简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW) 日本語(JA) 한국어(KO) Melayu(MS) Français(FR) Deutsch(DE)
Home > Backend Development > PHP Tutorial > body text

How to perform signature verification on the content of WeChat payment result notification?

WBOY
Release: 2016-09-11 11:34:05
Original
2645 people have browsed it

How to perform signature verification on the content of WeChat payment result notification?

I have received the data returned by Tencent, but I need to verify the signature to ensure that the data has not been tampered with, and then do the corresponding logical processing.
How is this signature verification done?
What are the parameters for signing?
How to fill in the parameter name and parameter value?

This is my signature code: 

<code> ///验证签名
         $wx_sign = array();//微信给返回的数据加入一个数组做签名
         $wx_sign['appid']          = $wxdata['appid'];
         $wx_sign['bank_type']      = $wxdata['bank_type'];
         $wx_sign['cash_fee']       = $wxdata['cash_fee'];
         $wx_sign['fee_type']       = $wxdata['fee_type'];
         $wx_sign['is_subscribe']   = $wxdata['is_subscribe'];
         $wx_sign['mch_id']         = $wxdata['mch_id'];
         $wx_sign['nonce_str']      = $wxdata['nonce_str'];
         $wx_sign['openid']         = $wxdata['openid'];
         $wx_sign['out_trade_no']   = $wxdata['out_trade_no'];
         $wx_sign['result_code']    = $wxdata['result_code'];
         $wx_sign['return_code']    = $wxdata['return_code'];
         $wx_sign['time_end']       = $wxdata['time_end'];
         $wx_sign['total_fee']      = $wxdata['total_fee'];
         $wx_sign['trade_type']     = $wxdata['trade_type'];
         $wx_sign['transaction_id'] = $wxdata['transaction_id'];
         
         $wx_sign_all = $this->wechatAppPay->MakeSign($wx_sign);//调用签名函数</code>
Copy after login
Copy after login

My signature function: 

<code>    /**
 * 生成签名
 *  @return 签名
 */
public function MakeSign( $params ){
    //签名步骤一:按字典序排序数组参数
    ksort($params);
    $string = $this->ToUrlParams($params);
    //签名步骤二:在string后加入KEY
    $string = $string . "&key=".$this->key;
    //签名步骤三:MD5加密
    $string = md5($string);
    //签名步骤四:所有字符转为大写
    $result = strtoupper($string);
    return $result;
}
</code>
Copy after login
Copy after login

The value of $wx_sign_all is different from the returned sign value!
Is the signature verification done by comparing the self-generated sign with the returned sign?

////////////////////////////The problem has been solved//////////////////// ///

I accidentally wrote a wrong value

Reply content:

How to perform signature verification on the content of WeChat payment result notification?

I have received the data returned by Tencent, but I need to verify the signature to ensure that the data has not been tampered with, and then do the corresponding logical processing.
How is this signature verification done?
What are the parameters for signing?
How to fill in the parameter name and parameter value?

This is my signature code: 

<code> ///验证签名
         $wx_sign = array();//微信给返回的数据加入一个数组做签名
         $wx_sign['appid']          = $wxdata['appid'];
         $wx_sign['bank_type']      = $wxdata['bank_type'];
         $wx_sign['cash_fee']       = $wxdata['cash_fee'];
         $wx_sign['fee_type']       = $wxdata['fee_type'];
         $wx_sign['is_subscribe']   = $wxdata['is_subscribe'];
         $wx_sign['mch_id']         = $wxdata['mch_id'];
         $wx_sign['nonce_str']      = $wxdata['nonce_str'];
         $wx_sign['openid']         = $wxdata['openid'];
         $wx_sign['out_trade_no']   = $wxdata['out_trade_no'];
         $wx_sign['result_code']    = $wxdata['result_code'];
         $wx_sign['return_code']    = $wxdata['return_code'];
         $wx_sign['time_end']       = $wxdata['time_end'];
         $wx_sign['total_fee']      = $wxdata['total_fee'];
         $wx_sign['trade_type']     = $wxdata['trade_type'];
         $wx_sign['transaction_id'] = $wxdata['transaction_id'];
         
         $wx_sign_all = $this->wechatAppPay->MakeSign($wx_sign);//调用签名函数</code>
Copy after login
Copy after login

My signature function: 

<code>    /**
 * 生成签名
 *  @return 签名
 */
public function MakeSign( $params ){
    //签名步骤一:按字典序排序数组参数
    ksort($params);
    $string = $this->ToUrlParams($params);
    //签名步骤二:在string后加入KEY
    $string = $string . "&key=".$this->key;
    //签名步骤三:MD5加密
    $string = md5($string);
    //签名步骤四:所有字符转为大写
    $result = strtoupper($string);
    return $result;
}
</code>
Copy after login
Copy after login

The value of $wx_sign_all is different from the returned sign value!
Is the signature verification done by comparing the self-generated sign with the returned sign?

////////////////////////////The problem has been solved//////////////////// ///

I accidentally wrote a wrong value

<code>$wx_sign['sign']           = $wxdata['sign'];
$wx_sign_all = $this->wechatAppPay->MakeSign($wx_sign);//调用签名函数</code>
Copy after login

Here we will add sign to the signature string. sign should not participate in the signature.

Related labels:
java php WeChat WeChat Pay
source:php.cn
Previous article:Why do many people like to use wordpress to build websites? Next article:After magento is installed normally, attributes cannot be added.
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Latest Issues
Where should I place CustomLog directive in apache I'm using php:7.2-apachedocker. I need to disable health check url login access log. Based...
From 2024-04-06 22:03:59
0
1
990
The query and formula form the entire table, with new columns, where the new columns are formulas involving other conditional column values EDIT: The formula should be the "value" column - the "value" column wi...
From 2024-04-06 21:23:40
0
2
530
What are the best practices for displaying version information in web applications? I'm developing a web application. What are the best practices for displaying version infor...
From 2024-04-06 19:13:16
0
2
476
Trouble getting specific statistics (Stats) from PokeAPI using Axios and Node.js I have a problem, I'm trying to use the PokemonAPI, but when I try to access the attack, H...
From 2024-04-06 18:46:35
0
1
464
How do I get my image to appear on the page's main display? What I want to do is receive some photos using NASAAPI. These photos are then displayed on...
From 2024-04-06 15:33:12
0
1
433
Related Topics
More>
Popular Recommendations
Popular Tutorials
More>
Related Tutorials
Popular Recommendations
Latest courses
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!