php支付宝手机网页支付类实例
这篇文章主要介绍了php支付宝手机网页支付类实例,是基于Yii框架使用的支付宝接口类文件,非常具有实用价值,需要的朋友可以参考下
本文实例讲述了php支付宝手机网页支付类。分享给大家供大家参考。具体分析如下:
此处注意:
① 该类是用在Yii框架里面的,没有去掉一些框架的东西。
② 本类不能不做任何修改而使用。
1. PHP代码部分如下:
复制代码 代码如下:
namespace weixin\components;
use Yii;
/**
* 支付宝手机网页支付
*
* @example
* 创建支付请求
* $params = []; //支付宝文档中所需的全部参数
* $alipay = new Alipay();
* $alipay->key = ''; //交易安全校验码
* $this->alipay->alipay_config = $params;
* $alipay->buildRequest();
*
* 验证异步通知
* $this->alipay->key = ''; //交易安全校验码
* $this->alipay->alipay_config = $data; //支付宝异步通知参数
* $this->alipay->verifyNotify();
*
* @package Alipay
* @author Dyllen
* @since Version 0.2
*/
class Alipay {
/**
* 交易安全校验码
*
* @access public
* @var string
*/
public $key;
/**
* 请求参数配置,支付宝接口文档中所需的参数
*
* @access public
* @var array
*/
public $alipay_config=[];
/**
* HTTPS证书,用于cURL
* 默认和本类文件同级目录的cacert.pem文件
*
* @access public
* @var string
*/
public $credential;
public $notify_data = null;
/**
* 支付宝即时到账网关地址
*/
const ALIPAY_GATEWAY = 'https://mapi.alipay.com/gateway.do?';
/**
* HTTPS形式消息验证地址
*/
const HTTPS_VERIFY_URL = 'https://mapi.alipay.com/gateway.do?service=notify_verify&';
/**
* HTTP形式消息验证地址
*/
const HTTP_VERIFY_URL = 'http://notify.alipay.com/trade/notify_query.do?';
/**
* 移动网页支付网关
* @var string
*/
const ALIPAY_PAGE_GATEWAY = 'http://wappaygw.alipay.com/service/rest.htm?';
/**
* 创建支付包即时到账请求url
*
* @access public
* @return void
*/
public function buildRequest() {
$this->alipay_config['sign'] = $this->signData();
return self::ALIPAY_GATEWAY . $this->createQueryString('', true);
}
/**
* 创建支付宝手机网页支付链接
* @return string
*/
public function buildPageUrl()
{
$this->alipay_config['sign'] = $this->signData();
$url = self::ALIPAY_PAGE_GATEWAY. $this->createQueryString('');
$response = $this->getHttpResponseGET($url);
$res = $this->parseResponse(trim($response));
//重新组合支付请求参数
$this->alipay_config['service'] = 'alipay.wap.auth.authAndExecute';
$this->alipay_config['req_data'] = '
$this->alipay_config['sign'] = $this->signData();
return self::ALIPAY_PAGE_GATEWAY. $this->createQueryString('', true);
}
/**
* 验证支付宝异步通知参数合法性
*
* @access public
* @return boolean
*/
public function verifyNotify() {
$param_tmp = $this->filter(); //过滤待签名数据
if(!isset($this->alipay_config['notify_data'])) {
return false;
}
$this->notify_data = $this->xmlToArray($this->alipay_config['notify_data']);
$this->alipay_config['notify_id'] = $this->notify_data['notify_id'];
$responseTxt = 'true';
if( !empty( $this->alipay_config['notify_id'] ) ) {
$responseTxt = $this->getResponse();
}
unset($this->alipay_config['notify_id']);
$txt = 'service=';
$txt .= $this->alipay_config['service'];
$txt .= '&v='.$this->alipay_config['v'];
$txt .= '&sec_id='.$this->alipay_config['sec_id'];
$txt .= '¬ify_data='.$this->alipay_config['notify_data'];
$txt .= $this->key;
$sign = md5($txt);
if ( preg_match("/true$/i",$responseTxt) && ($sign == $this->alipay_config['sign']) ) {
return true;
} else {
return false;
}
}
/**
* 解析授权接口返回
* @param string $content 授权接口返回的文本数据
* @throws \Exception
* @return array
*/
private function parseResponse($content) {
parse_str($content, $arr);
$data = isset($arr['res_data']) ? $arr['res_data'] : $arr['res_error'];
$res_data = simplexml_load_string($data);
if(strlen($res_data->request_token) == 0 || strlen($res_data->msg) > 0) {
throw new \Exception('code:'.$res_data->code.','.$res_data->msg);
}
$arr['request_token'] = $res_data->request_token->__toString();
return $arr;
}
/**
* simpleXML对象转成数组
* @param string $xml
* @return multitype:NULL
*/
private function xmlToArray($xml)
{
$xml_obj = simplexml_load_string($xml, 'SimpleXMLIterator');
$arr = [];
$xml_obj->rewind(); //指针指向第一个元素
while (1) {
if( ! is_object($xml_obj->current()) )
{
break;
}
$arr[$xml_obj->key()] = $xml_obj->current()->__toString();
$xml_obj->next(); //指向下一个元素
}
return $arr;
