add to local

core/framework/core/base.php

@@ -13,9 +13,6 @@ final class Base
 {
 	const CPURL = '';
 
-	/**
-	 * init
-	 */
 	public static function init() 
 	{
 	    global $setting_config;     

data/api/cmbpay/Cmb.class.php

@@ -17,7 +17,6 @@ class Cmb
         $this->config = self::config();
     }
 
-
     static public function config()
     {
         return array(

helper/fcgi_server.php

@@ -50,37 +50,56 @@ class fcgi_server
         }
     }
 
+    private function clear_global()
+    {
+        foreach($_SESSION as $key=>$value) {
+            unset($_SESSION[$key]);
+        }
+        foreach($_COOKIE as $key=>$value) {
+            unset($_COOKIE[$key]);
+        }
+        foreach($_POST as $key => $value) {
+            unset($_POST[$key]);
+        }
+        foreach($_GET as $key => $value) {
+            unset($_GET[$key]);
+        }
+    }
+
     public function run_looper()
     {
         //载入敏感词词库
         DFAFilter::instance();
-
         require_once(BASE_ROOT_PATH.'/mobile/index.php');
         Base::mobile_init();
 
         while(($ret = fcgi_accept()) >= 0)
         {
+            $this->clear_global();
             ob_start();
             performance_helper::clear();
             http_header::instance()->start();
+
             try
             {
                 Log::start_sql_log();
-
                 Log::record("req_uri = " . request_helper::req_uri(),Log::DEBUG);
-                $this->parase_requri();
-                init_request();
-                init_cookie($_SERVER['HTTP_COOKIE']);
-                session::instance()->start();
 
                 $file = request_helper::script_file();
                 if(file_exists($file))
                 {
-                    if(self::is_exclude($file)) {
+                    if(self::is_exclude($file))
+                    {
+                        $this->parase_requri();
+                        init_request();
+
                         include $file;
                     }
                     else
                     {
+                        $this->parase_requri();
+                        init_request();
+                        init_cookie($_SERVER['HTTP_COOKIE']);
                         fcgi_header("Content-Type: text/html; charset=UTF-8");
 
                         if(!array_key_exists('act',$_GET)) {
@@ -97,6 +116,7 @@ class fcgi_server
                         }
 
                         Base::mobile_control();
+
                     }
                 }
                 else
@@ -109,12 +129,11 @@ class fcgi_server
                 mobileControl::outerr($ex->getCode(),$ex->getMessage());
             }
 
+            session::instance()->end();
+
             fcgi_headers_sent();
             $contents = ob_get_clean();
             fcgi_echo($contents);
-            //Log::record("return msg={$contents}",Log::DEBUG);
-            
-            session::instance()->end();
             fcgi_finish();
         }
 

helper/pay/cmbpay.php

@@ -12,6 +12,117 @@ require_once (BASE_DATA_PATH . "/api/cmbpay/Cmb.class.php");
 
 use \Cmb;
 
