garden_server/application/newhome/controller/Pay.php

<?php
namespace app\newhome\controller;

use think\Controller;
use think\Db;
use app\user\model\PayPlugin;
use app\user\model\User;
use app\user\model\UserPay;


class Pay extends Controller{
	private $payPluginModel, $userModel;
	
	public function _initialize(){
		
		$this->payPluginModel= new PayPlugin();
		$this->userModel = new User();
	}
	
	public function pay(){
		$data = decode($this->request->post());
		
// 		$data['i'] = 'com.dashgame.garden.packone';
// 		$data['t'] = 1;
// 		$data['u'] = 1704251601802555535;
		
		$iapInfo = Db::name('iap_config')->where(['item_id'=>$data['i']])->find();
		if(empty($iapInfo)) return (json(['error'=>1111]));
		
		$plugin = $this->payPluginModel->getPayPluginByType($data['t']);
		if(empty($plugin)) return (json(['error'=>1111]));
		
		$biz_content = $this->getAliTradeInfo($iapInfo, $data['u']);
		$val = $this->getAliPayInfo($plugin, $biz_content);
		
		return http_build_query($val);
	}


	public function sdk_notify(){
	    $data = $this->request->post();

	    $order_id = $data['order_id'];
	    $pay_money = $data['pay_money'];
	    $pay_time = $data['pay_time'];
	    $exinfo = $data['exinfo'];
	    $role_id = $data['role_id'];

	    if($data['sign'] != md5($order_id.$pay_money.$pay_time.$exinfo."o6knhm0BhXBDVn3D"))
        {
            return json(["errno"=>101, "msg"=>"签名不对"]);
        }

        $arr = explode("|", $exinfo);
	    $item_id = $arr[0];
	    $user_id = $arr[1];

        $iapInfo = Db::name('iap_config')->where(['item_id'=>$item_id])->find();
        if(empty($iapInfo)) return (json(['errno'=>1111, "msg"=>"商品ID错误"]));

        $user = Db::name('user')->where(['id'=>$role_id])->find();
        if(empty($user)) return (json(['errno'=>1111, 'msg'=>"用户ID错误"]));

        $arr = array();
        $arr['user_id'] = $user_id;
        $arr['pay_id'] = $iapInfo['id'];
        $arr['out_trade_no'] = $order_id;
        $arr['cost'] = $pay_money;
        $arr['create_time'] = date("Y-m-d H:i:s", $pay_time);
        Db::name('user_pay')->insert($arr);

        return json(['errno'=>1, 'msg'=>""]);
    }

    public function get_reward()
    {
        $data = decode($this->request->post());
        $user_id = $data['user_id'];

        $user_pay = Db::name('user_pay')->where(['user_id'=>$user_id])->order('id DESC')->find();
        if(!$user_pay)
        {
            return json(['error'=>0]);
        }

        Db::name('user_pay')->update(["reward"=>1])->where(["id"=>$user_pay['id']]);

        $pay_id = $user_pay['pay_id'];
        $iap_info = Db::name('iap_config')->where(['id'=>$pay_id])->find();
        if(!$iap_info)
        {
            return json(['error'=>0]);
        }

        return json(['error'=>0, "reward"=>$iap_info["reward"]]);
    }


	public function notify(){
		echo 'success';
	}
	
	private function getAliTradeInfo($ipa, $user){
		$content = [];
		
		$content['subject'] = $ipa['desc'];
		$content['out_trade_no'] = $tradeNo = 'D'.getId();
		$content['total_amount'] = $ipa['price'];
// 		$content['total_amount'] = 0.01;
		$content['product_code'] = 'QUICK_MSECURITY_PAY';
		$content['timeout_express'] = '90m';
		$content['body'] = $ipa['desc'];
		
		$userPay = new UserPay();
		$userPay->add(['user_id'=>$user, 'cost'=>$ipa['price'], 'pay_id'=>$ipa['id'], 'out_trade_no'=>$tradeNo]);
		
		return json_encode($content);
	}
	
	private function getAliPayInfo($plugin, $biz_content){
		$params = [];
		
		$params['app_id'] = $plugin['appid'];
		$params['method'] = 'alipay.trade.app.pay';
		$params['format'] = "JSON";
		$params['charset'] = "UTF-8";
		$params['version'] = "1.0";
		$params['timestamp'] = getCurrentTime();
		$params['sign_type'] = "RSA2";
		$params['notify_url'] = 'http://'.$_SERVER['SERVER_NAME']._PHP_FILE_.'/'.$this->request->module().'/'.$this->request->controller().'/notify';
		$params['biz_content'] = $biz_content;

		ksort($params);

