该示例用于接收支付宝快捷支付notify回调,已经测试。
<?php <br />
class AlipayAction extends Action {<br>
<br>
public function callback() {<br>
//得到签名<br>
$sign = urldecode($_POST['sign']);<br>
//得到待签名字符串<br>
$content = urldecode($_POST['content']);<br>
//验签数据<br>
$isVerify = $this->verify($content, $sign);<br>
//判断验签<br>
if ($isVerify) {<br>
//验签通过<br>
echo '2';<br>
} else {<br>
//验签失败<br>
echo '1';<br>
}<br>
}<br>
<br>
public function notify() {<br>
//获取notify_data,不需要解密,是明文的格式,注意不要用I()获取notify_data,避免字符被过滤<br>
$notify_data = $_POST['notify_data'];<br>
<br>
//获取sign签名<br>
$sign = I('sign');<br>
<br>
//验证签名,需要添加notify_data=<br>
$isVerify = $this->verify('notify_data='.$notify_data, $sign);<br>
//如果验签没有通过<br>
if (!$isVerify) {<br>
echo 'fail';<br>
return;<br>
} else {<br>
echo 'true';<br>
}<br>
<br>
//获取交易状态<br>
$trade_status = $this->getDataForXML($notify_data, '/notify/trade_status');<br>
//判断交易是否完成<br>
if ($trade_status == 'TRADE_FINISHED') {<br>
$out_trade_no = $this->getDataForXML($notify_data, '/notify/out_trade_no');<br>
$m['oid'] = (string) $out_trade_no;<br>
// 订单状态改成已付款,以下为示例数据库操作<br>
D('Order')->where($m)->setField('buy', 1);<br>
echo 'success';<br>
} else {<br>
echo 'fail';<br>
}<br>
}<br>
<br>
<br>
/**RSA签名<br>
* $data待签名数据<br>
* 签名用商户私钥,必须是没有经过pkcs8转换的私钥<br>
* 最后的签名,需要用base64编码<br>
* return Sign签名<br>
*/<br>
protected function sign($data) {<br>
//读取私钥文件,注意此处改成你的正确文件路径<br>
$priKey = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/app/Conf/AliKey/rsa_private_key.pem');<br>
//转换为openssl密钥,必须是没有经过pkcs8转换的私钥<br>
$res = openssl_get_privatekey($priKey);<br>
//调用openssl内置签名方法,生成签名$sign<br>
$sign = '';<br>
openssl_sign($data, $sign, $res);<br>
//释放资源<br>
openssl_free_key($res);<br>
//base64编码<br>
$sign = base64_encode($sign);<br>
return $sign;<br>
}<br>
<br>
/**RSA验签<br>
* $data待签名数据<br>
* $sign需要验签的签名<br>
* 验签用支付宝公钥<br>
* return 验签是否通过 bool值<br>
*/<br>
protected function verify($data, $sign) {<br>
//读取支付宝公钥文件,注意此处改成你的正确文件路径<br>
$pubKey = file_get_contents($_SERVER['DOCUMENT_ROOT'] . '/app/Conf/AliKey/alipay_public_key.pem');<br>
//转换为openssl格式密钥<br>
$res = openssl_get_publickey($pubKey);<br>
<br>
//调用openssl内置方法验签,返回bool值<br>
$r = openssl_verify($data, base64_decode($sign), $res);<br>
debug('openssl_verify=' . $r);<br>
$result = (bool) openssl_verify($data, base64_decode($sign), $res);<br>
//释放资源<br>
openssl_free_key($res);<br>
//返回资源是否成功<br>
return $result;<br>
}<br>
<br>
/**通过节点路径返回字符串的某个节点值<br>
* $res_data——XML 格式字符串<br>
* 返回节点参数<br>
*/<br>
protected function getDataForXML($res_data, $node) {<br>
$xml = simplexml_load_string($res_data);<br>
$result = $xml->xpath($node);<br>
<br>
while (list (, $node) = each($result)) {<br>
return $node;<br>
}<br>
}<br>
<br>
}
AD:真正免费,域名+虚机+企业邮箱=0元
How to create a web page in python
What are the Python artificial intelligence frameworks?
Introduction to parametric modeling software
The difference between scratch and python
What should I do if the Chinese restart setting of vscode does not take effect?
Virtual currency trading platform
How to solve Java stack overflow exception
How to share printer in win10
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
