRemain($order_info['user_id'],'gold',$args['gold'],10, '金币充值','pay_order',$order_info['id']); if($result['status']===false) { filePut($prefix.'逻辑添加金币失败'); Db::rollback(); $this->error('充值失败'); } } //先充值 if($order_info['table_name'] == 'vip_recharge'){ $user_info = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->lock(true)->find(); if($user_info['vip_endtime'] < time()){ //过期了 $vip_endtime = time() + (intval($args['days']) * 86400); }else{ //追加vip $vip_endtime = $user_info['vip_endtime'] + (intval($args['days']) * 86400); } $update_data = [ 'vip_endtime'=>$vip_endtime, ]; $result = Db::name('user_wallet')->where('user_id',$order_info['user_id'])->update($update_data); if($result === false) { filePut($prefix.'逻辑续费vip时间失败'); Db::rollback(); $this->error('充值失败'); } } // 修改订单状态 $ros = Db::name('pay_order')->where(['id' => $order_info['id']])->update(['order_status'=>1,'transaction_id' => $transaction_id,'notifytime'=>time()]); if($ros === false) { filePut($prefix.'修改订单状态失败'); Db::rollback(); $this->error('充值失败'); } Db::commit(); filePut($prefix.'充值成功'); $this->success('充值成功'); //逻辑结束 } //因前端不传入订单号，作废 public function gold_notify_ios(){ //苹果内购的验证收据 $receipt_data = input('apple_receipt', '', 'trim'); $order_no = input('order_no', '', 'trim'); filePut('金币 ios充值:参数apple_receipt='.$receipt_data.',order_no='.$order_no); if (!$receipt_data || !$order_no) { $this->error('缺少参数'); } Db::startTrans(); // 查找订单 $order_info = Db::name('pay_order')->where(['out_trade_no' => $order_no])->lock(true)->find(); if (!$order_info) { Db::rollback(); filePut('金币 ios充值:订单丢失out_trade_no='.$order_no); $this->error('订单丢失'); } if ($order_info['order_status'] == 1) { Db::rollback(); $this->success('充值成功'); } // 验证支付状态 $result = $this->validate_apple_pay($receipt_data); if (!$result['status']) {// 验证不通过 Db::rollback(); filePut('金币 ios充值:验证out_trade_no='.$order_no.','.$result['message']); $this->error($result['message']); } $count = count($result['data']['receipt']['in_app']); $use_count = $count - 1; $args = json_decode($order_info['args'],true); if ($result['data']['receipt']['in_app'][$use_count]['product_id'] != $order_info['bundle_id']) { Db::rollback(); filePut('金币 ios充值:非法请求，请立刻停止out_trade_no='.$order_no.','.$result['message'].','.$result['data']['receipt']['in_app'][$use_count]['product_id'].'!='.$order_info['bundle_id']); $this->error('非法请求，请立刻停止'); } //逻辑开始 //先充值 $result = model('Wallet')->lockChangeAccountRemain($order_info['user_id'],'gold',$args['gold'],10, '金币充值','pay_order',$order_info['id']); if($result['status']===false) { filePut('金币 ios充值:验证out_trade_no='.$order_no.',逻辑添加金币失败'); Db::rollback(); return false; } // 修改订单状态 $ros = Db::name('pay_order')->where(['out_trade_no' => $order_no])->update(['order_status'=>1,'notifytime'=>time()]); if($ros === false) { filePut('金币 ios充值:充值失败out_trade_no='.$order_no.','.$result['message'].','.'修改订单状态失败'); Db::rollback(); $this->error('充值失败'); } Db::commit(); $this->success('充值成功'); //逻辑结束 } //////////////////////////////////// //苹果自动扣费回调 public function auto_renewal_vip_notify(){ $this->notify_log_start('ios'); } /////////////////////////////////////////////////////////////////////////////////////////////// //异步日志 private function notify_log_start($paytype = 'ios'){ //记录支付回调数据 ignore_user_abort(); // run script in background set_time_limit(30); // 日志文件 start $log_base_dir = '../paylog/'.$paytype.'