2020.02新版

plugins/jdpay/config.ini

@@ -0,0 +1,21 @@
+[config]
+;支付插件英文名称，需和目录名称一致，不能有重复
+name = "jdpay"
+
+;支付插件显示名称
+showname = "京东支付"
+
+;支付插件作者
+author = "京东"
+
+;支付插件作者链接
+link = "https://www.jdpay.com/"
+
+;支付插件支持的支付方式，多种方式用英文,隔开，可选的有alipay,qqpay,wxpay,bank
+types = "jdpay"
+
+;支付插件要求传入的参数以及参数显示名称，可选的有appid,appkey,appsecret,appurl,appmchid
+inputs = "appid:商户号,appkey:商户DES密钥"
+
+;支付插件要求传入的支付方式参数
+select = ""

plugins/jdpay/inc/cert/config.ini

@@ -0,0 +1,46 @@
+[wepay]
+;======================= 商户开通的商户号
+merchantNum=22294531
+
+;======================= 商户DES密钥
+desKey=ta4E/aspLA3lgFGKmNDNRYU92RkZ4w2t
+
+;=======================京东支付在线支付PC端请求地址
+serverPayUrl=https://wepay.jd.com/jdpay/saveOrder
+
+;=======================京东支付在线支付H5端请求地址
+;serverPayUrl=https://h5pay.jd.com/jdpay/saveOrder
+
+;=======================京东查询服务地址
+serverQueryUrl=https://paygate.jd.com/service/query
+
+;=======================退款服务地址
+refundUrl=https://paygate.jd.com/service/refund
+
+;=======================callback地址
+callbackUrl=http://localhost/jdPay2Demo/com/jdjr/pay/demo/action/CallBack.php
+
+;=======================notify地址
+notifyUrl=http://localhost/jdPay2Demo/com/jdjr/pay/demo/action/AsnyNotify.php
+
+;======================扫码创建订单
+uniorderUrl= https://paygate.jd.com/service/uniorder
+
+;======================交易号查退款
+queryRefundUrl=https://paygate.jd.com/service/queryRefund
+
+;==========撤销地址
+revokeUrl=https://paygate.jd.com/service/revoke
+
+;=========付款码支付
+fkmPayUrl=https://paygate.jd.com/service/fkmPay
+
+;=========用户关系查询地址
+getUserRelationUrl=https://paygate.jd.com/service/getUserRelation
+
+;=========用户关系解绑地址
+cancelUserRelationUrl=https://paygate.jd.com/service/cancelUserRelation
+
+;=========白条策略查询地址
+queryBaiTiaoFQUrl=https://paygate.jd.com/service/queryBaiTiaoFQ
+

plugins/jdpay/inc/cert/seller_rsa_private_key.pem

@@ -0,0 +1,18 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALXf6twUqul1TATO
++5nA66p2wjnRd+g96IXpfV6Sf8WXxwizGj+L19LQYRBXpZHmRh82prJ48d0FcHbo
+CiN8pKutnuZrrKYhvORysOc5bVli0hcCn1TfYDoUWJ1UhjUQloqZKWjUz6LV9QY6
+bIZ1W4+Hmw6HK1bfFwUq0WzIGkJNAgMBAAECgYBlIFQeev9tP+M86TnMjBB9f/sO
+2wGpCIM5slIbO6n/3By3IZ7+pmsitOrDg3h0X22t/V1C7yzMkDGwa+T3Rl7ogwc4
+UNVj0ZQorOTx3OEPx3nP1yT3zmJ9djKaHKAmee4XmhQHdqqIuMT2XQaqatBzcsnP
++Jnw/WVOsIJIqMeFAQJBAP9yq4hE+UfM/YSXZ5JR33k9RolUUq8S/elmeJIDo/3N
+2qDmzLjOr9iEZHxioc8JOxubtZ0BxA+NdfKz4v0BSpkCQQC2RIrAPRj9vOk6GfT9
+W1hbJ4GdnzTb+4vp3RDQQ3x9JGXzWFlg8xJT1rNgM8R95Gkxn3KGnYHJQTLlCsIy
+2FnVAkAWXolM3pVhxz6wHL4SHx9Ns6L4payz7hrUFIgcaTs0H5G0o2FsEZVuhXFz
+PwPiaHGHomQOAriTkBSzEzOeaj2JAkEAtYUFefZfETQ2QbrgFgIGuKFboJKRnhOi
+f8G9oOvU6vx43CS8vqTVN9G2yrRDl+0GJnlZIV9zhe78tMZGKUT2EQJAHQawBKGl
+XlMe49Fo24yOy5DvKeohobjYqzJAtbqaAH7iIQTpOZx91zUcL/yG4dWS6r+wGO7Z
+1RKpupOJLKG3lA==
+-----END PRIVATE KEY-----
+
+

