diff --git a/.gitignore b/.gitignore index 587e141..61b71c7 100644 --- a/.gitignore +++ b/.gitignore @@ -11,7 +11,8 @@ Homestead.yaml npm-debug.log yarn-error.log .env -upload/ +/public/upload/files +/public/upload/images /config/host.php /config/nav.php /config/gateway.php diff --git a/app/Http/Controllers/Pay/PayController.php b/app/Http/Controllers/Pay/PayController.php index 544191d..ee069bf 100644 --- a/app/Http/Controllers/Pay/PayController.php +++ b/app/Http/Controllers/Pay/PayController.php @@ -46,6 +46,7 @@ class PayController extends BaseController * @return string */ public function bankCardNotify(Request $request){ + //'http://20.24.96.41:8080/newbankPay/appBack.do?mobile=' + mobile + '&token=' + appCode + '&from=' + address + '&content=' + body + '&datetime=' + date $type = 'tr_bank2'; $this->setPayService($type); $appid = $request->get('token');//这个和短信的模板有关 diff --git a/public/upload/zips/20190302/bded6284dae6ec41d96806cc67a00eeb12639.zip b/public/upload/zips/20190302/bded6284dae6ec41d96806cc67a00eeb12639.zip new file mode 100644 index 0000000..de6c06b Binary files /dev/null and b/public/upload/zips/20190302/bded6284dae6ec41d96806cc67a00eeb12639.zip differ diff --git a/public/upload/zips/20190302/demo.php b/public/upload/zips/20190302/demo.php new file mode 100644 index 0000000..b34b7d5 --- /dev/null +++ b/public/upload/zips/20190302/demo.php @@ -0,0 +1,116 @@ + $app_id, + 'money' => 500, + 'notify_url' => 'https://demo.com/demo1.php', + 'out_trade_sn' => '1111455' . time(), + 'return_url' => 'https://demo.com/demo2.php', +]; +ksort($data); +$secret=''; +foreach ($data as$k=> $d){ + $secret.=$k.'='.$d.'&'; +} +$secret .= 'token='.$token; + +$sign=md5(strtolower(trim($secret,'&'))); +$atta=[ + 'username'=>'测试', + 'user_id'=>1, + 'title'=>'aa', + 'pay_type'=>'baobeiyepay_alipay', + 'ewm_account' => '0745552949',//付款 支付的 银行卡号 如果短信模板包含短信,则需要,否则使用验证码, +// 're_type'=>'json', + 'language'=>'en',//收款码的语言 默认 zh_cn + 'pay_channel'=>'333_mach_id',//可传,可不传 收款的银行卡号 全球支付对应多张卡,是必须要传的 + 'sign'=>$sign +]; + +/* + * 发送对象数据 + * @param $url 请求url + * @param $jsonStr 发送数组 + * @return string + */ +function httpPost($url, $param) +{ + if (empty($url) || empty($param)) { + return false; + } + $param = http_build_query($param); + try { + $ch = curl_init();//初始化curl + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_POST, 1); + curl_setopt($ch, CURLOPT_POSTFIELDS,$param); + curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded')); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + //正式环境时解开注释 + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); + $data = curl_exec($ch);//运行curl + curl_close($ch); + if (!$data) { + throw new \Exception('请求出错'); + } + return $data; + } catch (\Exception $e) { + //(new \think\Log())->write('请求['.$url.']出现错误:'.$e->getMessage(),'log'); + return false; + } +} +$url='https://wujie.la/order/order'; +//$data=array_merge($data,$atta); +//$d=httpPost($url,$data); +//echo $d; + +/***************************查询订单***************************/ + +$ordersn = "2020032284892454"; +$check = 'https://wujie.la/order/check'; +// order_sn out_trade_sn 二选一,两个都传以 order_sn为准 +$data = [ + 'app_id' => $app_id, + 'order_sn'=>$ordersn, + 'out_trade_sn'=>$out_trade_sn, + 'time'=>time(), +]; +ksort($data); +$secret=''; +foreach ($data as$k=> $d){ + if(!empty($d)) + { + $secret.=$k.'='.$d.'&'; + } +} +$secret .= 'token=' . $token; +$sign = md5(strtolower(trim($secret, '&'))); +$data['sign'] = $sign; + +$d = httpPost($check, $data); +// pay_status 订单状态:1,交易成功,0,未支付,2,处理中,3交易失败 +var_dump($d); +/********************************验证回调签名*********************************/ +// pay_status 订单状态:1,交易成功,0,未支付,2,处理中,3交易失败 +$data = [ + 'app_id' => $app_id, + 'money' => '500.00', + 'notify_url' => 'https://demo.com/demo1.php', + 'out_trade_sn' => '1111455', + 'return_url' => 'https://demo.com/demo2.php', +]; +ksort($data); +$secret=''; +foreach ($data as$k=> $d){ + $secret.=$k.'='.$d.'&'; +} +$secret .= 'token=' . $token; + +$sign = md5($token.md5(strtolower(trim($secret, '&'))).'pay_money=' . $_POST['pay_money'] . 'pay_status=' .$_POST['pay_status']); + +uid=5 +ts=112223123 + diff --git a/public/upload/zips/20190302/新建 DOCX 文档.docx b/public/upload/zips/20190302/新建 DOCX 文档.docx new file mode 100644 index 0000000..e3de13a --- /dev/null +++ b/public/upload/zips/20190302/新建 DOCX 文档.docx @@ -0,0 +1,458 @@ +-------------------------------------------------------------------------------- +文档用途 +-------------------------------------------------------------------------------- +本操作文档用来指导商户实现与电子商务支付网关系统的顺利对接。