From d87d469aa35d29947758305d9c26e0016dd6e661 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E5=8D=8E=E6=B8=85?= <18691022700@163.com> Date: Wed, 24 Dec 2025 20:38:09 +0800 Subject: [PATCH] =?UTF-8?q?=E8=8B=B9=E6=9E=9C=E6=94=AF=E4=BB=98=E7=94=9F?= =?UTF-8?q?=E6=88=90=E8=AE=A2=E5=8D=95=20=E5=92=8C=E6=94=AF=E4=BB=98?= =?UTF-8?q?=E9=87=91=E9=A2=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- application/api/controller/Payment.php | 94 +++++++++++++++++++++++++- 1 file changed, 92 insertions(+), 2 deletions(-) diff --git a/application/api/controller/Payment.php b/application/api/controller/Payment.php index abedc303..96660be5 100644 --- a/application/api/controller/Payment.php +++ b/application/api/controller/Payment.php @@ -66,7 +66,6 @@ class Payment extends Controller $order_number = $this->createOrderSn(); $data['order_sn'] = $order_number; $data['money'] = $money; - $data['coin'] = $coin; $data['user_id'] = $user_id; $data['pay_type'] = $type; $data['createtime'] = time(); @@ -96,7 +95,10 @@ class Payment extends Controller $tonglian = new \TongLian(); $result['tl'] = $tonglian->TongLianPay($data, $type); }elseif($type == 6){ - $result = null; + $result = [ + 'order_no' => $order_number, + 'merchant_id' => get_system_config_value('merchant_id') + ]; }else{ return V(0, '请选择正确的支付方式', null); } @@ -339,4 +341,92 @@ class Payment extends Controller echo "fail"; } } + + //苹果回调 + public function notify_apple(){ + // 1. 接收APP端参数 + $orderNo = input('order_no', 0); + $paymentToken = $params['payment_token'] ?? ''; // APP端获取的支付凭证 + + // 2. 参数校验 + if (empty($orderNo) || empty($paymentToken)) { + return V(0, '参数缺失'); + } + + // 3. 查询订单(防止订单不存在) + $order = Db::name('vs_user_recharge')->where('order_no', $orderNo)->find(); + if (!$order) { + return V(0, '订单不存在'); + } + if ($order['pay_status'] == 2) { + return V(0, '订单已支付');// 幂等处理,防止重复回调 + } + + // 4. 调用苹果接口验证支付凭证 + $verifyResult = $this->verifyApplePayReceipt($paymentToken); + if (!$verifyResult) { + return V(0, '支付凭证验证失败'); + } + + // 2. 从苹果返回的凭证中解析实际支付金额 + $applePayAmount = $verifyResult['receipt']['in_app'][0]['price'] ?? 0; // 苹果返回的实际支付金额 + + // 3. 校验金额一致性(允许微小误差,如分位四舍五入) + if (abs($order['money'] - $applePayAmount) > 0.01) { + // 金额不一致,拒绝更新订单 + return V(0, '金额不一致'); + } + + $transaction_id = $verifyResult['receipt']['in_app'][0]['transaction_id'] ?? '';// 苹果返回的订单号 + // 5. 更新订单状态 + //成功后的业务逻辑处理 + $where['order_sn']=$orderNo; + $where['order_type']=1;//1 充值 + $where['pay_type']=6;//1微信2支付宝 3通联支付宝 4通联微信 + $where['pay_status']=1; + + $data=[ + 'trade_no' => $transaction_id + ]; + + $res = handelCharge($where,$data); + if($res==0){ + return V(0, '订单处理失败'); + } + return V(1, '支付成功'); + } + + + // 核心:调用苹果服务器验证支付凭证 + private function verifyApplePayReceipt($paymentToken) + { + // 订单创建时的金额(固定/用户输入的自由金额) + + // 1. 组装请求参数 + $postData = json_encode([ + 'receipt-data' => $paymentToken, // APP端传入的支付凭 + ]); + + // 2. 先请求生产环境,失败再试沙箱(苹果推荐逻辑) +// $url = 'https://buy.itunes.apple.com/verifyReceipt';//正式验证环境 + $url = "https://sandbox.itunes.apple.com/verifyReceipt";//沙箱测试环境 + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_POST, 1); + curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 生产环境建议开启 + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); + $result = curl_exec($ch); + curl_close($ch); + + $result = json_decode($result, true); + // 验证返回码:status=0表示验证成功 + if ($result['status'] == 0) { + return $result; + } + + return false; + } } \ No newline at end of file