<?php
header(&#39;Content-type:text/html; Charset=utf-8&#39;);
ini_set(&#39;date.timezone&#39;,&#39;Asia/Shanghai&#39;);
$data_s = file_get_contents(&#39;php://input&#39;);
$data_s = json_decode($data_s,true);
//统一下单
function wechartAddOrder($name,$ordernumber,$money,$openid,$timeStamp,$noncestr){
    $url = "https://api.mch.weixin.qq.com/v3/pay/transactions/jsapi";
    $urlarr = parse_url($url);
    $appid = &#39;小程序APPID&#39;;//appID
    $mchid = &#39;微信支付商户ID&#39;;//商户ID
    $xlid = &#39;微信支付公钥序列号&#39;;//秘钥序列号 可在这个网址中查询 https://myssl.com/cert_decode.html
    $data = array();
    $time = $timeStamp;
    $data[&#39;appid&#39;] = $appid;
    $data[&#39;mchid&#39;] = $mchid;
    $data[&#39;description&#39;] = $name;//商品描述
    $data[&#39;out_trade_no&#39;] = $ordernumber;//订单编号
    $data[&#39;notify_url&#39;] = "你的域名/你的支付目录路径/notify.php";//回调接口 需根据自己的情况修改
    $data[&#39;amount&#39;][&#39;total&#39;] = intval($money * 1);//金额 单位 分
    $data[&#39;payer&#39;][&#39;openid&#39;] = $openid;//用户openID
    $data = json_encode($data); 
    $key = getSign($data,$urlarr[&#39;path&#39;],$noncestr,$time);//签名
    $token = sprintf(&#39;mchid="%s",serial_no="%s",nonce_str="%s",timestamp="%d",signature="%s"&#39;,$mchid,$xlid,$noncestr,$time,$key);//头部信息

    $header  = array(
        &#39;Content-Type:&#39;.&#39;application/json; charset=UTF-8&#39;,
        &#39;Accept:application/json&#39;,
        &#39;User-Agent:*/*&#39;,
        &#39;Authorization: WECHATPAY2-SHA256-RSA2048 &#39;.$token
    );  
    $ret = curl_post_https($url,$data,$header);
    $ret = ltrim($ret,&#39;{"prepay_id":"&#39;);
    $ret = rtrim($ret,&#39;}"&#39;);
    //微信支付（小程序）签名
    $str = getWechartSign($appid,$timeStamp,$noncestr,&#39;prepay_id=&#39;.$ret);
    $arr = array(&#39;appid&#39;=>$appid,&#39;timestamp&#39;=>$timeStamp,&#39;package&#39;=>&#39;prepay_id=&#39;.$ret,&#39;paySign&#39;=>$str);
    exit(json_encode($arr));
}
$set_body = &#39;支付测试&#39;;//支付显示内容
$price = &#39;1&#39;;//支付金额
$out_trade_no = $data_s[&#39;out_trade_no&#39;];//订单号
$timeStamp = $data_s[&#39;timeStamp&#39;];//时间戳
$openid = $data_s[&#39;openid&#39;];
$noncestr = $data_s[&#39;nonceStr&#39;];

wechartAddOrder($set_body,$out_trade_no,$price,$openid,$timeStamp,$noncestr);


//微信支付签名
function getSign($data=array(),$url,$randstr,$time){
    $str = "POST"."\n".$url."\n".$time."\n".$randstr."\n".$data."\n";
    $key = file_get_contents(&#39;apiclient_key.pem&#39;);//在商户平台下载的秘钥
    $str = getSha256WithRSA($str,$key);
    return $str;
}

//调起支付的签名
function getWechartSign($appid,$timeStamp,$noncestr,$prepay_id){
    $str = $appid."\n".$timeStamp."\n".$noncestr."\n".$prepay_id."\n";
    $key = file_get_contents(&#39;apiclient_key.pem&#39;);
    $str = getSha256WithRSA($str,$key);
    return $str;
}

function getSha256WithRSA($content, $privateKey){
    $binary_signature = "";
    $algo = "SHA256";
    openssl_sign($content, $binary_signature, $privateKey, $algo);
    $sign = base64_encode($binary_signature);
    return $sign;
}