}
/**
* 签名数据
* 签名规则:
* sign和sign_type不参加签名,,需要去掉
* 对参数数组依据键名按照字母顺序升序排序
* 排序完成之后键值对用&字符连接,组成URL的查询字符串形式待签名字符串,待签名数据不需用url encoding
* MD5签名:私钥拼接到待签名字符串的后面,然后用md5对字符串运算,得到32位签名结果
*
* @return string 已签名数据
*/
private function signData() {
$param_tmp = $this->getSignString(); //待签名字符串
if( !isset($this->key) ) {
return FALSE;
}
$sign = '';
//签名数据
switch ($this->alipay_config['sec_id']) {
case '001': //rsa
$sign = $this->rsaSign($param_tmp);
break;
case 'DES':
break;
default:
$sign = $this->md5Sign($param_tmp);
}
return $sign;
}
/**
* MD5加密字符串
*
* @access private
* @param string $data 待加密字符串
* @return string
*/
private function md5Sign( $data ) {
return md5($data . $this->key);
}
/**
* RSA 加密字符串
*
* @param string $data 待加密字符串
* @return string
*/
private function rsaSign( $data ) {
return false;
}
/**
* 获得待签名数据
*
* @access private
* @return string
*/
private function getSignString() {
$param_tmp = $this->filter(); //过滤待签名数据
//排序
ksort($param_tmp);
reset($param_tmp);
//创建查询字符串形式的待签名数据
return $this->createQueryString($param_tmp);
}
/**
* 过滤待签名数据,去掉sing、sing_type及空值
*
* @access private
* @return array
*/
private function filter() {
$para_filter = array();
foreach($this->alipay_config as $key => $value){
if($key == "sign" || $key == "sign_type" || empty($value)) continue;
else $para_filter[$key] = $value;
}
return $para_filter;
}
/**
* 用&拼接字符串,形成URL查询字符串
*
* @access private
* @param array $data
* @param boolean $is_encode 是否对值做urlencode
* @return string
*/
private function createQueryString($data=NULL, $is_encode=false ) {
$arr = empty($data) ? $this->alipay_config : $data;
$arg = '';
foreach( $arr as $key => $value ) {
if($is_encode) {
$key = urlencode($key);
$value = urlencode($value);
}
$arg .= $key . '=' . $value . '&';
}
$arg = substr($arg, 0, strlen($arg)-1); //去掉最后一个&
//如果存在转义字符,那么去掉转义
if(get_magic_quotes_gpc()) {$arg = stripslashes($arg);}
return $arg;
}
/**
* 获取远程服务器ATN结果,验证返回URL
*
* 验证结果集:
* invalid命令参数不对 出现这个错误,请检测返回处理中partner和key是否为空
* true 返回正确信息
* false 请检查防火墙或者是服务器阻止端口问题以及验证时间是否超过一分钟
*
* @access private
* @return 服务器ATN结果
*/
private function getResponse() {
//载入支付配置
$config = Yii::$app->params['alipay'];
$transport = strtolower(trim($config['transport']));
$partner = trim($config['partner']);
$veryfy_url = '';
if($transport == 'https') {
$veryfy_url = self::HTTPS_VERIFY_URL;
}
else {
$veryfy_url = self::HTTP_VERIFY_URL;
}
$veryfy_url = $veryfy_url."partner=" . $partner . "¬ify_id=" . $this->alipay_config['notify_id'];
$responseTxt = $this->getHttpResponseGET($veryfy_url);
return $responseTxt;
}
/**
* 取证书,用于cURL的请求
*
* @access private
* @return string 证书路径
*/
private function getCr() {
if( ! empty($this->credential) ) {
return $this->credential;
}
return __DIR__ . DIRECTORY_SEPARATOR .'cacert.pem';
}
/**
* 远程获取数据,POST模式
* 注意:
* 1.使用Crul需要修改服务器中php.ini文件的设置,找到php_curl.dll去掉前面的";"就行了
* 2.文件夹中cacert.pem是SSL证书请保证其路径有效,目前默认路径是:getcwd().'\\cacert.pem'
*
* @param $url 指定URL完整路径地址
* @param $cacert_url 指定当前工作目录绝对路径
* @param $para 请求的数据
* @param $input_charset 编码格式。默认值:空值
* return 远程输出的数据
*/
private function getHttpResponsePOST($url, $para, $input_charset = '') {
if (trim($input_charset) != '') {
$url = $url."_input_charset=".$input_charset;
}
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);//SSL证书认证
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);//严格认证
curl_setopt($curl, CURLOPT_CAINFO,$this->getCr());//证书地址
curl_setopt($curl, CURLOPT_HEADER, 0 ); // 过滤HTTP头
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);// 显示输出结果
curl_setopt($curl, CURLOPT_POST,true); // post传输数据
curl_setopt($curl, CURLOPT_POSTFIELDS,$para);// post传输数据
$responseText = curl_exec($curl);
//var_dump( curl_error($curl) );//如果执行curl过程中出现异常,可打开此开关,以便查看异常内容
curl_close($curl);
return $responseText;
}
/**
* 远程获取数据,GET模式
* 注意:
* 1.使用Crul需要修改服务器中php.ini文件的设置,找到php_curl.dll去掉前面的";"就行了