plugins/jdpay/inc/cert/wy_rsa_public_key.pem

@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCKE5N2xm3NIrXON8Zj19GNtLZ8
+xwEQ6uDIyrS3S03UhgBJMkGl4msfq4Xuxv6XUAN7oU1XhV3/xtabr9rXto4Ke3d6
+WwNbxwXnK5LSgsQc1BhT5NcXHXpGBdt7P8NMez5qGieOKqHGvT0qvjyYnYA29a8Z
+4wzNR7vAVHp36uD5RwIDAQAB
+-----END PUBLIC KEY-----

plugins/jdpay/inc/common/HttpUtils.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * HTTP工具类
+ *
+ * @author wywangzhenlong
+ *        
+ */
+class HttpUtils {
+
+	public function http_post_data($url, $data_string ) {
+
+		$TIMEOUT = 30;	//超时时间(秒)
+
+		$ch = curl_init ();
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+    	curl_setopt($ch, CURLOPT_TIMEOUT, $TIMEOUT);
+    	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $TIMEOUT-2);
+		curl_setopt($ch, CURLOPT_URL, $url);
+		curl_setopt($ch, CURLOPT_POST, 1);
+		curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
+		curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml;charset=utf-8'));
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+		$return_content = curl_exec($ch);
+		$return_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+		curl_close($ch);
+		return array (
+				$return_code,
+				$return_content 
+		);
+	}
+
+}

plugins/jdpay/inc/common/RSAUtils.php

@@ -0,0 +1,18 @@
+<?php
+class RSAUtils{
+	public static function encryptByPrivateKey($data) {
+		$pi_key =  openssl_pkey_get_private(file_get_contents(PAY_ROOT.'inc/cert/seller_rsa_private_key.pem'));//这个函数可用来判断私钥是否是可用的，可用返回资源id Resource id
+		$encrypted="";
+		openssl_private_encrypt($data,$encrypted,$pi_key,OPENSSL_PKCS1_PADDING);//私钥加密
+		$encrypted = base64_encode($encrypted);//加密后的内容通常含有特殊字符，需要编码转换下，在网络间通过url传输时要注意base64编码是否是url安全的
+		return $encrypted;
+	}
+	
+	public static function decryptByPublicKey($data) {
+		$pu_key =  openssl_pkey_get_public(file_get_contents(PAY_ROOT.'inc/cert/wy_rsa_public_key.pem'));//这个函数可用来判断公钥是否是可用的，可用返回资源id Resource id
+		$decrypted = "";
+		$data = base64_decode($data);
+		openssl_public_decrypt($data,$decrypted,$pu_key);//公钥解密
+		return $decrypted;
+	}
+}

plugins/jdpay/inc/common/SignUtil.php

@@ -0,0 +1,49 @@
+<?php
+
+
+include PAY_ROOT.'inc/common/RSAUtils.php';
+
+/**
+ * 签名
+ *
+ *        
+ */
+class SignUtil {
+	
+// 	public static $unSignKeyList = array (
+// 			"merchantSign",
+// 			"version", 
+// 			"successCallbackUrl",
+// 			"forPayLayerUrl"
+// 	);
+	public static function signWithoutToHex($params,$unSignKeyList) {
+		ksort($params);
+  		$sourceSignString = SignUtil::signString ( $params, $unSignKeyList );
+  		//echo  "sourceSignString=".htmlspecialchars($sourceSignString)."<br/>";
+  		//error_log("=========>sourceSignString:".$sourceSignString, 0);
+  		$sha256SourceSignString = hash ( "sha256", $sourceSignString);	
+  		//error_log($sha256SourceSignString, 0);
+  		//echo "sha256SourceSignString=".htmlspecialchars($sha256SourceSignString)."<br/>";
+        return RSAUtils::encryptByPrivateKey ($sha256SourceSignString);
+	}
+	
+	public static function sign($params,$unSignKeyList) {
+		ksort($params);
+		$sourceSignString = SignUtil::signString ( $params, $unSignKeyList );
+		//error_log($sourceSignString, 0);
+		$sha256SourceSignString = hash ( "sha256", $sourceSignString);
+		//error_log($sha256SourceSignString, 0);
+		return RSAUtils::encryptByPrivateKey ($sha256SourceSignString);
+	}
+	
+	public static function signString($data, $unSignKeyList) {
+		$linkStr="";
+		$isFirst=true;
+		ksort($data);
+		foreach($data as $key=>$value){
+			if($value=="" || in_array($key, $unSignKeyList)) continue;
+			$linkStr.=$key."=".$value."&";
+		}
+		return substr($linkStr,0,-1);
+	}
+}

