|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255 |
- <?php
- /**
- * @version $id:buy_action.php 8:38 2023年02月13日 tianya $
- * @package DedeBIZ.User
- * @copyright Copyright (c) 2022 DedeBIZ.COM
- * @license https://www.dedebiz.com/license
- * @link https://www.dedebiz.com
- */
- require_once(dirname(__FILE__)."/config.php");
- CheckRank(0, 0);
- $dopost = isset($dopost)? $dopost : '';
- $menutype = 'mydede';
- $menutype_son = 'op';
- require_once DEDEINC.'/dedetemplate.class.php';
- $product = isset($product) ? trim(HtmlReplace($product, 1)) : '';
- $mid = $cfg_ml->M_ID;
- $ptype = '';
- $pname = '';
- $price = '';
- $mtime = time();
- $paytype = isset($paytype)? intval($paytype) : 0;
- if ($dopost === "bank_ok") {
- $moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE buyid='$buyid' AND mid={$mid}");
- if (empty($moRow)) {
- ShowMsg("订单查询错误,请确保是您自己发起的订单", "javascript:;");
- exit;
- }
- if ($moRow['sta'] == 2) {
- ShowMsg("已完成支付,无需重复付款", "javascript:;");
- exit;
- }
- $query = "UPDATE `#@__member_operation` SET sta = '1' WHERE buyid = '{$moRow['buyid']}'";
- $dsql->ExecuteNoneQuery($query);
- ShowMsg("已经完成付款,等待管理员审核", "operation.php");
- exit;
- }
- if (isset($pd_encode) && isset($pd_verify) && md5("payment".$pd_encode.$cfg_cookie_encode) == $pd_verify) {
- $result = json_decode(mchStrCode($pd_encode, 'DECODE'));
- $product = preg_replace("#[^0-9a-z]#i", "", $result->product);
- $pid = preg_replace("#[^0-9a-z]#i", "", $result->pid);
- $row = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE mid='$mid' AND sta=0 AND product='$product'");
- if (!isset($row['buyid'])) {
- ShowMsg("请不要重复提交表单", 'javascript:;');
- exit();
- }
- if ($paytype === 0) {
- ShowMsg("请选择支付方式", 'javascript:;');
- exit();
- }
- $buyid = $row['buyid'];
- } else {
- $buyid = 'M'.$mid.'T'.$mtime.'RN'.mt_rand(100, 999);
- //删除用户旧的未付款的同类记录
- if (!empty($product)) {
- $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid='$mid' AND sta=0 AND product='$product'");
- }
- }
- if (empty($product)) {
- ShowMsg("请选择一个产品", 'javascript:;');
- exit();
- }
- $pid = isset($pid) && is_numeric($pid) ? $pid : 0;
- if ($product == 'member') {
- $ptype = "会员升级";
- $row = $dsql->GetOne("SELECT * FROM `#@__member_type` WHERE aid='{$pid}'");
- if (!is_array($row)) {
- ShowMsg("无法识别您的订单", 'javascript:;');
- exit();
- }
- $pname = $row['pname'];
- $price = $row['money'];
- } else if ($product == 'card') {
- $ptype = "积分购买";
- $row = $dsql->GetOne("SELECT * FROM `#@__moneycard_type` WHERE tid='{$pid}'");
- if (!is_array($row)) {
- ShowMsg("无法识别您的订单", 'javascript:;');
- exit();
- }
- $pname = $row['pname'];
- $price = $row['money'];
- }
- if ($paytype === 0) {
- $inquery = "INSERT INTO `#@__member_operation` (`buyid`,`pname`,`product`,`money`,`mtime`,`pid`,`mid`,`sta`,`oldinfo`) VALUES ('$buyid','$pname','$product','$price','$mtime','$pid','$mid','0','$ptype');";
- $isok = $dsql->ExecuteNoneQuery($inquery);
- if (!$isok) {
- echo "数据库出错,请重新尝试".$dsql->GetError();
- exit();
- }
