This article mainly introduces the PHP Alipay online payment interface development tutorial in detail, which has certain reference value. Interested friends can refer to it
1. What is a third party? Payment
The so-called third-party payment is a transaction support platform provided by some third-party independent institutions that have signed contracts with major banks and have certain strength and credibility guarantees. In transactions through a third-party payment platform, after the buyer purchases the goods, he uses the account provided by the third-party platform to pay for the goods, and the third party notifies the seller of the arrival of the payment.
Currently there are many institutions that provide third-party payment. Common ones include Alipay, Tenpay, Kuaiqian, Online Banking, Yibao Pay, Yunwang and other major payment platforms. If a website needs to implement third-party payment, it should first apply for an account with the third-party payment platform and sign an agreement. After the agreement takes effect, the third-party payment platform will enable online payment functions and integrate the interface into the website through a program.
Why use third-party payment? Because the third-party payment platform has signed contracts with major banks, website owners only need to apply for an account on this platform to support almost all types of bank card and credit card transactions.
2. Third-party payment principle
The above briefly explains the payment process, of course, it omits For some steps (such as shopping cart, order, etc.), we focus on the payment process.
2.1 The user initiates a request to confirm the order to the mall website
2.2 The mall website receives the request and saves the order data to the database or other storage media
2.3 Returns to the order confirmation page, page The order amount and other information should be displayed
2.4 The user confirms the payment and initiates a payment request. Note: The payment request is sent to the payment gateway (such as Alipay, online banking) rather than to the mall website.
2.5 Display the payment page
2.6 The user fills in the authentication information (account password, etc.) and submits
2.7 There are two steps here. One is to jump to the payment page after the deduction is successful. The results page (displayed to the user), and the other is the payment notification. These two steps may be executed at the same time in no particular order. After receiving the payment notification, the mall website verifies the validity of the information according to the verification rules and makes corresponding changes (for example: valid If the order is changed to paid status, if it is invalid, illegal request information will be recorded).
Take Alipay as an example: If you want to integrate the Alipay interface into your website, you must first have an Alipay account, then apply for online payment business with Alipay and sign an agreement. After the agreement comes into effect, Alipay will give the website a partner ID and security verification code. With these two things, you can develop the Alipay interface according to the Alipay interface document. There are only 4 and 7 in the steps above. Each step involves information exchange between the mall and the payment gateway. In step 4, it means sending the data to the payment gateway (Alipay). In step 7, it is the notification verification part. The verification gateway requests a certain address of the website. The website verifies the information according to the verification rules, records and responds. We are developing almost any payment When it comes to the interface, the focus is on the development of these two parts. If you understand the principles of the payment interface, it will not be difficult to develop the payment interface.
3. Alipay interface development
3.1 Interface introduction and testing
Alipay currently provides guaranteed transactions, standard instant payment, dual functions, etc. There are several interfaces, but there are some differences in functions. The website integration methods are the same. Taking the standard instant account interface as an example, after signing an agreement with Alipay, several steps are needed to complete the integration.
Select the link you will see next under "I want self-service integration" and click to download the technical documentation.
In the downloaded file, there are standard Alipay transaction service interfaces, merchant tools, interface integration guides and other interface documents, as well as demos written in several languages. We can develop new products according to the rules of the interface documents, or It can be modified and integrated into the website based on the demo. It should be noted that the payment interface needs to be developed on the public network (the server must be accessible through the external network) to complete the entire debugging process. If the server cannot be accessed from the external network, the payment cannot be received. notify.
Take a look at the function of each file in the demo:
It has been downloaded here (see the pay folder in the resource directory). Modifications have been added to facilitate debugging. We have created several files and added a data table to save the order information. We modify the configuration file to complete a test process.
alipay_config.php is the basic information configuration file. We need to write the PID and Key obtained in the Alipay backend into the configuration file.
Configuration items:
The data in the box is what we need to focus on modifying. The difference between the payment notification address and the return address has been mentioned before. There are two items in step 7: the payment result page and the payment notification information. The payment result page will automatically jump to this address after the user completes the payment. Here is the return address ( $return_url).