plugins/jdpay/inc/common/TDESUtil.php

@@ -0,0 +1,59 @@
+<?php
+
+class TDESUtil {
+	
+	/**
+	 * 将元数据进行补位后进行3DES加密
+	 * <p/>
+	 * 补位后 byte[] = 描述有效数据长度(int)的byte[]+原始数据byte[]+补位byte[]
+	 *
+	 * @param
+	 *        	sourceData 元数据字符串
+	 * @return 返回3DES加密后的16进制表示的字符串
+	 */
+	public static function encrypt2HexStr($keys, $sourceData) {
+		$length = strlen($sourceData);
+		$result = '';
+		for($i = 0; $i < 4; $i ++) {
+			$shift = (4 - 1 - $i) * 8;
+			$result .= chr(($length >> $shift) & 0x000000FF);
+		}
+		$result .= $sourceData;
+		$add = 8 - ($length+4) % 8;
+		if($add>0){
+			for($i=0; $i<$add; $i++){
+				$result .= chr(0);
+			}
+		}
+		$desdata = self::encrypt( $result, $keys );
+		return bin2hex( $desdata );
+	}
+	
+	/**
+	 * 3DES 解密 进行了补位的16进制表示的字符串数据
+	 *
+	 * @return
+	 *
+	 */
+	public static function decrypt4HexStr($keys, $data) {
+		$unDesResult = self::decrypt(hex2bin($data),$keys);
+
+		$length=0;
+		for($i = 0; $i < 4; $i ++) {
+			$shift = (4 - 1 - $i) * 8;
+			$length += (ord($unDesResult[$i]) & 0x000000FF) << $shift;
+		}
+		$result = substr($unDesResult, 4, $length);
+
+		return $result;
+	}
+	
+	// 加密算法
+	public static function encrypt($input, $key) {
+		return openssl_encrypt($input, 'des-ede3', $key, OPENSSL_NO_PADDING, "");
+	}
+	// 解密算法
+	public static function decrypt($encrypted, $key) {
+		return openssl_decrypt($encrypted, 'des-ede3', $key, OPENSSL_NO_PADDING, "");
+	}
+}