+class NotifyData
+{
+    private $mParam;
+    public function __construct($param)
+    {
+        $this->mParam = $param;
+    }
+    private function success()
+    {
+        return ($this->mParam['Succeed'] =='Y');
+    }
+
+    private function filter_param($param)
+    {
+        $filter = [];
+        foreach ($param as $key => $value)
+        {
+            if($key != 'Signature') {
+                $filter[$key] = ($value);//urlencode
+            }
+        }
+
+        $pos = 0;
+        $count = count($filter);
+
+        $str = '';
+        foreach ($filter as $key => $value)
+        {
+            $str .= "{$key}=" . "{$value}";
+            if($pos != $count -1) {
+                $str .= "&";
+            }
+            $pos++;
+        }
+        return $str;
+    }
+    private function sign()
+    {
+        $strsign = $this->mParam['Signature'];
+        $signAsc = explode("|", $strsign);
+        $sign = '';
+        foreach ($signAsc as $v) {
+            if ($v ==='') {
+                continue;
+            }
+            $sign .= chr($v);
+        }
+
+        return $sign;
+    }
+
+    private function  public_key()
+    {
+        $pub_key = 'MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALuUIwMGhvbpCwYzKCMzvSMQiLAAj5y74cN09N1TXVONPWhvLWkuzEPSd1ogPJLWiVyEG7gEIBT3zTlCV+NMou0CAwEAAQ==';
+        $pk = chunk_split($pub_key, 64, "\n");
+        $pk = "-----BEGIN PUBLIC KEY-----\n{$pk}-----END PUBLIC KEY-----\n";
+        return $pk;
+    }
+    public function check()
+    {
+        if($this->success() == false) {
+            return false;
+        }
+        $sign = $this->sign();
+        $pk = $this->public_key();
+        $pkid = openssl_pkey_get_public($pk);
+        $content = $this->filter_param($this->mParam);
+        $ok = openssl_verify($content, $sign, $pkid, OPENSSL_ALGO_SHA1);
+        openssl_free_key($pkid);
+
+        return $ok;
+    }
+    private function substr($arr,$src)
+    {
+        $len = strlen($src);
+        $ar_len  = 0;
+        foreach ($arr as $key => $value) {
+            $ar_len += intval($value);
+        }
+        if($ar_len > $len) return false;
+
+        $result = [];
+        $pos = 0;
+        foreach ($arr as $key => $len)
+        {
+            $val = substr($src,$pos,$len);
+            $pos += $len;
+
+            $result[$key] = $val;
+        }
+        return $result;
+    }
+    public function format()
+    {
+        $body = $this->mParam['MerchantPara'];
+        $params = preg_split('/\||:/', $body);
+
+        $result = [];
+        for ($i = 0; $i < count($params); ++$i) {
+            $key = $params[$i];
+            $val = $params[++$i];
+            $result[$key] = $val;
+        }
+        $ar_key = array("BranchID" => 4,"CoNo" => 6, "Date" => 8,"trade_no" => 20);
+        $msg = $this->substr($ar_key,$this->mParam['Msg']);
+        $result['trade_no'] = $msg['trade_no'];
+
+        return $result;
+    }
+}
+
 class cmbpay implements IPay
 {
     const pay_url = 'http://61.144.248.29:801/netpayment/BaseHttp.dll?PrePayEUserP';
@@ -42,9 +153,14 @@ class cmbpay implements IPay
         }
     }
 
-
     public function on_notify($param)
     {
+        $nofity = new NotifyData($param);
+        if($nofity->check()) {
+            return $nofity->format();
+        } else {
+            return false;
+        }
     }
 
     public function gen_pay($pay_sn, $cents,$order_sn,$subject)
@@ -55,11 +171,11 @@ class cmbpay implements IPay
         $payprice = $cents / 100;
         $time = time();
         $date = date('Ymd', $time);
-
-        $param = $this->gen_param($time,$payprice,$pay_sn,$order_sn,$bill_no);
+        $user_id = $_SESSION['member_id'];
+        $attach = "pay_sn:{$pay_sn}|order_sn:{$order_sn}|member_id:{$user_id}";
+        $param = $this->gen_param($time,$payprice,$attach,$bill_no);
         $code = $this->genMerchantCode($param);
 
-        $user_id = $_SESSION['member_id'];
         $data = [
             'BranchID' => $config['BranchID'],
             'CoNo' => $config['CoNo'],
@@ -68,7 +184,7 @@ class cmbpay implements IPay
             'Date' => $date,
             'ExpireTimeSpan' => '30',
             'MerchantUrl' => self::pay_notify_url(),
-            'MerchantPara' => "pay_sn={$pay_sn}#order_sn={$order_sn}#member_id={$user_id}",
+            'MerchantPara' => $attach,
             'MerchantCode' => $code,
             'MerchantRetUrl' => "",
         ];
@@ -87,7 +203,7 @@ class cmbpay implements IPay
         return array("req_url" => self::pay_url,"data" => $strParam);
     }
 
-    private function gen_param($time,$payprice,$pay_sn,$order_sn,$bill_no)
+    private function gen_param($time,$payprice,$attach,$bill_no)
     {
         $date = date('Ymd', $time);
         $seq = $date . $bill_no;
@@ -101,7 +217,7 @@ class cmbpay implements IPay
             'strCono' => $config['CoNo'],
             'strBillNo' => $bill_no,
             'strAmount' => "{$payprice}",
-            'strMerchantPara' => "pay_sn={$pay_sn}#order_sn={$order_sn}#member_id={$user_id}",
+            'strMerchantPara' => $attach,
             'strMerchantUrl' => self::pay_notify_url(),
             'strPayerID' => "{$user_id}",
             'strPayeeID' => '',

