查看文件: esaferesponse.php

大小: 4.81 KB

类型: application/octet-stream

<?php require_once('../Connections/BE2.php'); ?>
<? 
   // 12+6=18
   $fp = fopen("/www/vm3/guest/yipayalert.txt", "a");
   fwrite($fp,"start yipay response " .date('Y-m-d H:i:s')."\r\n");
   $a=count($_POST);
   
   $url=$_SERVER['HTTP_REFERER'];
  // $ckurl="https://gateway-test.yipay.com.tw/payment";
   $ckurl='https://gateway.yipay.com.tw/payment'; 
   fwrite($fp,"url:".$url."\r\n");
   if($a>0){	
     foreach($_POST as $key=>$value){
      // echo "$key=$value";
	   fwrite($fp,"$key=$value"."(".strlen($value).")"."\r\n");
       }  	
    }
 
   fwrite($fp,"=============================="."\r\n");

// https://gomypay.asia/manage_admin/creditpay_Reconciliation.asp
 
	  fwrite($fp,"==url ok========================="."\r\n"); 
 
	   if(isset($_POST['merchantId'])  ){
		   
	//   $returnURL='http://www.288tw.com/guest/yipayresponse.php';
	//   $cancelURL='http://www.288tw.com/guest/storedvalue.html';
	   $returnURL='https://www.zeyubio.com/guest/yipayresponse.php';
	   $cancelURL='https://www.zeyubio.com/guest/storedvalue.html';
	   
	   $merchantId='1904000019'; 
	   $e_no = $_POST['merchantId'];
	   $e_orderno = $_POST['orderNo'];
	   $str_ok = $_POST['statusCode'];  //0 代表失敗；1 代表成功
	   $str_no = $_POST['transactionNo'];  //交易編號(Gomypay 唯一值)
	   $payamount = $_POST['amount'];	 //交易金額
       $str_check = $_POST['approvalCode']; 
       $paydate=date('Y-m-d') ;//$_POST['Process_date']; 
	   $paytime=date('H:i:s'); 
	  // $mycheck=md5("1".$e_orderno.$e_no.$payamount.$str_no."50945566a");
	  
	   define('CIPHER_METHOD', 'AES-256-CBC');
	   define('KEY', 'uD8F81duOKEt31Ux0hmrqdv7e061No4GHsEEUohF7qA=');
	   define('IV', 'fBHeAnan33nBXNwJ03+WMg==');
	 //  $posturl='https://gateway.yipay.com.tw/payment';

$key = base64_decode(KEY);
      $iv = base64_decode(IV);

$param = array(
      'merchantId' => $merchantId,
      'amount' => $_POST['amount'],
      'orderNo' => $e_orderno,
      'returnURL' => $returnURL,
      'cancelURL' => $cancelURL,
	  'backgroundURL' => '',
	  'transactionNo' => $_POST['transactionNo'],
	  'statusCode' => $_POST['statusCode'],
	  'approvalCode' => $_POST['approvalCode']
      );

$data = json_encode($param, JSON_FORCE_OBJECT | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
// 加密方式 1
   $encryptedString = openssl_encrypt($data, CIPHER_METHOD, $key, 0, $iv);
   $check2=sha1($encryptedString);
	  
    //echo "check2 ==>".$check2;	  
	   fwrite($fp, "check2 ==> ".$check2."\r\n"); 
   	 
	   if($str_ok=="00" && $check2== $_POST['checkCode'] ){
		   
		
	    mysql_select_db($database_BE2, $BE2);
        $query_Rtl = sprintf("SELECT * from smilebuytmp  WHERE paycode='%s'",$e_orderno);      
	    $Rtl = mysql_query($query_Rtl, $BE2) or die(mysql_error());
        $row_Rtl = mysql_fetch_assoc($Rtl);
        $totalRows_Rtl = mysql_num_rows($Rtl);
		 if($totalRows_Rtl==1){
		   if($row_Rtl['paystate']=='1'){ 
		     echo "OK";
		     exit;  } 
		   
	  
	    mysql_select_db($database_BE2, $BE2);
	  //                                            1            2           3                 4                5   // 6         1      2           3      4        5        6  
    $updatesql=sprintf("UPDATE smilebuytmp set payval2='%s', paydate2='%s', paytime2='%s', paystate='1' WHERE paycode='%s'",$payamount,$paydate,$paytime,$e_orderno);

fwrite($fp,"WRITE SQL :".$updatesql."\r\n");
	 mysql_query($updatesql, $BE2) or die(mysql_error());
	
	 mysql_select_db($database_BE2, $BE2);
	 $query_Rt2 =sprintf("SELECT a.*,b.cash4 FROM smilebuytmp as a,nuser as b WHERE a.payid=b.id AND a.paycode='%s' ",$e_orderno);
     $Rt2 = mysql_query($query_Rt2, $BE2) or die(mysql_error());
     $row_Rt2 = mysql_fetch_assoc($Rt2);
	 
	 fwrite($fp,"SELECT smilebuytmp :".$query_Rt2."\r\n");
	 
	
	mysql_select_db($database_BE2, $BE2);
    $insert_point = sprintf("insert into mdat7(nuid,mddate,mddoc,mcash,pid,usid,mcid,xusid,mucash )VALUES('%s','%s','%s','%s','%s','%s','%s','%s','%s')",$row_Rt2['payid'],date('Y-m-d'),"線上網路充值",$payamount,$row_Rt2['pid'],1,1,1,$row_Rt2['cash4']);
    mysql_query($insert_point, $BE2) or die(mysql_error()); 
	fwrite($fp,"insert_point :".$insert_point."\r\n");
	
	mysql_free_result($Rt2);
	
   mysql_select_db($database_BE2, $BE2);   
   $update_nuser = sprintf("update nuser set cash4=cash4+%s WHERE id='%s'",$payamount,$row_Rt2['payid']);
   mysql_query($update_nuser, $BE2) or die(mysql_error()); 
	
	fwrite($fp,"update_nuser :".$query_Rt2."\r\n");  
	  echo "<script>alert('交易成功');location.href = './storedvalue_list.html';</script>";	
	
	 exit;
	   
		}
	 
	 
	   }  else {  echo "<script>alert('交易失敗');location.href = './storedvalue_list.html';</script>";	   }
	   
	   }
 
  
  fclose($fp);

//  echo "OK" ; 
?>