PHP server integrates Alipay APP payment
Let me share with you an example of PHP server integrating Alipay APP payment. It has a good reference value and I hope it will be helpful to everyone.
Alipay payment is divided into many scenarios. Here we only describe the integration of Alipay APP payment functions. During the process, we encountered particularly big pitfalls, so I will briefly describe the integration process and outline the problems encountered and solutions
Since the company's business is simple and only supports Alipay payment, there is no need to worry about refunds, inquiries and other additional functions. Therefore, this article only describes how the server prepares the APP to pull payment order information when using the Alipay payment interface, and the general process As follows
1. Create application and configuration
First, you need to register the application on the Ant Financial development platform (open.alipay.com). And obtain the application ID, and configure the application. The configuration here mainly involves signing a contract, generating the RSA2 public and private keys of the application, and obtaining the payment public key provided by Alipay. There are prompts in the backend of this part of the official website, which is relatively simple
2. Download the corresponding SDK
Here I am integrating the service in the PHP background, so I downloaded the PHP SDK at: https://docs.open. alipay.com/54/103419/
3. Prepare an accessible real domain name
4. Case
After the above three steps are completed, we can now configure our own business code
4.1. Payment order information when organizing APP payment
<?php
require_once (__DIR__.'/alipay-sdk-PHP-20171023143822/AopSdk.php');
class Alipay
{
/**
* 应用ID
*/
const APPID = '你的应用ID';
/**
*请填写开发者私钥去头去尾去回车,一行字符串
*/
const RSA_PRIVATE_KEY = '应用对应开发者私钥';
/**
*请填写支付宝公钥,一行字符串
*/
const ALIPAY_RSA_PUBLIC_KEY = '支付宝提供的公钥';
/**
* 支付宝服务器主动通知商户服务器里指定的页面
* @var string
*/
private $callback = "http://www.test.com/notify/alipay_notify.php";
/**
*生成APP支付订单信息
* @param string $orderId 商品订单ID
* @param string $subject 支付商品的标题
* @param string $body 支付商品描述
* @param float $pre_price 商品总支付金额
* @param int $expire 支付交易时间
* @return bool|string 返回支付宝签名后订单信息,否则返回false
*/
public function unifiedorder($orderId, $subject,$body,$pre_price,$expire){
try{
$aop = new \AopClient();
$aop->gatewayUrl = "https://openapi.alipay.com/gateway.do";
$aop->appId = self::APPID;
$aop->rsaPrivateKey = self::RSA_PRIVATE_KEY;
$aop->format = "json";
$aop->charset = "UTF-8";
$aop->signType = "RSA2";
$aop->alipayrsaPublicKey = self::ALIPAY_RSA_PUBLIC_KEY;
//实例化具体API对应的request类,类名称和接口名称对应,当前调用接口名称:alipay.trade.app.pay
$request = new \AlipayTradeAppPayRequest();
//SDK已经封装掉了公共参数,这里只需要传入业务参数
$bizcontent = "{\"body\":\"{$body}\"," //支付商品描述
. "\"subject\":\"{$subject}\"," //支付商品的标题
. "\"out_trade_no\":\"{$orderId}\"," //商户网站唯一订单号
. "\"timeout_express\":\"{$expire}m\"," //该笔订单允许的最晚付款时间,逾期将关闭交易
. "\"total_amount\":\"{$pre_price}\"," //订单总金额,单位为元,精确到小数点后两位,取值范围[0.01,100000000]
. "\"product_code\":\"QUICK_MSECURITY_PAY\""
. "}";
$request->setNotifyUrl($this->callback);
$request->setBizContent($bizcontent);
//这里和普通的接口调用不同,使用的是sdkExecute
$response = $aop->sdkExecute($request);
//htmlspecialchars是为了输出到页面时防止被浏览器将关键参数html转义,实际打印到日志以及http传输不会有这个问题
return htmlspecialchars($response);//就是orderString 可以直接给客户端请求,无需再做处理。
}catch (\Exception $e){
return false;
}
}
}4.2. Asynchronous callback processing after successful Alipay payment
<?php
/**
* alipay_notify.php.