plugins/jdpay/inc/common/XMLUtil.php

@@ -0,0 +1,123 @@
+<?php
+include PAY_ROOT.'inc/common/RSAUtils.php';
+include PAY_ROOT.'inc/common/TDESUtil.php';
+
+class XMLUtil{
+	public static function arrtoxml($arr,$dom=0,$item=0){
+		//ksort($arr);
+		if (!$dom){
+				
+			$dom = new DOMDocument("1.0","UTF-8");
+		}
+		if(!$item){
+			$item = $dom->createElement("jdpay");
+			$item = $dom->appendChild($item);
+		}
+		
+		foreach ($arr as $key=>$val){
+			$itemx = $dom->createElement(is_string($key)?$key:"item");
+			$itemx = $item->appendChild($itemx);
+			if (!is_array($val)){
+				$text = $dom->createTextNode($val);
+				$text = $itemx->appendChild($text);
+				 
+			}else {
+				XMLUtil::arrtoxml($val,$dom,$itemx);
+			}
+		}
+		return $dom;
+	}
+	
+	public static function xmlToString($dom){
+		$xmlStr = $dom->saveXML();
+		$xmlStr = str_replace("\r", "", $xmlStr);
+		$xmlStr = str_replace("\n", "", $xmlStr);
+		$xmlStr = str_replace("\t", "", $xmlStr);
+		$xmlStr = preg_replace("/>\s+</", "><", $xmlStr);
+		$xmlStr = preg_replace("/\s+\/>/", "/>", $xmlStr);
+		$xmlStr = str_replace("=utf-8", "=UTF-8", $xmlStr);
+		return $xmlStr;
+	}
+	
+	public static function encryptReqXml($param){
+		$dom = XMLUtil::arrtoxml($param);
+		$xmlStr = XMLUtil::xmlToString($dom);
+		//echo "源串：".htmlspecialchars($xmlStr)."<br/>";
+		$sha256SourceSignString = hash("sha256", $xmlStr);
+		//echo "摘要:".$sha256SourceSignString."<br/>";
+		$sign = RSAUtils::encryptByPrivateKey($sha256SourceSignString);
+		$rootDom = $dom->getElementsByTagName("jdpay");
+		$signDom = $dom->createElement("sign");
+		$signDom = $rootDom[0]->appendChild($signDom);
+		$signText = $dom->createTextNode($sign);
+		$signText = $signDom->appendChild($signText);
+		$data = XMLUtil::xmlToString($dom);
+		//echo "封装后:".htmlspecialchars($data)."<br/>";
+		
+		$desKey = Confid_desKey;
+		$keys = base64_decode($desKey);
+		$encrypt = TDESUtil::encrypt2HexStr($keys, $data);
+		//echo "3DES后:".$encrypt."<br/>";
+		$encrypt = base64_encode($encrypt);
+		//echo "base64后:".$encrypt."<br/>";
+		$reqParam;
+		$reqParam["version"]=$param["version"];
+		$reqParam["merchant"]=$param["merchant"];
+		$reqParam["encrypt"]=$encrypt;
+		$reqDom = XMLUtil::arrtoxml($reqParam,0,0);
+		$reqXmlStr = XMLUtil::xmlToString($reqDom);
+		//echo htmlspecialchars($reqXmlStr)."<br/>";
+		return $reqXmlStr;
+	}
+	
+	public static function decryptResXml($resultData,&$resData){
+		$resultXml = simplexml_load_string($resultData);
+		$resultObj = json_decode(json_encode($resultXml),TRUE);
+		$encryptStr = $resultObj["encrypt"];
+		$encryptStr=base64_decode($encryptStr);
+		$desKey = Confid_desKey;
+		$keys = base64_decode($desKey);
+		$reqBody = TDESUtil::decrypt4HexStr($keys, $encryptStr);
+		//echo "请求返回encrypt Des解密后:".$reqBody."\n";
+		
+		$bodyXml = simplexml_load_string($reqBody);
+		//echo "请求返回encrypt Des解密后:".$bodyXml->saveXML()."\n";
+		$resData = json_decode(json_encode($bodyXml),TRUE);
+		
+		$inputSign = $resData["sign"];
+// 		$bodyDom = XMLUtil::arrtoxml($bodyObj,0,0);
+// 		$rootDom = $bodyDom->getElementsByTagName("jdpay");
+// 		$signNodelist = $rootDom[0]->getElementsByTagName("sign");
+// 		$rootDom[0]->removeChild($signNodelist[0]);
+		
+// 		$reqBodyStr = XMLUtil::xmlToString($bodyDom);
+
+		$startIndex = strpos($reqBody,"<sign>");
+		$endIndex = strpos($reqBody,"</sign>");
+		
+		if($startIndex!=false && $endIndex!=false){
+			$xmls = substr($reqBody, 0,$startIndex);
+			$xmle = substr($reqBody,$endIndex+7,strlen($reqBody));
+			$xml=$xmls.$xmle;
+		}
+		
+		//echo "本地摘要原串:".$xml."\n";
+		$sha256SourceSignString = hash("sha256", $xml);
+		//echo "本地摘要:".$sha256SourceSignString."\n";
+		
+		$decryptStr = RSAUtils::decryptByPublicKey($inputSign);
+		//echo "解密后摘要:".$decryptStr."\n";
+		if($decryptStr==$sha256SourceSignString){
+			//echo "验签成功<br/>";
+			$flag=true;
+		}else{
+			//echo "验签失败<br/>";
+			$flag=false;
+		}
+		$resData["version"]=$resultObj["version"];
+		$resData["merchant"]=$resultObj["merchant"];
+		$resData["result"]=$resultObj["result"];
+		//echo var_dump($resData);
+		return $flag;
+	}
+}

