2025-09-23 16:43:18 +08:00
|
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
|
|
namespace app\common\controller;
|
|
|
|
|
|
|
|
|
|
|
|
use think\Db;
|
|
|
|
|
|
use app\common\util\PaymentUtil;
|
|
|
|
|
|
use think\facade\Config;
|
|
|
|
|
|
use think\facade\Env;
|
|
|
|
|
|
use think\facade\Log;
|
|
|
|
|
|
use think\facade\Request;
|
|
|
|
|
|
use app\common\model\Order;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 支付服务(内部调用)
|
|
|
|
|
|
*/
|
|
|
|
|
|
class PaymentService
|
|
|
|
|
|
{
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 下单
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param array $order
|
|
|
|
|
|
* - out_trade_no: string 商户订单号(必填)
|
|
|
|
|
|
* - total_fee: int 金额(分,必填)
|
|
|
|
|
|
* - body: string 商品描述(必填)
|
|
|
|
|
|
* - notify_url: string 异步通知地址(可覆盖配置)
|
|
|
|
|
|
* - attach: string 附加数据(可选)
|
|
|
|
|
|
* - time_expire: string 订单失效时间(可选)
|
|
|
|
|
|
* - client_ip: string 终端IP(可选)
|
|
|
|
|
|
* - sign_type: string MD5/RSA_1_256/RSA_1_1(可选,默认MD5)
|
|
|
|
|
|
* - pay_type: string 支付场景,如 JSAPI/APP/H5(可选)
|
|
|
|
|
|
* @return array
|
|
|
|
|
|
* @throws \Exception
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function createOrder(array $order)
|
|
|
|
|
|
{
|
|
|
|
|
|
$params = [
|
2025-09-24 15:03:34 +08:00
|
|
|
|
'service' => 'unified.trade.native',
|
|
|
|
|
|
'sign_type' => PaymentUtil::SIGN_TYPE_MD5,
|
|
|
|
|
|
'mch_id' => Env::get('payment.mchId'),
|
|
|
|
|
|
'out_trade_no' => $order['orderNo'],
|
|
|
|
|
|
'body' => $order['goodsName'] ?? '',
|
|
|
|
|
|
'total_fee' => $order['money'] ?? 0,
|
|
|
|
|
|
'mch_create_ip' => Request::ip(),
|
|
|
|
|
|
'notify_url' => Env::get('payment.notify_url', '127.0.0.1'),
|
|
|
|
|
|
'nonce_str' => PaymentUtil::generateNonceStr(),
|
2025-09-23 16:43:18 +08:00
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
Db::startTrans();
|
|
|
|
|
|
try {
|
|
|
|
|
|
// 过滤空值签名
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$secret = Env::get('payment.key');
|
2025-09-23 16:43:18 +08:00
|
|
|
|
$params['sign_type'] = 'MD5';
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$params['sign'] = PaymentUtil::generateSign($params, $secret, 'MD5');
|
2025-09-23 16:43:18 +08:00
|
|
|
|
|
|
|
|
|
|
$url = Env::get('payment.url');
|
|
|
|
|
|
if (empty($url)) {
|
|
|
|
|
|
throw new \Exception('支付网关地址未配置');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//创建订单
|
|
|
|
|
|
Order::create([
|
|
|
|
|
|
'mchId' => $params['mch_id'],
|
|
|
|
|
|
'companyId' => $order['companyId'],
|
|
|
|
|
|
'userId' => $order['userId'],
|
|
|
|
|
|
'orderType' => $order['orderType'] ?? 1,
|
|
|
|
|
|
'status' => 0,
|
|
|
|
|
|
'goodsId' => $order['goodsId'],
|
|
|
|
|
|
'goodsName' => $order['goodsName'],
|
|
|
|
|
|
'money' => $order['money'],
|
|
|
|
|
|
'orderNo' => $order['orderNo'],
|
|
|
|
|
|
'ip' => Request::ip(),
|
|
|
|
|
|
'nonceStr' => $params['nonce_str'],
|
|
|
|
|
|
'createTime' => time(),
|
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// XML POST 请求
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$xmlBody = $this->arrayToXml($params);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
$response = $this->postXml($url, $xmlBody);
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$parsed = $this->parseXmlOrRaw($response);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
|
|
|
|
|
|
if ($parsed['status'] == 0 && $parsed['result_code'] == 0) {
|
|
|
|
|
|
Db::commit();
|
2025-09-29 17:37:21 +08:00
|
|
|
|
return json_encode(['code' => 200, 'msg' => '订单创建成功', 'data' => $parsed['code_img_url']]);
|
2025-09-24 15:03:34 +08:00
|
|
|
|
} else {
|
2025-09-23 16:43:18 +08:00
|
|
|
|
Db::rollback();
|
2025-09-29 17:37:21 +08:00
|
|
|
|
