Merge branch 'goods' of 121.43.114.153:/home/git/repositories/shopnc into fix_goods

core/framework/libraries/log.php

@@ -14,6 +14,7 @@ class Log
     const WARING = 4;
     const ERR = 5;
     const RUN = 6;
+    const WAIT_HANDLE = 10;
 
     const cur_level = self::INFO;
 
@@ -23,6 +24,14 @@ class Log
     {
         $now = @date('Y-m-d H:i:s', time());
 
+        if($lev == self::WAIT_HANDLE) {
+            $level = 'WAIT_HANDLE';
+            $log_file = BASE_DATA_PATH.'/log/'.date('Ymd',TIMESTAMP).'-wait.log';
+            $content = "[{$now}] {$level}: {$message}\r\n";
+            file_put_contents($log_file,$content, FILE_APPEND);
+            return;
+        }
+
         if($lev == self::SQL && self::open_sql) {
             $level = 'SQL';
             $log_file = BASE_DATA_PATH.'/log/'.date('Ymd',TIMESTAMP).'-sql.log';

data/logic/delivery.logic.php

@@ -93,7 +93,9 @@ class deliveryLogic
         $sign = $this->_getSign($data);
         $headers = array('v_appkey: '.self::$appkey, 'v_sign: '.$sign, 'Content-Type: application/json');
         $result = http_post_data(self::$appURL,json_encode($data),$headers);
+        Log::record("post data={$result}",Log::DEBUG);
 
+        $result = json_decode($result,true);
         if(!empty($result) && is_array($result))
         {
             if($result['apiCode'] == 'success')
@@ -101,15 +103,14 @@ class deliveryLogic
                 if(!empty($result['data']) && is_array($result['data']) && count($result['data']) > 0)
                 {
                     if(empty($result['data'][0]['status']) || $result['data'][0]['status'] != 1) {
-                        Log::record("PUSHOMS ERR pay_sn=> $pay_sn",Log::ERR);
+                        Log::record("PUSHOMS ERR pay_sn={$pay_sn},trade_no = {$trade_no}",Log::WAIT_HANDLE);
                     } else {
-                        Log::record("PUSHOMS SUCCESS pay_sn=> $pay_sn",Log::DEBUG);
+                        Log::record("PUSHOMS SUCCESS pay_sn={$pay_sn},trade_no = {$trade_no}",Log::DEBUG);
                     }
                 }
             }
         }
 
-        Log::record("post data={$result}",Log::DEBUG);
         return $result;
     }
 

mobile/alipay_notify_url.php

@@ -9,13 +9,14 @@ require_once (BASE_DATA_PATH . '/logic/delivery.logic.php');
 
 $out_trade_no = $_POST['out_trade_no'];  // 商户订单号
 $trade_no = $_POST['trade_no'];          // 支付宝交易号
+$total_fee = floatval(trim($_POST['total_fee']));
 
-Log::record("alipay_notify_url: out_trade_no={$out_trade_no}", Log::DEBUG);
+Log::record("alipay_notify_url: out_trade_no={$out_trade_no} total_fee={$total_fee}", Log::DEBUG);
 
 // 步骤一：验证数据来源正确性
 $alipayNotify = new AlipayNotify($alipay_config);
 $verify_result = $alipayNotify->verifyReturn();
-Log::record("verify_result={$verify_result}, out_trade_no={$out_trade_no}", Log::DEBUG);
+Log::record("verify_result={$verify_result}, out_trade_no={$out_trade_no},", Log::DEBUG);
 
 fcgi_header("Content-Type: text/plain; charset=UTF-8\r\n\r\n");
 
@@ -26,6 +27,12 @@ if ($verify_result)
     $trade_status = $_POST['trade_status'];
     if ($trade_status === 'TRADE_FINISHED' || $trade_status === 'TRADE_SUCCESS')
     {
+        $chk = app_payControl::check_fee($out_trade_no,$total_fee);
+        if($chk == false) {
+            Log::record("AliPay check: pay_sn={$out_trade_no},total_fee={$total_fee}",Log::WAIT_HANDLE);
+            Log::record("AliPay check: pay_sn={$out_trade_no},total_fee={$total_fee}",Log::DEBUG);
+            echo("success");
+        }
         // 步骤二：更新订单状态
         $cb_info = app_payControl::update_order($out_trade_no, $trade_no, 'alipay');
         if ($cb_info['state'] == false) {

mobile/api/payment/alipay/lib/alipay_rsa.function.php

@@ -37,18 +37,14 @@ function rsaVerify($data, $ali_public_key_path, $sign)
     Log::record("pub key path={$ali_public_key_path}",Log::DEBUG);
 
 	$pubKey = file_get_contents($ali_public_key_path);
-    try{
-        $res = openssl_get_publickey($pubKey);
-    } catch(Exception $e){
-        $msg = $e->getMessage();
-    }
-    Log::record("sign={$sign}",Log::DEBUG);
-
+    $res = openssl_get_publickey($pubKey);
     $sign = urldecode($sign);
     $sign = base64_decode($sign);
     $result = (bool)openssl_verify($data, $sign, $res);
-    $err = openssl_error_string();
-    Log::record("openssl last error={$err}",Log::DEBUG);
+    if($result == false) {
+        $err = openssl_error_string();
+        Log::record("openssl last error={$err}",Log::DEBUG);
+    }
     openssl_free_key($res);
     return $result;
 }

mobile/control/app_pay.php

@@ -258,6 +258,26 @@ class app_payControl extends mbMemberControl
         return $ret;
     }
 
+    public static function check_fee($pay_sn,$total_fee)
+    {
+        $logic_payment = Logic('payment');
+        $result = $logic_payment->getRealOrderInfo($pay_sn);
+
+        if (intval($result['data']['api_pay_state']) != 0) {
+            $val = intval($result['data']['api_pay_state']);
+            Log::record("cur state = {$val}",Log::DEBUG);
+            return false;
+        }
+
+        if(bccomp($result['data']['api_pay_amount'],$total_fee,2) == 0) {
+            Log::record("check_fee success.",Log::DEBUG);
+            return true;
+        } else {
+            Log::record("check_fee error.",Log::ERR);
+            return false;
+        }
+    }
+
     /**
      * @return array
      * @throws WxPayException