wesmiler 报恩寺项目

app/Http/Controllers/Api/BaseController.php

@@ -160,11 +160,11 @@ class BaseController extends Controller
         defined('DB_PREFIX') or define('DB_PREFIX', DB::connection()->getTablePrefix());
 
         // 系统全称
-        define('SITE_NAME', env('SITE_NAME'));
+        defined('SITE_NAME') or define('SITE_NAME', env('SITE_NAME'));
         // 系统简称
-        define('NICK_NAME', env('NICK_NAME'));
+        defined('NICK_NAME') or define('NICK_NAME', env('NICK_NAME'));
         // 系统版本号
-        define('VERSION', env('VERSION'));
+        defined('VERSION') or define('VERSION', env('VERSION'));
 
         // 请求参数
         $this->param = \request()->input();

app/Http/Controllers/Api/v1/NotifyController.php

@@ -35,8 +35,10 @@ class NotifyController extends BaseController
      */
     public function pay($scene){
         $postData = request()->all();
+        $sign = request()->headers->get('Wechatpay-Signature');
+//        $sign = '';
         $id = isset($postData['id'])? '_'.$postData['id'] : '';
-        RedisService::set('caches:payments:'.$scene.':result'.$id.'_'.date('YmdHis'), ['result'=> $postData,'date'=> date('Y-m-d H:i:s')], 7200);
+        RedisService::set('caches:payments:'.$scene.':result'.$id.'_'.date('YmdHis'), ['result'=> $postData,'sign'=> $sign,'date'=> date('Y-m-d H:i:s')], 7200);
         $postData = isset($postData['resource'])? $postData['resource'] : [];
         if(empty($scene) || empty($postData)){
             return NotifyService::make()->rebackMsg('回调参数错误');
@@ -44,18 +46,21 @@ class NotifyController extends BaseController
 
         // 解密
         $ciphertext = isset($postData['ciphertext'])? $postData['ciphertext'] : '';
-        RedisService::set('caches:payments:'.$scene.':result'.$id.'_ciphertext', ['result'=> $postData,'date'=> date('Y-m-d H:i:s'], 7200);
+        RedisService::set('caches:payments:'.$scene.':result'.$id.'_ciphertext', ['result'=> $postData,'date'=> date('Y-m-d H:i:s')], 7200);
         if(empty($ciphertext)){
             return NotifyService::make()->rebackMsg('解密数据不存在');
         }
 
         $postData = WechatService::decryptNotifyData($postData);
+        $postData = $postData? json_decode($postData, true) : [];
+        //var_dump($postData);
         $outTradeNo = isset($postData['out_trade_no']) ? $postData['out_trade_no'] : '';
         if(empty($postData) || empty($outTradeNo)){
             return NotifyService::make()->rebackMsg('获取解密数据失败');
         }
+        $postData['sign'] = $sign;
         RedisService::set('caches:payments:'.$scene.':result_'.$outTradeNo, ['result'=> $postData], 7200);
-        if (WechatService::checkJsapiNotify($postData,'v3') === true) {
+        if (WechatService::checkJsapiNotifyV3($postData) === true) {
             switch($scene){
                 case 'index': // 供灯订单
                     return NotifyService::make()->notifyGongdeng($postData, $outTradeNo);

app/Services/NotifyService.php

@@ -85,10 +85,10 @@ class NotifyService extends BaseService
 
         // 验证订单金额是否正确
         $payDebug = config('weixin.payDebug');
-        $payMoney = isset($postData['total_fee']) ? moneyFormat($postData['total_fee']) : 0;
+        $amount = isset($notifyData['amount'])? $notifyData['amount'] : [];
+        $payMoney = isset($amount['total']) ? moneyFormat($amount['total']) : 0;
         $orderMoney = isset($orderInfo['money']) ? moneyFormat($orderInfo['money']) : 0.00;
-        $credit = isset($orderInfo['credit']) ? moneyFormat($orderInfo['credit']) : 0.00;
-        $orderAmount = moneyFormat($orderMoney + $credit);
+        $orderAmount = moneyFormat($orderMoney);
         if (!$payDebug && intval($orderAmount * 100) != intval($payMoney)) {
             RedisService::set($errorKey.':error_money',['notify'=> $notifyData, 'error'=> '实付金额与订单金额不一致','order'=> $orderInfo
             ], 3600);
@@ -97,7 +97,7 @@ class NotifyService extends BaseService
 