helper/pay_helper.php

@@ -19,6 +19,10 @@ require_once (BASE_ROOT_PATH . '/helper/pay/cmbpay.php');
 
 class pay_helper
 {
+    const WX_PAYMENT = "wxpay";
+    const ALI_PAYMENT = "alipay";
+    const CMB_PAYMENT = "cmbpay";
+
     const store_user_id = 36429;
     const period_hour = 5 * 24;
     const total_number = 10;
@@ -102,20 +106,53 @@ class pay_helper
     }
     public function OnNotify($param,$payment)
     {
-        $pay = null;
+        $pay = $this->gen_payment($payment);
+        if($pay == null) {
+            return false;
+        }
+
+        $result = $pay->on_notify($param);
+        if($result != false)
+        {
+            $pay_sn   = $result['pay_sn'];
+            $trade_no = $result['trade_no'];
+
+            $cb_info = $this->update_order($pay_sn,$trade_no,$payment);
+            if ($cb_info['state'] == false) {
+                Log::record("update_order fail: pay_sn={$pay_sn},trade_no={$trade_no}", Log::DEBUG);
+
+                return false;
+            }
+            else
+            {
+                if(is_pushoms()) {
+                    $logic_delivery = Logic('delivery');
+                    $logic_delivery->putOrder($pay_sn, $trade_no);
+                    Log::record("update_order success: pay_sn={$pay_sn}", Log::DEBUG);
+                }
+                $this->OnSuccess($pay_sn);
+
+                return true;
+            }
+        } else {
+            return false;
+        }
+    }
+
+    private function gen_payment($payment)
+    {
         if($payment == "wxpay") {
-            $pay = new Pay\wxpay();
+            return new Pay\wxpay();
         }
         else if($payment == "alipay") {
-            $pay = new Pay\alipay();
+            return new Pay\alipay();
         }
         else if($payment == "cmbpay") {
-            $pay = new Pay\cmbpay();
+            return new Pay\cmbpay();
         }
         else {
-            return false;
+            return null;
         }
-
     }
     public function OnSuccess($pay_sn)
     {
@@ -217,4 +254,39 @@ class pay_helper
             return array('money' => $money,'total_num' => self::total_number,'sender_name' => '熊猫美妆');
         }
     }
+
+    public function update_order($paysn, $trade_no, $payment)
+    {
+        $logic_payment = Logic('payment');
+
+        $tmp = explode('|', $paysn);
+        $paysn = $tmp[0];
+        if (!empty($tmp[1])) {
+            $order_type = $tmp[1];
+        } else {
+            $order_pay_info = Model('order')->getOrderPayInfo(array('pay_sn' => $paysn));
+            if (empty($order_pay_info)) {
+                $order_type = 'v';
+            } else {
+                $order_type = 'r';
+            }
+        }
+
+        if ($order_type == 'r') {
+            $result = $logic_payment->getRealOrderInfo($paysn);
+            if (intval($result['data']['api_pay_state'])) {
+                return array('state' => true);
+            }
+            $order_list = $result['data']['order_list'];
+            $result = $logic_payment->updateRealOrder($paysn, $payment, $order_list, $trade_no);
+        } elseif ($order_type == 'v') {
+            $result = $logic_payment->getVrOrderInfo($paysn, null, true);
+            if ($result['data']['order_state'] != ORDER_STATE_NEW) {
+                return array('state' => true);
+            }
+            $result = $logic_payment->updateVrOrder($paysn, $payment, $result['data'], $trade_no);
+        }
+
+        return $result;
+    }
 }

helper/request_helper.php

@@ -246,12 +246,11 @@ class request_helper
             for ($i = 0; $i < count($params); ++$i) {
                 $key = $params[$i];
                 $val = $params[++$i];
-                $_GET[$key] = $val;
-                $_POST[$key] = $val;
+                $_GET[$key] =  urldecode($val);
+                $_POST[$key] = urldecode($val);
             }
         }
     }
-
     /**
      * 302  跳转
      */

mobile/cmbpay_notify.php

@@ -1,6 +1,10 @@
 <?php
 
+require_once (BASE_ROOT_PATH . "/helper/pay_helper.php");
+
 $data = json_encode($_GET);
 Log::record("cmbpay_notify param: {$data}", Log::DEBUG);
 
+$helper = new pay_helper();
+$helper->OnNotify($_GET,pay_helper::CMB_PAYMENT);