        $sign = aliSign($plugin['private_key'], getAliSignContent($params));
        $params['sign'] = $sign;
		
		foreach ($params as &$value) {
            $value = urlencode($value);
		}
		
		return $params;
	}




	public function wxPay()
    {
        $data = decode($this->request->post());

// 		$data['i'] = 'com.dashgame.garden.packone';
// 		$data['t'] = 1;
// 		$data['u'] = 1704251601802555535;

        $iapInfo = Db::name('iap_config')->where(['item_id'=>$data['i']])->find();
        if(empty($iapInfo)) return (json(['error'=>1111]));

        $user_id = $data['u'];
        $price = $iapInfo['price'];
        $out_trade_no = 'D'.getId();

        $order_url = "https://api.mch.weixin.qq.com/pay/unifiedorder";

        $data = array();
        $data['appid'] = "wx47450ab76d65a1b3";
        $data['mch_id'] = "1495332042";
        $data['nonce_str'] = md5(time());
        $data['sign_type'] = "MD5";
        $data['body'] = $iapInfo['desc'];
        $data['out_trade_no'] = $out_trade_no;
        $data['total_fee'] = $price*100;
        $data['spbill_create_ip'] = $this->getip();
        $data['notify_url'] = 'http://'.$_SERVER['SERVER_NAME'].'/wx_notify.php';
        $data['trade_type'] = "APP";
        $data['attach'] = $user_id;

        ksort($data);

//        print_r($data);

        $data['sign'] = $this->generateSign($data);
        $xml = $this->arrayToXml($data);

        $opts = array (
            'http' => array(
                'method' => 'POST',
                'header' => "Content-type: application/x-www-form-urlencoded ",
                'content' =>  $xml
            ),
        );
        $context = stream_context_create($opts);
        $html = file_get_contents($order_url, false, $context);

//        echo $html;

        $xml = simplexml_load_string($html);
        if(strval($xml->return_code) != "SUCCESS" || strval($xml->result_code) != "SUCCESS")
        {
            return (json(['error'=>2]));
        }

        $pay = array();
        $pay['appid'] = strval($xml->appid);
        $pay['partnerid'] = strval($xml->mch_id);
        $pay['prepayid'] = strval($xml->prepay_id);
        $pay['package'] = "Sign=WXPay";
        $pay['noncestr'] = md5(time());
        $pay['timestamp'] = strval(time());
        $pay['sign'] = $this->generateSign($pay);

        $userPay = new UserPay();
        $userPay->add(['user_id'=>$user_id, 'cost'=>$price, 'pay_id'=>$iapInfo['id'], 'out_trade_no'=>$out_trade_no]);

        return (json($pay));
    }

    function getip() {
        $unknown = 'unknown';
        if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] && strcasecmp($_SERVER['HTTP_X_FORWARDED_FOR'], $unknown) ) {
            $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
        } elseif ( isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], $unknown) ) {
            $ip = $_SERVER['REMOTE_ADDR'];
        }
        /*
        处理多层代理的情况
        或者使用正则方式：$ip = preg_match("/[\d\.]{7,15}/", $ip, $matches) ? $matches[0] : $unknown;
        */
        if (false !== strpos($ip, ','))
            $ip = reset(explode(',', $ip));
        return $ip;
    }

    private function generateSign($params)
    {
        ksort($params);

        $stringToBeSigned = "";
        $i = 0;
        foreach ($params as $k => $v) {
            if (false === $this->checkEmpty($v) && "@" != substr($v, 0, 1)) {

                // 转换成目标字符集
                //$v = $this->characet($v, $this->postCharset);

                if ($i == 0) {
                    $stringToBeSigned .= "$k" . "=" . "$v";
                } else {
                    $stringToBeSigned .= "&" . "$k" . "=" . "$v";
                }
                $i++;
            }
        }

        unset ($k, $v);

        $stringSignTemp = $stringToBeSigned."&key=N6a0xVVV4IyMwQrneiCweaVQ7sypOEbS";
        return strtoupper(md5($stringSignTemp));
    }

    private function checkEmpty($value) {
        if (!isset($value))
            return true;
        if ($value === null)
            return true;
        if (trim($value) === "")
            return true;

        return false;
    }

    private function arrayToXml($arr)
    {
        $xml = "<xml>\n";
        foreach ($arr as $key=>$val)
        {
            if(is_numeric($val))
            {
                $xml .= "<".$key.">".$val."</".$key.">\n";
            }
            else
            {
                $xml .= "<".$key."><![CDATA[".$val."]]></".$key.">\n";
            }
        }
        $xml .= "</xml>";
        return $xml;
    }

}