return json_encode(['code' => 500, 'msg' => '订单创建失败:' . $parsed['err_msg']]);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
} catch (\Exception $e) {
|
|
|
|
|
|
Db::rollback();
|
2025-09-29 17:37:21 +08:00
|
|
|
|
return json_encode(['code' => 500, 'msg' => '订单创建失败:' . $e->getMessage()]);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* POST 请求(x-www-form-urlencoded)
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected function httpPost(string $url, array $params, array $headers = [])
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!function_exists('requestCurl')) {
|
|
|
|
|
|
throw new \RuntimeException('requestCurl 未定义');
|
|
|
|
|
|
}
|
|
|
|
|
|
return requestCurl($url, $params, 'POST', $headers, 'dataBuild');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 解析响应
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected function parseResponse($response)
|
|
|
|
|
|
{
|
|
|
|
|
|
if ($response === '' || $response === null) {
|
|
|
|
|
|
return '';
|
|
|
|
|
|
}
|
|
|
|
|
|
$decoded = json_decode($response, true);
|
|
|
|
|
|
if (json_last_error() === JSON_ERROR_NONE) {
|
|
|
|
|
|
return $decoded;
|
|
|
|
|
|
}
|
|
|
|
|
|
if (strpos($response, '=') !== false && strpos($response, '&') !== false) {
|
|
|
|
|
|
$arr = [];
|
|
|
|
|
|
foreach (explode('&', $response) as $pair) {
|
|
|
|
|
|
if ($pair === '') continue;
|
|
|
|
|
|
$kv = explode('=', $pair, 2);
|
|
|
|
|
|
$arr[$kv[0]] = $kv[1] ?? '';
|
|
|
|
|
|
}
|
|
|
|
|
|
return $arr;
|
|
|
|
|
|
}
|
|
|
|
|
|
return $response;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 以 XML 方式 POST(text/xml)
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected function postXml(string $url, string $xml)
|
|
|
|
|
|
{
|
|
|
|
|
|
$ch = curl_init();
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_POST, 1);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, [
|
|
|
|
|
|
'Content-Type: text/xml; charset=UTF-8'
|
|
|
|
|
|
]);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
|
|
|
|
|
|
$res = curl_exec($ch);
|
|
|
|
|
|
curl_close($ch);
|
|
|
|
|
|
return $res;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 数组转 XML(按 ASCII 升序,字符串走 CDATA)
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected function arrayToXml(array $data): string
|
|
|
|
|
|
{
|
|
|
|
|
|
// 过滤空值
|
|
|
|
|
|
$filtered = [];
|
|
|
|
|
|
foreach ($data as $k => $v) {
|
|
|
|
|
|
if ($v === '' || $v === null) continue;
|
|
|
|
|
|
$filtered[$k] = $v;
|
|
|
|
|
|
}
|
|
|
|
|
|
ksort($filtered, SORT_STRING);
|
|
|
|
|
|
|
|
|
|
|
|
$xml = '<xml>';
|
|
|
|
|
|
foreach ($filtered as $key => $value) {
|
|
|
|
|
|
if (is_numeric($value)) {
|
|
|
|
|
|
$xml .= "<{$key}>{$value}</{$key}>";
|
|
|
|
|
|
} else {
|
|
|
|
|
|
$xml .= "<{$key}><![CDATA[{$value}]]></{$key}>";
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
$xml .= '</xml>';
|
|
|
|
|
|
return $xml;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 解析 XML 响应
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected function parseXmlOrRaw($response)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (!is_string($response) || $response === '') {
|
|
|
|
|
|
return $response;
|
|
|
|
|
|
}
|
|
|
|
|
|
libxml_use_internal_errors(true);
|
|
|
|
|
|
$xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA);
|
|
|
|
|
|
if ($xml !== false) {
|
|
|
|
|
|
$json = json_encode($xml, JSON_UNESCAPED_UNICODE);
|
|
|
|
|
|
return json_decode($json, true);
|
|
|
|
|
|
}
|
|
|
|
|
|
return $response;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 支付结果异步通知
|
|
|
|
|
|
* - 威富通回调为 XML;需校验签名与业务字段并更新订单
|
|
|
|
|
|
* - 回应:成功回"success",失败回"fail"
|
|
|
|
|
|
* @return void
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function notify()
|
|
|
|
|
|
{
|
2025-09-24 15:05:50 +08:00