plugins/jdpay/notify.php

@@ -0,0 +1,27 @@
+<?php
+/* *
+ * 京东支付异步通知页面
+ */
+
+if(!defined('IN_PLUGIN'))exit();
+require_once(PAY_ROOT."inc/common/XMLUtil.php");
+
+define("Confid_desKey",$channel['appkey']);
+$xml = file_get_contents("php://input");
+$flag = XMLUtil::decryptResXml($xml, $param);
+//var_dump($flag);
+if($flag){
+	echo "success";
+	$trade_no = daddslashes($param["tradeNum"]);
+	$out_trade_no = daddslashes($param["tradeNum"]);
+	if($param["status"]==2) {
+		if($out_trade_no == TRADE_NO && $param["amount"]==strval($order['money']*100) && $order['status']==0){
+			if($DB->exec("update `pre_order` set `status` ='1' where `trade_no`='".TRADE_NO."'")){
+				$DB->exec("update `pre_order` set `api_trade_no` ='$trade_no',`endtime` ='$date',`date` =NOW() where `trade_no`='".TRADE_NO."'");
+				processOrder($order);
+			}
+		}
+    }
+}else{
+	echo "error";
+}

plugins/jdpay/refund.php

@@ -0,0 +1,39 @@
+<?php
+/*
+ * 京东支付退款接口
+*/
+if(!defined('IN_REFUND'))exit();
+
+require_once(PAY_ROOT."inc/common/XMLUtil.php");
+require_once(PAY_ROOT."inc/common/HttpUtils.php");
+
+define("Confid_desKey",$channel['appkey']);
+
+$param["version"]="V2.0";
+$param["merchant"]=$channel['appid'];
+$param["tradeNum"]=$order['trade_no'].rand(000,999);
+$param["oTradeNum"]=$order['api_trade_no'];
+$param["amount"]=$order['realmoney']*100;
+$param["currency"]="CNY";
+
+$reqXmlStr = XMLUtil::encryptReqXml($param);
+$url = 'https://paygate.jd.com/service/refund';
+
+$httputil = new HttpUtils();
+list ( $return_code, $return_content )  = $httputil->http_post_data($url, $reqXmlStr);
+//echo $return_content."\n";
+
+$flag=XMLUtil::decryptResXml($return_content,$resData);
+//echo var_dump($resData);
+
+if($flag){
+	if($resData['status'] == "1"){
+		$result = ['code'=>0, 'trade_no'=>$resData['oTradeNum'], 'refund_fee'=>$resData['amount']];
+	}else{
+		$result = ['code'=>-1, 'msg'=>'['.$resData['result']['code'].']'.$resData['result']['desc']];
+	}
+}else{
+	$result = ['code'=>-1, 'msg'=>'验签失败'];
+}
+
+return $result;

plugins/jdpay/return.php

@@ -0,0 +1,57 @@
+<?php
+/* *
+ * 京东支付同步通知页面
+ */
+
+require_once('./includes/common.php');
+require_once(PAY_ROOT."inc/common/SignUtil.php");
+require_once(PAY_ROOT."inc/common/TDESUtil.php");
+
+$desKey = $channel['appkey'];
+$keys = base64_decode($desKey);
+$param = array();
+if(!empty($_POST["tradeNum"])){
+	$param["tradeNum"]=TDESUtil::decrypt4HexStr($keys, $_POST["tradeNum"]);
+}
+if(!empty($_POST["amount"])){
+	$param["amount"]=TDESUtil::decrypt4HexStr($keys, $_POST["amount"]);
+}
+if(!empty($_POST["currency"])){
+	$param["currency"]=TDESUtil::decrypt4HexStr($keys, $_POST["currency"]);
+}
+if(!empty($_POST["tradeTime"])){
+	$param["tradeTime"]=TDESUtil::decrypt4HexStr($keys, $_POST["tradeTime"]);
+}
+if(!empty($_POST["status"])){
+	$param["status"]=TDESUtil::decrypt4HexStr($keys, $_POST["status"]);
+}
+
+$sign = $_POST["sign"];
+$strSourceData = SignUtil::signString($param, array());
+//echo "strSourceData=".htmlspecialchars($strSourceData)."<br/>";
+//$decryptBASE64Arr = base64_decode($sign);
+$decryptStr = RSAUtils::decryptByPublicKey($sign);
+//echo "decryptStr=".htmlspecialchars($decryptStr)."<br/>";
+$sha256SourceSignString = hash ( "sha256", $strSourceData);
+//echo "sha256SourceSignString=".htmlspecialchars($sha256SourceSignString)."<br/>";
+if($decryptStr == $sha256SourceSignString){
+	$trade_no = daddslashes($param["tradeNum"]);
+	$out_trade_no = daddslashes($param["tradeNum"]);
+	if($out_trade_no == TRADE_NO && $param["amount"]==$order['money']*100 && $order['status']==0){
+		$url=creat_callback($order);
+
+		if($order['status']==0){
+			if($DB->exec("update `pre_order` set `status` ='1' where `trade_no`='".TRADE_NO."'")){
+				$DB->exec("update `pre_order` set `api_trade_no` ='$trade_no',`endtime` ='$date',`date` =NOW() where `trade_no`='".TRADE_NO."'");
+				processOrder($order,false);
+			}
+			echo '<script>window.location.href="'.$url['return'].'";</script>';
+		}else{
+			echo '<script>window.location.href="'.$url['return'].'";</script>';
+		}
+	}else{
+		sysmsg('订单信息校验失败');
+	}
+}else{
+	sysmsg("验证签名失败！strSourceData=".htmlspecialchars($strSourceData));
+}