- if ($price == '') {
- echo "无法识别您的订单";
- exit();
- }
- //获取支付接口设置
- $payment_list = array();
- $dsql->SetQuery("SELECT * FROM `#@__sys_payment` WHERE `status`=1 ORDER BY sortrank ASC");
- $dsql->Execute();
- $i = 0;
- while ($row = $dsql->GetArray()) {
- $payment_list[] = $row;
- $i++;
- }
- $pr_encode = array();
- foreach ($_REQUEST as $key => $val) {
- if (!in_array($key, array('product', 'pid'))) {
- continue;
- }
- $val = preg_replace("#[^0-9a-z]#i", "", $val);
- $pr_encode[$key] = $val;
- }
- $pr_encode = str_replace('=', '', mchStrCode(json_encode($pr_encode)));
- $pr_verify = md5("payment".$pr_encode.$cfg_cookie_encode);
- $tpl = new DedeTemplate();
- $tpl->LoadTemplate(DEDEMEMBER.'/templets/buy_action_payment.htm');
- $tpl->Display();
- } else {
- $moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE buyid='$buyid'");
- if ($moRow['sta'] == 2) {
- ShowMsg("已完成支付,无需重复付款", "javascript:;");
- exit;
- }
-
- if($paytype === 1) {
- //微信支付
- include_once(DEDEINC.'/sdks/include.php');
- include_once(DEDEINC.'/libraries/oxwindow.class.php');
- $pInfo = $dsql->GetOne("SELECT * FROM `#@__sys_payment` WHERE id = $paytype");
- $pData = (array)json_decode($pInfo['config']);
- $config = array(
- "appid" => $pData['AppID'],
- "mch_id" => $pData['MchID'],
- "mch_key" => $pData['APIv2Secret'],
- );
- $wechat = new \WeChat\Pay($config);
- $options = array(
- 'product_id' => $buyid,
- 'body' => '测试商品',
- 'out_trade_no' => $buyid,
- 'total_fee' => $row['money']*100,
- 'trade_type' => 'NATIVE',
- 'notify_url' => 'https://www.dedebiz.com/notify?platform=wxpay',
- );
- try {
- // 生成预支付码
- $result = $wechat->createOrder($options);
- $payurl = $result['code_url'];
- $msg = "请使用微信扫一扫,扫描二维码支付:<div id='qrcode' style='width:200px; height:200px; margin-top:15px;'></div><br/><a href='buy_action.php?dopost=wechat_ok&buyid={$buyid}' class='btn btn-success btn-sm'>已完成支付</a> <a href='operation.php' class='btn btn-outline-success btn-sm'>返回订单管理</a>";
- $script = '<script type="text/javascript">var qrcode = new QRCode(document.getElementById("qrcode"), {
- width : 300,
- height : 300,
- correctLevel : 3
- });qrcode.makeCode("'.$payurl.'");</script>';
- $wintitle = "微信支付";
- $wecome_info = " ";//这个空格不要去
- $win = new OxWindow();
- $win->AddMsgItem($msg);
- $winform = $win->GetWindow("hand", " ", false);
- $win->Display(DEDEMEMBER."/templets/win_templet.htm");
- } catch (Exception $e) {
- ShowMsg("生成微信支付信息失败,请联系网站管理员", "javascript:;");
- exit;
- }
- } elseif ($paytype === 2) {
- include_once(DEDEINC.'/libraries/oxwindow.class.php');
- $pInfo = $dsql->GetOne("SELECT * FROM `#@__sys_payment` WHERE id = $paytype");
- $pData = (array)json_decode($pInfo['config']);
- $config = array(
- "sign_type" => $pData['SignType'],
- "appid" => $pData['APPID'],
- "private_key" => $pData['PrivateKey'],
- "public_key" => $pData['CertPublicKey'],
- "notify_url" => 'https://www.dedebiz.com/alipay-notify.php',
- "return_url" => 'https://www.dedebiz.com/alipay-notify.php',
- );
- //支付宝
- try {
- // 实例支付对象