|
|
|
|
$rawBody = file_get_contents('php://input');
|
2025-09-23 16:43:18 +08:00
|
|
|
|
$payload = $this->parseXmlOrRaw($rawBody);
|
|
|
|
|
|
if (!is_array($payload) || empty($payload)) {
|
2025-09-24 15:03:34 +08:00
|
|
|
|
return json_encode(['code' => 500, 'msg' => 'XML解析错误']);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2025-09-24 15:03:34 +08:00
|
|
|
|
if ($payload['status'] != 0 || $payload['result_code'] != 0) {
|
|
|
|
|
|
$errMsg = (isset($payload['err_msg']) ? $payload['err_msg'] : isset($payload['err_msg'])) ? $payload['err_msg'] : '未知错误';
|
|
|
|
|
|
return json_encode(['code' => 500, 'msg' => $errMsg]);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// 业务处理:更新订单
|
|
|
|
|
|
Db::startTrans();
|
|
|
|
|
|
try {
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$outTradeNo = $payload['out_trade_no'];
|
|
|
|
|
|
$pay_result = $payload['pay_result'];
|
|
|
|
|
|
$time_end = $payload['time_end'];
|
|
|
|
|
|
$order = Order::where('orderNo', $outTradeNo)->find();
|
2025-09-23 16:43:18 +08:00
|
|
|
|
if (!$order) {
|
|
|
|
|
|
Db::rollback();
|
2025-09-24 15:03:34 +08:00
|
|
|
|
return json_encode(['code' => 500, 'msg' => '该订单不存在']);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2025-09-24 15:03:34 +08:00
|
|
|
|
if ($pay_result != 0) {
|
|
|
|
|
|
$order->payInfo = $payload['pay_info'];
|
|
|
|
|
|
$order->payType = $payload['trade_type'] == 'pay.wechat.jspay' ? 1 : 2;
|
|
|
|
|
|
$order->status = 3;
|
|
|
|
|
|
$order->save();
|
2025-09-23 16:43:18 +08:00
|
|
|
|
Db::commit();
|
2025-09-24 15:03:34 +08:00
|
|
|
|
return json_encode(['code' => 500, 'msg' => $payload['pay_info']]);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$order->status = 1;
|
|
|
|
|
|
$order->payTime = $this->parsePayTime($time_end);
|
|
|
|
|
|
$order->save();
|
2025-09-23 16:43:18 +08:00
|
|
|
|
Db::commit();
|
2025-09-24 15:03:34 +08:00
|
|
|
|
return json_encode(['code' => 200, 'msg' => '付款成功']);
|
|
|
|
|
|
} catch (\Exception $e) {
|
2025-09-23 16:43:18 +08:00
|
|
|
|
Db::rollback();
|
2025-09-24 15:03:34 +08:00
|
|
|
|
return json_encode(['code' => 500, 'msg' => '付款失败' . $e->getMessage()]);
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 解析威富通时间(yyyyMMddHHmmss)为时间戳
|
|
|
|
|
|
*/
|
|
|
|
|
|
protected function parsePayTime(string $timeEnd)
|
|
|
|
|
|
{
|
|
|
|
|
|
if ($timeEnd === '') {
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
// 期望格式:20250102153045
|
|
|
|
|
|
if (preg_match('/^\\d{14}$/', $timeEnd) !== 1) {
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
$dt = \DateTime::createFromFormat('YmdHis', $timeEnd, new \DateTimeZone('Asia/Shanghai'));
|
|
|
|
|
|
return $dt ? $dt->getTimestamp() : 0;
|
|
|
|
|
|
}
|
2025-09-24 14:09:27 +08:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* 查询订单(威富通 unified.trade.query)
|
|
|
|
|
|
* - 入参:商户订单号或平台交易号
|
|
|
|
|
|
* - 出参:统一 JSON 格式,包含交易状态与关键信息
|
|
|
|
|
|
* @param array $query
|
|
|
|
|
|
* - out_trade_no: string 商户订单号(与 transaction_id 二选一)
|
|
|
|
|
|
* - transaction_id: string 平台交易号(与 out_trade_no 二选一)
|
|
|
|
|
|
* @return \think\response\Json
|
|
|
|
|
|
*/
|
|
|
|
|
|
public function queryOrder(array $query)
|
|
|
|
|
|
{
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$outTradeNo = $query['out_trade_no'] ?? ($query['orderNo'] ?? '');
|
2025-09-24 14:09:27 +08:00
|
|
|
|
$transactionId = $query['transaction_id'] ?? '';
|
|
|
|
|
|
|
|
|
|
|
|
if ($outTradeNo === '' && $transactionId === '') {
|
|
|
|
|
|
return json(['code' => 422, 'msg' => '缺少查询参数:out_trade_no 或 transaction_id']);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$params = [
|
2025-09-24 15:03:34 +08:00
|
|
|
|
'service' => 'unified.trade.query',
|
|
|
|
|
|
'mch_id' => Env::get('payment.mchId'),