The payment notification address is also the same. After the user completes the payment, Alipay will request the address ($notify_url), but the payment notification is directly requested by the Alipay server and will not be seen by the user. . These two addresses must be in the full path format starting with http. In order to complete the testing process, /pay/alipay/notify_url.php has been rewritten here, and $notify_url is set to the URL that can access this file. After these items are configured, a data table is created according to the database script (pay/orders.sql). And modify mysql_config.php according to the configuration information of the database. By simply modifying the demo provided by Alipay, you can complete the creation of the payment request (step 4). Here, the payment home page and other pages are changed (see the pay directory of the source code package). Let’s test it first:
An “order information” has been added to the database.
If you click the “Confirm Payment” button or the Confirm Payment link will jump Go to the Alipay page and submit the information to the payment gateway through form POST when clicking the button. Since the payment request data does not need to be seen by the user, it is written in the hidden field. The payment confirmation link is passed through the URL. Because the Alipay interface allows submission in POST or GET, both methods are acceptable. After submitting the parameters to the payment gateway, the page jumps to the payment page. We see the picture below:
We see that Alipay provides us with two payment methods, one is through Alipay account, the other is through bank Card payment. For example, if you choose to pay with a bank card, fill in your email or mobile phone number to jump to the following page:
Our billing Alipay supports almost all bank card payments, including credit cards and outlets. To pay, select the corresponding bank and follow the prompts to make the payment. After the payment is completed, the page will return to the $return_url address we configured in the configuration file, and the "order status" will also change.
Note: If there is no external network test during the test (that is, the payment notification address cannot be accessed from the external network), the payment notification cannot be requested and the order status cannot be automatically modified.
3.2 Alipay interface specification and code analysis
For Alipay interface specification, please refer to /pay/doc/Standard Alipay Transaction Service Interface (dedicated to anti-phishing websites). Pdf, which already has relatively detailed instructions.
3.2.1 How to create a payment request
In the previous test, we clicked "Confirm Payment" to submit the information to Alipay's payment gateway. We can think about what parameters should be sent. to the payment gateway. For the request parameter list, please refer to the standard Alipay transaction service interface (dedicated to anti-phishing websites). 3.2.2 in the Pdf. It should be noted that we do not just need to submit these parameters to Alipay intact. In order to ensure data security, Alipay currently uses the MD5 signature to prevent data tampering.
Before submitting the data, you need to assemble the data to be submitted into a string according to certain rules (see the interface document), add the security check code (Key) to form a new string, and generate a 32-word string through MD5 section's signature. When we submit a payment request, we also need to submit this signature. Take a look at the form source code
After receiving the parameters, Alipay will verify the legitimacy of the request parameters. After verification, the payment page will be displayed, otherwise an error will be prompted.
3.2.2 How to verify payment notification
After the user’s payment is completed, Alipay will request the website’s payment notification address (this address should be passed as a parameter when creating the payment request). For the return parameter list, please refer to the standard Alipay transaction service interface (dedicated to anti-phishing websites). Pdf3.3.1. There is also a signature string in the return data of Alipay (using the same signature method as the payment request). In the payment notification file, the data must first be signed and verified. In addition to verifying the signature, the notify_id in the parameter also needs to be submitted to Alipay's verification gateway Alipay system to verify the authenticity of the notification and notify verification. The Alipay system determines whether the notification is sent by itself. If it is in string format, it returns true, otherwise it returns false. We verify the authenticity of the request by verifying the data returned by the server. If both are verified, we can change the order data and send emails to the user. Notifications and other operations. Regarding verifying signatures, you can take a look at the source code in the notification file. In the demo, the notify_id in the parameter is submitted to Alipay through POST and the return data is obtained. Code snippet:
The focus here is the fsockopen function, when sending an email We have already been exposed to opening a socket connection through this function. Similar to the fopen function we learned before, it returns a file handle, and then you can use the file functions (fgets(), fgetss(), fputs(), fclose() feof(), etc.) to operate it, the code uses the fputs() (same as fwrite()) function to write data to simulate the form submission of data in POST mode, and finally obtain the returned data through the fgets() function and save it to an array , and finally perform verification, please refer to the source code for details.
Summary: The above is the entire content of this article, I hope it will be helpful to everyone's study.
Related recommendations:
How to implement masking keywords in PHP
Customized array sorting function and sorting implemented in PHP Class methods
Custom array sorting function implemented in PHP and methods of sorting class
The above is the detailed content of Detailed explanation of php implementation of Alipay online payment interface development. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