* 2.文件夹中cacert.pem是SSL证书请保证其路径有效,目前默认路径是:getcwd().'\\cacert.pem'
*
* @param $url 指定URL完整路径地址
* @param $cacert_url 指定当前工作目录绝对路径
* return 远程输出的数据
*/
private function getHttpResponseGET($url) {
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_HEADER, 0 ); // 过滤HTTP头
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);// 显示输出结果
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);//SSL证书认证
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);//严格认证
curl_setopt($curl, CURLOPT_CAINFO,$this->getCr());//证书地址
$responseText = curl_exec($curl);
//var_dump( curl_error($curl) );exit;//如果执行curl过程中出现异常,可打开此开关,以便查看异常内容
curl_close($curl);
return $responseText;
}
}
2. 使用方法:
复制代码 代码如下:
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
What are PHP magic methods (__construct, __destruct, __call, __get, __set, etc.) and provide use cases?
Apr 03, 2025 am 12:03 AM
What are the magic methods of PHP? PHP's magic methods include: 1.\_\_construct, used to initialize objects; 2.\_\_destruct, used to clean up resources; 3.\_\_call, handle non-existent method calls; 4.\_\_get, implement dynamic attribute access; 5.\_\_set, implement dynamic attribute settings. These methods are automatically called in certain situations, improving code flexibility and efficiency.
What is Cross-Site Request Forgery (CSRF) and how do you implement CSRF protection in PHP?
Apr 07, 2025 am 12:02 AM
In PHP, you can effectively prevent CSRF attacks by using unpredictable tokens. Specific methods include: 1. Generate and embed CSRF tokens in the form; 2. Verify the validity of the token when processing the request.
Explain the match expression (PHP 8 ) and how it differs from switch.
Apr 06, 2025 am 12:03 AM
In PHP8, match expressions are a new control structure that returns different results based on the value of the expression. 1) It is similar to a switch statement, but returns a value instead of an execution statement block. 2) The match expression is strictly compared (===), which improves security. 3) It avoids possible break omissions in switch statements and enhances the simplicity and readability of the code.
PHP and Python: Comparing Two Popular Programming Languages
Apr 14, 2025 am 12:13 AM
PHP and Python each have their own advantages, and choose according to project requirements. 1.PHP is suitable for web development, especially for rapid development and maintenance of websites. 2. Python is suitable for data science, machine learning and artificial intelligence, with concise syntax and suitable for beginners.
The Future of PHP: Adaptations and Innovations
Apr 11, 2025 am 12:01 AM
The future of PHP will be achieved by adapting to new technology trends and introducing innovative features: 1) Adapting to cloud computing, containerization and microservice architectures, supporting Docker and Kubernetes; 2) introducing JIT compilers and enumeration types to improve performance and data processing efficiency; 3) Continuously optimize performance and promote best practices.
The difference between H5 and mini-programs and APPs
Apr 06, 2025 am 10:42 AM
H5. The main difference between mini programs and APP is: technical architecture: H5 is based on web technology, and mini programs and APP are independent applications. Experience and functions: H5 is light and easy to use, with limited functions; mini programs are lightweight and have good interactiveness; APPs are powerful and have smooth experience. Compatibility: H5 is cross-platform compatible, applets and APPs are restricted by the platform. Development cost: H5 has low development cost, medium mini programs, and highest APP. Applicable scenarios: H5 is suitable for information display, applets are suitable for lightweight applications, and APPs are suitable for complex functions.