- $pay = \AliPay\Web::instance($config);
-
- // 参考链接:https://docs.open.alipay.com/api_1/alipay.trade.page.pay
- $result = $pay->apply(array([
- 'out_trade_no' => $buyid, // 商户订单号
- 'total_amount' => sprintf("%d",$row['money']), // 支付金额
- 'subject' => '支付订单描述', // 支付订单描述
- ]));
-
- var_dump(htmlspecialchars( $result));
- } catch (Exception $e) {
- echo $e->getMessage();
- }
- } elseif ($paytype === 3) {
- include_once(DEDEINC.'/libraries/oxwindow.class.php');
- //银行转账
- $pInfo = $dsql->GetOne("SELECT * FROM `#@__sys_payment` WHERE id = $paytype");
- $pData = (array)json_decode($pInfo['config']);
- $msg = "请汇款至如下账户:<br><b>账户名:</b>{$pData['AccountName']}<br><b>账号:</b>{$pData['AccountNO']}<br><b>开户行:</b>{$pData['Name']}<br/><b>备注:</b>{$buyid}<br/>如您已经完成转账,请点击下面按钮,等待管理员确认后即可完成充值<br><br><a href='buy_action.php?dopost=bank_ok&buyid={$buyid}' class='btn btn-success btn-sm'>已完成银行转账</a> <a href='operation.php' class='btn btn-outline-success btn-sm'>返回订单管理</a>";
- $wintitle = "银行转账";
- $wecome_info = " ";//这个空格不要去
- $win = new OxWindow();
- $win->AddMsgItem($msg);
- $winform = $win->GetWindow("hand", " ", false);
- $win->Display(DEDEMEMBER."/templets/win_templet.htm");
- } elseif ($paytype === 4) {
- //余额付款
- if ($cfg_ml->M_UserMoney < $row['money']) {
- ShowMsg("余额不足,请确保当前账户有足够金币支付", "javascript:;");
- exit;
- }
- $query = "UPDATE `#@__member_operation` SET sta = '2' WHERE buyid = '$buyid'";
- $dsql->ExecuteNoneQuery($query);
- $query = "UPDATE `#@__member` SET money = money+{$row['num']} WHERE mid = '$mid'";
- $dsql->ExecuteNoneQuery($query);
- $query = "UPDATE `#@__member` SET user_money = user_money-{$row['money']} WHERE mid = '$mid'";
- $dsql->ExecuteNoneQuery($query);
- ShowMsg("成功使用余额付款", "javascript:;");
- exit;
- } elseif ($paytype === 5) {
- //货到付款
- ShowMsg("虚拟物品,不支持货到付款", "javascript:;");
- exit;
- }
- }
- /**
- * 加密函数
- *
- * @access public
- * @param string $string 字符串
- * @param string $operation 操作
- * @return string
- */
- function mchStrCode($string, $operation = 'ENCODE')
- {
- $key_length = 4;
- $expiry = 0;
- $key = md5($GLOBALS['cfg_cookie_encode']);
- $fixedkey = md5($key);
- $egiskeys = md5(substr($fixedkey, 16, 16));
- $runtokey = $key_length ? ($operation == 'ENCODE' ? substr(md5(microtime(true)), -$key_length) : substr($string, 0, $key_length)) : '';
- $keys = md5(substr($runtokey, 0, 16).substr($fixedkey, 0, 16).substr($runtokey, 16).substr($fixedkey, 16));
- $string = $operation == 'ENCODE' ? sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$egiskeys), 0, 16).$string : base64_decode(substr($string, $key_length));
- $i = 0;
- $result = '';
- $string_length = strlen($string);
- for ($i = 0; $i < $string_length; $i++) {
- $result .= chr(ord($string[$i]) ^ ord($keys[$i % 32]));
- }
- if ($operation == 'ENCODE') {
- return $runtokey.str_replace('=', '', base64_encode($result));
- } else {
- if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$egiskeys), 0, 16)) {
- return substr($result, 26);
- } else {
- return '';
- }
- }
- }
|