|
|
|
|
|
|
'out_trade_no' => $outTradeNo ?: null,
|
|
|
|
|
|
'nonce_str' => PaymentUtil::generateNonceStr(),
|
|
|
|
|
|
'sign_type' => 'MD5',
|
2025-09-24 14:09:27 +08:00
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
// 过滤空值后签名
|
|
|
|
|
|
$secret = Env::get('payment.key');
|
|
|
|
|
|
if (empty($secret)) {
|
|
|
|
|
|
return json(['code' => 500, 'msg' => '支付密钥未配置']);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$filtered = [];
|
|
|
|
|
|
foreach ($params as $k => $v) {
|
|
|
|
|
|
if ($v === '' || $v === null) continue;
|
|
|
|
|
|
$filtered[$k] = $v;
|
|
|
|
|
|
}
|
|
|
|
|
|
$filtered['sign'] = PaymentUtil::generateSign($filtered, $secret, $filtered['sign_type']);
|
|
|
|
|
|
|
|
|
|
|
|
$url = Env::get('payment.url');
|
|
|
|
|
|
if (empty($url)) {
|
|
|
|
|
|
return json(['code' => 500, 'msg' => '支付网关地址未配置']);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 请求网关
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$xmlBody = $this->arrayToXml($filtered);
|
2025-09-24 14:09:27 +08:00
|
|
|
|
$response = $this->postXml($url, $xmlBody);
|
2025-09-24 15:03:34 +08:00
|
|
|
|
$parsed = $this->parseXmlOrRaw($response);
|
2025-09-24 14:09:27 +08:00
|
|
|
|
|
|
|
|
|
|
if (!is_array($parsed)) {
|
|
|
|
|
|
return json(['code' => 500, 'msg' => '响应解析失败', 'data' => $response]);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (($parsed['status'] ?? '') !== '0') {
|
|
|
|
|
|
return json(['code' => 500, 'msg' => '通信失败:' . ($parsed['message'] ?? 'unknown')]);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (($parsed['result_code'] ?? '') !== '0') {
|
|
|
|
|
|
return json(['code' => 200, 'msg' => '业务失败', 'data' => [
|
|
|
|
|
|
'err_code' => $parsed['err_code'] ?? '',
|
2025-09-24 15:03:34 +08:00
|
|
|
|
'err_msg' => $parsed['err_msg'] ?? '',
|
2025-09-24 14:09:27 +08:00
|
|
|
|
]]);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$tradeState = $parsed['trade_state'] ?? '';
|
|
|
|
|
|
$resp = [
|
2025-09-24 15:03:34 +08:00
|
|
|
|
'trade_state' => $tradeState,
|
|
|
|
|
|
'trade_state_desc' => $parsed['trade_state_desc'] ?? '',
|
|
|
|
|
|
'transaction_id' => $parsed['transaction_id'] ?? '',
|
|
|
|
|
|
'out_trade_no' => $parsed['out_trade_no'] ?? $outTradeNo,
|
|
|
|
|
|
'total_fee' => isset($parsed['total_fee']) ? (int)$parsed['total_fee'] : null,
|
|
|
|
|
|
'time_end' => $parsed['time_end'] ?? '',
|
|
|
|
|
|
'buyer_logon_id' => $parsed['buyer_logon_id'] ?? '',
|
|
|
|
|
|
'bank_type' => $parsed['bank_type'] ?? '',
|
2025-09-24 14:09:27 +08:00
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
// 若已支付,同步本地订单
|
|
|
|
|
|
if ($tradeState === 'SUCCESS' && ($resp['out_trade_no'] ?? '') !== '') {
|
|
|
|
|
|
Db::startTrans();
|
|
|
|
|
|
try {
|
|
|
|
|
|
/** @var Order|null $order */
|
|
|
|
|
|
$order = Order::where('orderNo', $resp['out_trade_no'])->lock(true)->find();
|
|
|
|
|
|
if ($order) {
|
|
|
|
|
|
$paidAt = $this->parsePayTime($resp['time_end'] ?? '') ?: time();
|
|
|
|
|
|
if ((int)$order['status'] !== 1) {
|
|
|
|
|
|
$order->save([
|
2025-09-24 15:03:34 +08:00
|
|
|
|
'status' => 1,
|
2025-09-24 14:09:27 +08:00
|
|
|
|
'transactionId' => $resp['transaction_id'] ?? '',
|
2025-09-24 15:03:34 +08:00
|
|
|
|
'payTime' => $paidAt,
|
|
|
|
|
|
'updateTime' => time(),
|
2025-09-24 14:09:27 +08:00
|
|
|
|
]);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
Db::commit();
|
|
|
|
|
|
} catch (\Throwable $e) {
|
|
|
|
|
|
Db::rollback();
|
|
|
|
|
|
Log::error('[SwiftPass][query] update order exception: ' . $e->getMessage());
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return json(['code' => 200, 'msg' => '查询成功', 'data' => $resp]);
|
|
|
|
|
|
}
|
2025-09-23 16:43:18 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