* User: lvfk
* Date: 2017/10/26 0026
* Time: 13:48
* Desc: 支付宝支付成功异步通知
*/
include_once (__DIR__.'/../alipay-sdk-PHP-20171023143822/AopSdk.php');
//验证签名
$aop = new \AopClient();
$aop->alipayrsaPublicKey = \Comm\Pay\Alipay::ALIPAY_RSA_PUBLIC_KEY;
$flag = $aop->rsaCheckV1($_POST, NULL, "RSA2");
//验签
if($flag){
//处理业务,并从$_POST中提取需要的参数内容
if($_POST['trade_status'] == 'TRADE_SUCCESS'
|| $_POST['trade_status'] == 'TRADE_FINISHED'){//处理交易完成或者支付成功的通知
//获取订单号
$orderId = $_POST['out_trade_no'];
//交易号
$trade_no = $_POST['trade_no'];
//订单支付时间
$gmt_payment = $_POST['gmt_payment'];
//转换为时间戳
$gtime = strtotime($gmt_payment);
//此处编写回调处理逻辑
//处理成功一定要返回 success 这7个字符组成的字符串,
//die('success');//响应success表示业务处理成功,告知支付宝无需在异步通知
}
}5. Problems encountered
5.1. Error 40001=>isv.invalid-signature
In order to find out the reason, I regenerated the application's RSA2 public and private keys several times and found that the No effect. Finally, combined with online information, I discovered that turned out to be the Alipay callback address notifyUrl cannot have '?' and add parameters after ?
##5.2, Alipay asynchronous notification It succeeded, but $_POST was empty
It also took a while to find this. When I started doing it, I followed Alipay's suggestion and used HTTS to request it. But in this way, the application background keeps notifying that there is no parameter content. Finally, I remembered that because our application uses HTTS two-way authentication, the parameters of Alipay's server callback are empty. Finally, change the callback address to HTTP and verify that it passes . If you encounter problems, first check Alipay's document description and the error code explanation provided by Alipay. If it doesn't work, use Baidu or Google, plus you continue to After testing and verification, the problem will definitely be solved in the endAt this point, the payment function of Alipay APP has been completed, and other APP refund, statement and other functions have not been continued. However, according to the official website documents of Alipay and the SDK provided by Alipay , it is only a matter of time before it is integrated into your own application. The above is the entire content of this article. Thank you everyone for reading. Please pay attention to the PHP Chinese website for more content!thinkPHP transaction details query function
The above is the detailed content of PHP server integrates Alipay APP payment. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Alipay PHP SDK transfer error: How to solve the problem of 'Cannot declare class SignData'?
Apr 01, 2025 am 07:21 AM
Alipay PHP...
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
How does session hijacking work and how can you mitigate it in PHP?
Apr 06, 2025 am 12:02 AM
Session hijacking can be achieved through the following steps: 1. Obtain the session ID, 2. Use the session ID, 3. Keep the session active. The methods to prevent session hijacking in PHP include: 1. Use the session_regenerate_id() function to regenerate the session ID, 2. Store session data through the database, 3. Ensure that all session data is transmitted through HTTPS.
Describe the SOLID principles and how they apply to PHP development.
Apr 03, 2025 am 12:04 AM
The application of SOLID principle in PHP development includes: 1. Single responsibility principle (SRP): Each class is responsible for only one function. 2. Open and close principle (OCP): Changes are achieved through extension rather than modification. 3. Lisch's Substitution Principle (LSP): Subclasses can replace base classes without affecting program accuracy. 4. Interface isolation principle (ISP): Use fine-grained interfaces to avoid dependencies and unused methods. 5. Dependency inversion principle (DIP): High and low-level modules rely on abstraction and are implemented through dependency injection.
What are Enumerations (Enums) in PHP 8.1?
Apr 03, 2025 am 12:05 AM
The enumeration function in PHP8.1 enhances the clarity and type safety of the code by defining named constants. 1) Enumerations can be integers, strings or objects, improving code readability and type safety. 2) Enumeration is based on class and supports object-oriented features such as traversal and reflection. 3) Enumeration can be used for comparison and assignment to ensure type safety. 4) Enumeration supports adding methods to implement complex logic. 5) Strict type checking and error handling can avoid common errors. 6) Enumeration reduces magic value and improves maintainability, but pay attention to performance optimization.
How to debug CLI mode in PHPStorm?
Apr 01, 2025 pm 02:57 PM
How to debug CLI mode in PHPStorm? When developing with PHPStorm, sometimes we need to debug PHP in command line interface (CLI) mode...
How to automatically set permissions of unixsocket after system restart?
Mar 31, 2025 pm 11:54 PM
How to automatically set the permissions of unixsocket after the system restarts. Every time the system restarts, we need to execute the following command to modify the permissions of unixsocket: sudo...
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