/* PHP CURL HTTPS POST */
function curl_post_https($url,$data,$header){ // 模拟提交数据函数
    $curl = curl_init(); // 启动一个CURL会话
    curl_setopt($curl, CURLOPT_URL, $url); // 要访问的地址
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); // 对认证证书来源的检查
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1); // 从证书中检查SSL加密算法是否存在
    curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER[&#39;HTTP_USER_AGENT&#39;]); // 模拟用户使用的浏览器
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); // 使用自动跳转
    curl_setopt($curl, CURLOPT_AUTOREFERER, 1); // 自动设置Referer
    curl_setopt($curl, CURLOPT_POST, 1); // 发送一个常规的Post请求
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data); // Post提交的数据包
    curl_setopt($curl, CURLOPT_TIMEOUT, 30); // 设置超时限制防止死循环
    curl_setopt($curl, CURLOPT_HEADER, 0); // 显示返回的Header区域内容
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); // 获取的信息以文件流的形式返回

    curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
    $tmpInfo = curl_exec($curl); // 执行操作
    if (curl_errno($curl)) {
        echo &#39;Errno&#39;.curl_error($curl);//捕抓异常
    }
    curl_close($curl); // 关闭CURL会话
    return $tmpInfo; // 返回数据，json格式
}

header('Content-type:text/html; Charset=utf-8');
ini_set('date.timezone','Asia/Shanghai');
$data_s = file_get_contents('php://input');
$data_s = json_decode($data_s,true);
if(empty($data_s['out_trade_no'])){
    exit;
}

$out_trade_no = $data_s['out_trade_no'];//订单号
$merchant_id = '商户ID';//商户ID
$mch_private_key = file_get_contents('apiclient_key.pem');//在商户平台下载的秘钥
$xlid = '微信支付公钥序列号';//秘钥序列号 可在这个网址中查询 https://myssl.com/cert_decode.html

$url = 'https://api.mch.weixin.qq.com/v3/pay/transactions/out-trade-no/'.$out_trade_no.'?mchid='.$merchant_id;
$url_parts = parse_url($url);
$http_method = 'GET';
$timestamp = time();
$nonce = md5(time().$out_trade_no);
$body = '';
$canonical_url = ($url_parts['path'] . (!empty($url_parts['query']) ? "?${url_parts['query']}" : ""));
$message =  $http_method."\n".
            $canonical_url."\n".
            $timestamp."\n".
            $nonce."\n".
            $body."\n";
openssl_sign($message, $raw_sign, $mch_private_key, 'sha256WithRSAEncryption');
$sign = base64_encode($raw_sign);

$schema = 'WECHATPAY2-SHA256-RSA2048';
$token = sprintf('mchid="%s",nonce_str="%s",timestamp="%d",serial_no="%s",signature="%s"',$merchant_id, $nonce, $timestamp, $xlid, $sign);
$header  = array(
    'Content-Type:'.'application/json; charset=UTF-8',
    'Accept:application/json',
    'User-Agent:*/*',
    'Authorization: WECHATPAY2-SHA256-RSA2048 '.$token
);  
$ret = curl_get_https($url,$data,$header);

$return_out_trade_no = get_between($ret,'"out_trade_no":"','","payer"');
$return_trade_state = get_between($ret,'trade_state":"','","trade_state_desc"');


$arr = array('type'=>'success','trade_state'=>$return_trade_state,'out_trade_no'=>$return_out_trade_no);
exit(json_encode($arr));

/*
 * php截取指定两个字符之间字符串
 * */
function get_between($input, $start, $end) {
 $substr = substr($input, strlen($start)+strpos($input, $start),(strlen($input) - strpos($input, $end))*(-1));
 return $substr;
}

/* PHP CURL HTTPS GET */
function curl_get_https($url,$data,$header){ // 模拟提交数据函数
    $curl = curl_init(); // 启动一个CURL会话
    curl_setopt($curl, CURLOPT_URL, $url); // 要访问的地址
    curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); // 使用自动跳转
    curl_setopt($curl, CURLOPT_AUTOREFERER, 1); // 自动设置Referer
    curl_setopt($curl, CURLOPT_TIMEOUT, 30); // 设置超时限制防止死循环
    curl_setopt($curl, CURLOPT_HEADER, 0); // 显示返回的Header区域内容
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); // 获取的信息以文件流的形式返回
    curl_setopt($curl, CURLOPT_HTTPHEADER, $header);// 头部信息
    $tmpInfo = curl_exec($curl); // 执行操作
    if (curl_errno($curl)) {
        echo 'Errno'.curl_error($curl);//捕抓异常
    }
    curl_close($curl); // 关闭CURL会话
    return $tmpInfo; // 返回数据，json格式
}