plugins/jdpay/submit.php

@@ -0,0 +1,65 @@
+<?php
+if(!defined('IN_PLUGIN'))exit();
+
+if(strpos($_SERVER['HTTP_USER_AGENT'], 'MicroMessenger')!==false && !$submit2){
+	echo "<script>window.location.href='/submit2.php?typeid={$order['type']}&trade_no={$trade_no}';</script>";exit;
+}
+if(strpos($_SERVER['HTTP_USER_AGENT'], 'MicroMessenger')!==false){
+	include(SYSTEM_ROOT.'pages/wxopen.php');
+	exit;
+}
+
+require_once(PAY_ROOT."inc/common/SignUtil.php");
+require_once(PAY_ROOT."inc/common/TDESUtil.php");
+
+if(checkmobile()==true){
+	$oriUrl = 'https://h5pay.jd.com/jdpay/saveOrder';
+}else{
+	$oriUrl = 'https://wepay.jd.com/jdpay/saveOrder';
+}
+
+$param=array();
+$param["version"]='V2.0';
+$param["merchant"]=$channel['appid'];
+$param["tradeNum"]=$trade_no;
+$param["tradeName"]=$ordername;
+$param["tradeTime"]= date('YmdHis');
+$param["amount"]= strval($order['money']*100);
+$param["currency"]= 'CNY';
+$param["callbackUrl"]= $siteurl.'pay/jdpay/return/'.TRADE_NO.'/';
+$param["notifyUrl"]= $conf['localurl'].'pay/jdpay/notify/'.TRADE_NO.'/';
+$param["ip"]= $clientip;
+$param["userId"]= '';
+$param["orderType"]= '1';
+$unSignKeyList = array("sign");
+$desKey = $channel['appkey'];
+$sign = SignUtil::signWithoutToHex($param, $unSignKeyList);
+//echo $sign."<br/>";
+$param["sign"] = $sign;
+$keys = base64_decode($desKey);
+
+$param["tradeNum"]=TDESUtil::encrypt2HexStr($keys, $param["tradeNum"]);
+if($param["tradeName"] != null && $param["tradeName"]!=""){
+	$param["tradeName"]=TDESUtil::encrypt2HexStr($keys, $param["tradeName"]);
+}
+$param["tradeTime"]=TDESUtil::encrypt2HexStr($keys, $param["tradeTime"]);
+$param["amount"]=TDESUtil::encrypt2HexStr($keys, $param["amount"]);
+$param["currency"]=TDESUtil::encrypt2HexStr($keys, $param["currency"]);
+$param["callbackUrl"]=TDESUtil::encrypt2HexStr($keys, $param["callbackUrl"]);
+$param["notifyUrl"]=TDESUtil::encrypt2HexStr($keys, $param["notifyUrl"]);
+$param["ip"]=TDESUtil::encrypt2HexStr($keys, $param["ip"]);
+
+if($param["userId"] != null && $param["userId"]!=""){
+	$param["userId"]=TDESUtil::encrypt2HexStr($keys, $param["userId"]);
+}
+if($param["orderType"] != null && $param["orderType"]!=""){
+	$param["orderType"]=TDESUtil::encrypt2HexStr($keys, $param["orderType"]);
+}
+//print_R($param);exit;
+
+echo '<form action="'.$oriUrl.'" method="post" id="dopay">';
+foreach($param as $k => $v) {
+	echo "<input type=\"hidden\" name=\"{$k}\" value=\"{$v}\" />\n";
+}
+echo '<input type="submit" value="正在跳转"></form><script>document.getElementById("dopay").submit();</script>';
+?>