/'; if (!is_dir($log_base_dir)) { mkdir($log_base_dir, 0770, true); @chmod($log_base_dir, 0770); } $notify_file = $log_base_dir.'notify.txt'; if(!file_exists($notify_file)) { @touch($notify_file); @chmod($notify_file, 0770); } if(filesize($notify_file)>5242880)//大于5M自动切换 { rename($notify_file, $log_base_dir.'notify_'.date('Y_m_d_H_i_s').'.txt'); } if(!file_exists($notify_file)) { @touch($notify_file); @chmod($notify_file, 0770); } // 日志文件 end //开始写入 $_REQUEST = isset($_REQUEST) ? $_REQUEST : array(); if($_REQUEST && $paytype == 'alipay') { file_put_contents($notify_file, "\r\n\r\n".date('Y-m-d H:i:s')." [notify][入口接收request]".json_encode($_REQUEST), FILE_APPEND); } else { $xml = file_get_contents("php://input"); file_put_contents($notify_file, "\r\n\r\n".date('Y-m-d H:i:s')." [notify][入口接收php://input流原始数据] \n".$xml, FILE_APPEND); $xmlObj = simplexml_load_string($xml, 'SimpleXMLElement', LIBXML_NOCDATA); file_put_contents($notify_file, "\r\n\r\n".date('Y-m-d H:i:s')." [notify][入口接收php://input流] ".json_encode($xmlObj), FILE_APPEND); } ini_set('display_errors','On'); return $notify_file; } /** * 验证AppStore内付 * @param string $receipt_data 付款后凭证 * @return array 验证是否成功 */ function validate_apple_pay($receipt_data = '') { // 验证参数 if (strlen($receipt_data) < 20) { $result = array( 'status' => false, 'message' => '非法参数' ); return $result; } // 请求验证 $html = $this->curl($receipt_data); $data = json_decode($html, true); $data['sandbox'] = '0'; // p($data);die; if ($data['status'] == '21002') { $result = array( 'status' => false, 'message' => 'status:21002' ); return $result; } // 如果是沙盒数据 则验证沙盒模式 21008;正式数据 21007 if ($data['status'] == '21007') { // 请求验证 $html = $this->curl($receipt_data, 1); $data = json_decode($html, true); $data['sandbox'] = '1'; } if (isset($_GET['debug'])) { exit(json_encode($data)); } if ($data['receipt']['bundle_id'] != 'com.huxiu.tken') { $result = array( 'status' => false, 'message' => '非法请求', 'data' => $data ); return $result; } // 判断是否购买成功 if (intval($data['status']) === 0) { $result = array( 'status' => true, 'message' => '购买成功', 'data' => $data ); } else { $result = array( 'status' => false, 'message' => '购买失败 status:' . $data['status'] ); } return $result; } /** * 0 票据校验成功 * 21000 App Store不能读取你提供的JSON对象25 * 21002 receipt-data域的数据有问题 * 21003 receipt无法通过验证 * 21004 提供的shared secret不匹配你账号中的shared secret * 21005 receipt服务器当前不可用 * 21006 receipt合法，但是订阅已过期。服务器接收到这个状态码时，receipt数据仍然会解码并一起发送 * 21007 receipt是Sandbox receipt，但却发送至生产系统的验证服务 * 21008 receipt是生产receipt，但却发送至Sandbox环境的验证服务 */ //苹果也是建议这个校验逻辑由服务端完成。服务器需要先去请求正式环境。如果receipt是正式环境的，那么这个时候苹果会返回（21007）告诉我们这个是沙盒的receipt，那么服务器再去请求sandbox环境。 function curl($receipt_data,$sandbox = 0) { //小票信息 $POSTFIELDS = [ 'receipt-data' => $receipt_data, 'password' => 'd6c4cae953804133b40e44418dce2afb' ]; $POSTFIELDS = json_encode($POSTFIELDS, 320); //正式购买地址 沙盒购买地址 $url_buy = "https://buy.itunes.apple.com/verifyReceipt"; $url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt"; //默认后台控制 if (config('site.ios_pay_sandbox') > 0 ) { $url = $url_buy; } else { $url = $url_sandbox; } //强制沙盒 if($sandbox == 1){ $url = $url_sandbox; } $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $POSTFIELDS); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //这两行一定要加，不加会报SSL 错误 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); $response = curl_exec($ch); $errno = curl_errno($ch); curl_close($ch); if ($errno != 0) { return $errno; } else { return $response; } } }