         // 更新订单数据
         DB::beginTransaction();
-        if(!$this->model::where(['order_sn'=> $outTradeNo])->update(['status'=> 2,'pay_money'=> $payMoney,'remark'=> '已支付'])){
+        if(!$this->model::where(['order_sn'=> $outTradeNo])->update(['status'=> 2,'pay_money'=> moneyFormat($payMoney/100),'remark'=> '已支付'])){
             RedisService::set($errorKey.':error_update',['notify'=> $notifyData, 'error'=> '更新订单信息失败','order'=> $orderInfo
             ], 3600);
             DB::rollBack();
@@ -153,6 +153,6 @@ class NotifyService extends BaseService
      * @return false|string
      */
     public static function rebackMsg($msg='失败', $code='error'){
-        return json_encode(['code'=> $code, 'message'=> $msg]);
+        return ['code'=> $code, 'message'=> $msg];
     }
 }

app/Services/WechatService.php

@@ -806,6 +806,7 @@ class WechatService extends BaseService
         $timeStamp = isset($params['timeStamp'])? $params['timeStamp'] : '';
         $nonceStr = isset($params['nonceStr'])? $params['nonceStr'] : '';
         unset($params['signType']);
+        var_dump($params);
         $signStr = implode("\n", array_values($params))."\n";
         //echo $signStr;
         $mch_private_key = openssl_get_privatekey(file_get_contents(self::$certPaths['key_path']));
@@ -831,16 +832,43 @@ class WechatService extends BaseService
     }
 
     /**
+     * 验证JSAPI回调V3
+     * @param $notifyData
+     * @return array|bool
+     */
+    public static function checkJsapiNotifyV3($notifyData)
+    {
+        if (empty($notifyData)) {
+            return ['code' => 'error', 'message' => 'parse xml error'];
+        }
+        $tradeState = isset($notifyData['trade_state']) ? trim($notifyData['trade_state']) : '';
+        $nofitySign = isset($notifyData['sign']) ? trim($notifyData['sign']) : '';
+        if ($tradeState != 'SUCCESS') {
+            $error = isset($notifyData['return_msg']) ? $notifyData['return_msg'] : '';
+            return ['code' => 'error', 'message' => $error];
+        }
+
+        // 验证签名
+        unset($notifyData['sign']);
+        $sign = WechatService::getPaySignV3($notifyData);
+        if ($nofitySign == $sign) {
+            echo '<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>';
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
      * 验证JSAPI回调
      * @param $notifyData
      * @return array|bool
      */
-    public static function checkJsapiNotify($notifyData, $version='v2')
+    public static function checkJsapiNotify($notifyData)
     {
         if (empty($notifyData)) {
             return ['code' => 'error', 'message' => 'parse xml error'];
         }
-        $orderNo = isset($notifyData['out_trade_no']) ? trim($notifyData['out_trade_no']) : '';
         $returnCode = isset($notifyData['return_code']) ? trim($notifyData['return_code']) : '';
         $resultCode = isset($notifyData['result_code']) ? trim($notifyData['result_code']) : '';
         $nofitySign = isset($notifyData['sign']) ? trim($notifyData['sign']) : '';
@@ -855,7 +883,7 @@ class WechatService extends BaseService
 
         // 验证签名
         unset($notifyData['sign']);
-        $sign = $version == 'v3'? WechatService::getPaySignV3($notifyData) : WechatService::getPaySign($notifyData);
+        $sign = WechatService::getPaySign($notifyData);
         if ($nofitySign == $sign) {
             echo '<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>';
             return true;