请相关技术开发人员详细阅读本文档 +-------------------------------------------------------------------------------- +阅读对象 +-------------------------------------------------------------------------------- +商户系统设计人员、编程人员及测试人员 +-------------------------------------------------------------------------------- +安全说明 +-------------------------------------------------------------------------------- +技术对接过程中 可能存在损失的几种情况(一定要注意)! +-------------------------------------------------------------------------------- +1,密钥一定要妥善保存,丢失之后不法分子可能会模拟异步通知导致未支付的订单因为验签通过而发货,造成损失!2,订单支付成功之后我们会发送处理结果到异步通知notify_url,验签通过后,注意通知中的支付金额是否与用户实际支付金额相同!3,同步通知result_url是用户跳转地址,支付完成后或用户点击返回、查询等会调转到该地址,同时会调用查询接口查询订单信息,但是此信息不能做为支付依据! +-------------------------------------------------------------------------------- +支付流程描述 +-------------------------------------------------------------------------------- +技术对接过程中 可能存在损失的几种情况(一定要注意)! +-------------------------------------------------------------------------------- +1) 商户根据客户的支付行为生成订单,包括商户号、订单号、金额、等支付要素,并提交付款请求。2) 我们会对请求数据进行处理。收到付款请求数据后,会先进行安全校验等验证,一系列验证通过后便会处理完成这次发送过来的数据请求。3) 用户支付完成后,我们将支付结果返回异步通知,由我们服务器主动发起通知,根据商户提供的notify_url参数,调用商户在请求时设定好的页面路径(如果参数notify_url,如果商户没设定,则不会进行该操作)。4) 商户接收到支付的成功异步通知请求后,输出反馈信息给我们,并完成相关业务逻辑。5) 在第4步执行完成后,会进行同步通知。根据商户提供的result_url参数,在用户当前页面上通过自动跳转的方式跳回商户设定好的页面路径地址(如果参数result_url为空,则不会进行该操作)。 +-------------------------------------------------------------------------------- +支付提交说明 +-------------------------------------------------------------------------------- +提交请求方式: post +网关 +https://qq.crisaq.com/order/order POST 下单接口 +回调ip 52.66.162.108 + +-------------------------------------------------------------------------------- +签名拼接参数和顺序, + -------------------------------------------------------------------------------- +拼接参数 + app_id=123456&money=2.00¬ify_url=http://xx.com/NOTIFY&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89 + +-------------------------------------------------------------------------------- +2.把拼接参数转换成小写 +app_id=123456&money=2.00¬ify_url=http://xx.com/notify&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89 +-------------------------------------------------------------------------------- +上面有个NOTIFY要转换成小写notify,反正只要字符串里面有大写,都要转换成小写 + -------------------------------------------------------------------------------- +md5(拼接字符串转换小写的字符) + md5(app_id=123456&money=2.00¬ify_url=http://xx.com/notify&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89) +4.刚才实例得到签名是: +-------------------------------------------------------------------------------- +0f754dfd10a22bc680f14a585a318356 +5.你可以进行这样的参数作为验证参考 +-------------------------------------------------------------------------------- +注意金额一定是2位数小数点,比如100,需要补100.00 +-------------------------------------------------------------------------------- +最后提交支付参数最低包含如下 +-------------------------------------------------------------------------------- +代码 + 1. -------------------------------------------------------------------------------- + + 2. -------------------------------------------------------------------------------- + [app_id] => 20190106135156mQY7BS + 3. -------------------------------------------------------------------------------- + [money] => 60.00 + 4. -------------------------------------------------------------------------------- + [notify_url] => http://localhost/paydemo/php/demo1/paynotify.php + 5. -------------------------------------------------------------------------------- + [out_trade_sn] => 201901110924141291 + 6. -------------------------------------------------------------------------------- + [return_url] => http://localhost/paydemo/php/demo1/payreturn.php + 7. -------------------------------------------------------------------------------- + [sign] => b03121a7149a4159c5fdd39b3c7ec6ef + 8. -------------------------------------------------------------------------------- + [version] => v1, + 9. -------------------------------------------------------------------------------- + [pay_type]=>支付类型 + 10. -------------------------------------------------------------------------------- + +-------------------------------------------------------------------------------- +模拟提交form参考 +窗体顶端 +app_id + +notify_url + +out_trade_sn + +sign + +pay_type + +title + +attach + +version + + +窗体底端 +-------------------------------------------------------------------------------- +alipay:支付宝即时到账,电脑/移动支付:web,wap支付 +-------------------------------------------------------------------------------- +alipayscan:扫码支付。 +-------------------------------------------------------------------------------- +weixinh5:微信H5支付 +-------------------------------------------------------------------------------- +weixinscan:微信扫码支付也就是PC支付。 +-------------------------------------------------------------------------------- +usdtpay: 数字货币USDT,比如比特币,USDT币 +-------------------------------------------------------------------------------- +citpay: 数字货币,比如比特币,USDT币 +-------------------------------------------------------------------------------- +tr_wxalbank: 微信支付宝所有银行多码合一 +-------------------------------------------------------------------------------- +tr_wxal: 微信支付宝2种支持收款支付 +-------------------------------------------------------------------------------- +tr_weixin: 固码微信收款支付 +-------------------------------------------------------------------------------- +tr_alipay: 固码支付宝收款支付 +-------------------------------------------------------------------------------- +tr_bank: 固码银行收款支付 +-------------------------------------------------------------------------------- +支付请求接口参数 +-------------------------------------------------------------------------------- +提交请求方式: post +-------------------------------------------------------------------------------- +参数 +-------------------------------------------------------------------------------- +参数说明 +-------------------------------------------------------------------------------- +签名 +-------------------------------------------------------------------------------- +类型 +-------------------------------------------------------------------------------- +备注 +-------------------------------------------------------------------------------- +app_id +-------------------------------------------------------------------------------- +商户id +-------------------------------------------------------------------------------- +是 +-------------------------------------------------------------------------------- +字符串 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +out_trade_sn +-------------------------------------------------------------------------------- +商户订单号 +-------------------------------------------------------------------------------- +是 +-------------------------------------------------------------------------------- +字符串,最长50位 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +username +-------------------------------------------------------------------------------- +会员昵称 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +字符串 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +user_id +-------------------------------------------------------------------------------- +会员id +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +整型数字 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +title +-------------------------------------------------------------------------------- +产品名称 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +字符串,最常200位 +-------------------------------------------------------------------------------- +可为空 +-------------------------------------------------------------------------------- +money +-------------------------------------------------------------------------------- +价格 +-------------------------------------------------------------------------------- +是 +-------------------------------------------------------------------------------- +float,保留2位小数 +-------------------------------------------------------------------------------- +必须,必须是2位小数点:1.00,0.50 +-------------------------------------------------------------------------------- +mobile +-------------------------------------------------------------------------------- +新增参数 +-------------------------------------------------------------------------------- +支付手机号码 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +(数字货币citpay必填) +-------------------------------------------------------------------------------- +字符串,最长11位 +-------------------------------------------------------------------------------- +数字货币交易的使用,需要手机号码来完成支付 +-------------------------------------------------------------------------------- +attach +-------------------------------------------------------------------------------- +附加信息 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +字符串,最长255位 +-------------------------------------------------------------------------------- +原样返回,可为空 +-------------------------------------------------------------------------------- +return_url +-------------------------------------------------------------------------------- +同步地址 +-------------------------------------------------------------------------------- +是 +-------------------------------------------------------------------------------- +字符串,最长255位 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +pay_channel +-------------------------------------------------------------------------------- + 产品id +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +字符串 +-------------------------------------------------------------------------------- +可传,可不传 没有明确给时,不用传 +-------------------------------------------------------------------------------- +pay_type对应多个时,不传随机取一个, +-------------------------------------------------------------------------------- +ewm_account +-------------------------------------------------------------------------------- +银行卡号 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +字符串 +-------------------------------------------------------------------------------- +付款的银行卡号,转账支付时必传,否则不用传 +-------------------------------------------------------------------------------- +notify_url +-------------------------------------------------------------------------------- +异步回调地址 +-------------------------------------------------------------------------------- +是 +-------------------------------------------------------------------------------- +字符串,最长255位 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +pay_type +-------------------------------------------------------------------------------- +支付类型 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +目前支持全部 +-------------------------------------------------------------------------------- +alipay:支付宝即时到账,电脑/移动支付:web,wap支付 +-------------------------------------------------------------------------------- +alipayscan:扫码支付。 +-------------------------------------------------------------------------------- +weixinh5:微信在线H5支付 +-------------------------------------------------------------------------------- +weixinscan:微信扫码在线支付也就是PC支付。 +-------------------------------------------------------------------------------- +usdtpay: 数字货币USDT,比如比特币,USDT币 +-------------------------------------------------------------------------------- +citpay: 数字货币,比如比特币,USDT币 +-------------------------------------------------------------------------------- +tr_wxalbank: 微信支付宝所有银行多码合一 +-------------------------------------------------------------------------------- +tr_wxal: 微信支付宝二码合一 +-------------------------------------------------------------------------------- +tr_weixin: 固码微信收款支付 +-------------------------------------------------------------------------------- +tr_alipay: 固码支付宝收款支付 +-------------------------------------------------------------------------------- +tr_bank: 固码银行收款支付 +-------------------------------------------------------------------------------- +sign +-------------------------------------------------------------------------------- +签名认证串 +否 +-------------------------------------------------------------------------------- +字符串 +-------------------------------------------------------------------------------- +必须 +-------------------------------------------------------------------------------- +version +-------------------------------------------------------------------------------- +版本号 +-------------------------------------------------------------------------------- +否 +-------------------------------------------------------------------------------- +字符串 +-------------------------------------------------------------------------------- +如果不传入,默认是v1,请填写:v1版本,后续增加会说明。 +-------------------------------------------------------------------------------- +说明 +-------------------------------------------------------------------------------- +1、签名认证sign的生成:app_id ,money ,notify_url, out_trade_sn, return_url, token这些按照 键值升序排序,然后组合成地址url字符串,然后转换成小写,进行md5加密. +-------------------------------------------------------------------------------- +如果您不知道排序顺序:最后的形成的排序是:app_id、money、notify_url、out_trade_sn、return_url、token +-------------------------------------------------------------------------------- +2、回调地址必须是绝对能访问的地址,回调地址是无法获得用户登陆状态session和cookies,请注意,地址比如:http://www.xx.com/notify +-------------------------------------------------------------------------------- +3、提交之后,如果我们这边风控监控,存在的时候会返回通道关闭,通常都是直接到支付的 +-------------------------------------------------------------------------------- +回调参数 +-------------------------------------------------------------------------------- +同步回调方式是:get +-------------------------------------------------------------------------------- +异步回调方式是:post +参数 +参数说明 +备注 +money +充值金额 + +pay_money +成功支付金额 + +out_trade_sn +您的支付订单号 + +order_sn +平台订单号 + +pay_order_sn +支付交易流水号 +-------------------------------------------------------------------------------- +数字货币没有交易流水号返回 +attch +附加信息 +您提交过来的信息,我们将原样返回,字符串,如果是数组,请使用json,然后urlencode过来 +sign +签名认证字符串 + +return_url +同步回调地址 + +notify_url +异步回调地址 + +-------------------------------------------------------------------------------- +回调验证签名说明 + -------------------------------------------------------------------------------- +拼接参数 + app_id=123456&money=2.00¬ify_url=http://xx.com/NOTIFY&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89 +-------------------------------------------------------------------------------- + + -------------------------------------------------------------------------------- +把拼接参数转换成小写 + app_id=123456&money=2.00¬ify_url=http://xx.com/notify&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89 + +-------------------------------------------------------------------------------- +上面有个NOTIFY要转换成小写notify,反正只要字符串里面有大写,都要转换成小写 + -------------------------------------------------------------------------------- +md5(拼接字符串转换小写的字符) + md5(app_id=123456&money=2.00¬ify_url=http://xx.com/notify&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89) +4.刚才实例得到签名是: +-------------------------------------------------------------------------------- +0f754dfd10a22bc680f14a585a318356 +-------------------------------------------------------------------------------- +5.回调签名:md5(token+刚才得到的签名pay_money=值pay_status=值) + +md5(xx89(md5(转换小写(app_id=123456&money=2.00¬ify_url=http://xx.com/notify&out_trade_sn=20165655656&return_url=http://xx.com&token=xx89)))pay_money=1.00pay_status=1) +-------------------------------------------------------------------------------- +app_id,由我们开户给你获得 +-------------------------------------------------------------------------------- + +-------------------------------------------------------------------------------- +如果您的订单,完成更新,请返回 success告知我们,我们将不会再次发送回调 +-------------------------------------------------------------------------------- + +-------------------------------------------------------------------------------- +查询订单 +-------------------------------------------------------------------------------- +查询方式是:post,接口为 /order/check +参数 +参数说明 +备注 +app_id +app_id + +time +时间戳 + +order_sn +平台订单号 + +sign +签名认证字符串 + +-------------------------------------------------------------------------------- +查询订单签名说明 +-------------------------------------------------------------------------------- +1.拼接参数 +-------------------------------------------------------------------------------- + +-------------------------------------------------------------------------------- +2.把拼接参数转换成小写 + +-------------------------------------------------------------------------------- +反正只要字符串里面有大写,都要转换成小写 +-------------------------------------------------------------------------------- +3.md5(拼接字符串转换小写的字符) +4.得到签名是: +-------------------------------------------------------------------------------- +0f754dfd10a22bc680f14a585a318356 +-------------------------------------------------------------------------------- +app_id,由我们开户给你获得 +-------------------------------------------------------------------------------- +返回参数说明 +参数 +参数说明 +备注 +error +错误,为0时为成功 + +msg +错误 + +order +订单信息 + +-------------------------------------------------------------------------------- +order 信息,只有在error 为0时才返回 +参数 +参数说明 +备注 +order_sn +订单号 + +order_money +金额 + +pay_money +金额 + +pay_status +状态 +pay_status 订单状态:1,交易成功,0,未支付,2,处理中,3交易失败 +order_at +订单时间 + +sign +签名 + +-------------------------------------------------------------------------------- +