2020.02新版

plugins/swiftpass/inc/WxPay.JsApiPay.php

@@ -0,0 +1,167 @@
+<?php
+/**
+* 	配置账号信息
+*/
+
+class WxPayConfig
+{
+	//微信公众号APPID
+	const APPID = '';
+
+	//微信公众号APPSECRET
+	const APPSECRET = '';
+}
+
+/**
+ * 
+ * 微信支付API异常类
+ * @author widyhu
+ *
+ */
+class WxPayException extends Exception {
+	public function errorMessage()
+	{
+		return $this->getMessage();
+	}
+}
+
+/**
+ * 
+ * JSAPI支付实现类
+ * 该类实现了从微信公众平台获取code、通过code获取openid和access_token、
+ * 生成jsapi支付js接口所需的参数、生成获取共享收货地址所需的参数
+ * 
+ * 该类是微信支付提供的样例程序，商户可根据自己的需求修改，或者使用lib中的api自行开发
+ * 
+ * @author widy
+ *
+ */
+class JsApiPay
+{
+	/**
+	 * 
+	 * 网页授权接口微信服务器返回的数据，返回样例如下
+	 * {
+	 *  "access_token":"ACCESS_TOKEN",
+	 *  "expires_in":7200,
+	 *  "refresh_token":"REFRESH_TOKEN",
+	 *  "openid":"OPENID",
+	 *  "scope":"SCOPE",
+	 *  "unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
+	 * }
+	 * 其中access_token可用于获取共享收货地址
+	 * openid是微信支付jsapi支付接口必须的参数
+	 * @var array
+	 */
+	public $data = null;
+	
+	/**
+	 * 
+	 * 通过跳转获取用户的openid，跳转流程如下：
+	 * 1、设置自己需要调回的url及其其他参数，跳转到微信服务器https://open.weixin.qq.com/connect/oauth2/authorize
+	 * 2、微信服务处理完成之后会跳转回用户redirect_uri地址，此时会带上一些参数，如：code
+	 * 
+	 * @return 用户的openid
+	 */
+	public function GetOpenid()
+	{
+		//通过code获得openid
+		if (!isset($_GET['code'])){
+			//触发微信返回code码
+			$baseUrl = urlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
+			$url = $this->__CreateOauthUrlForCode($baseUrl);
+			Header("Location: $url");
+			exit();
+		} else {
+			//获取code码，以获取openid
+		    $code = $_GET['code'];
+			$openid = $this->GetOpenidFromMp($code);
+			return $openid;
+		}
+	}
+
+	/**
+	 * 
+	 * 通过code从工作平台获取openid机器access_token
+	 * @param string $code 微信跳转回来带上的code
+	 * 
+	 * @return openid
+	 */
+	public function GetOpenidFromMp($code)
+	{
+		$url = $this->__CreateOauthUrlForOpenid($code);
+		//初始化curl
+		$ch = curl_init();
+		//设置超时
+		curl_setopt($ch, CURLOPT_TIMEOUT, $this->curl_timeout);
+		curl_setopt($ch, CURLOPT_URL, $url);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,FALSE);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,FALSE);
+		curl_setopt($ch, CURLOPT_HEADER, FALSE);
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
+		//运行curl，结果以jason形式返回
+		$res = curl_exec($ch);
+		curl_close($ch);
+		//取出openid
+		$data = json_decode($res,true);
+		$this->data = $data;
+		$openid = $data['openid'];
+		return $openid;
+	}
+	
+	/**
+	 * 
+	 * 拼接签名字符串
+	 * @param array $urlObj
+	 * 
+	 * @return 返回已经拼接好的字符串
+	 */
+	private function ToUrlParams($urlObj)
+	{
+		$buff = "";
+		foreach ($urlObj as $k => $v)
+		{
+			if($k != "sign"){
+				$buff .= $k . "=" . $v . "&";
+			}
+		}
+		
+		$buff = trim($buff, "&");
+		return $buff;
+	}
+	
+	/**
+	 * 
+	 * 构造获取code的url连接
+	 * @param string $redirectUrl 微信服务器回跳的url，需要url编码
+	 * 
+	 * @return 返回构造好的url
+	 */
+	private function __CreateOauthUrlForCode($redirectUrl)
+	{
+		$urlObj["appid"] = WxPayConfig::APPID;
+		$urlObj["redirect_uri"] = $redirectUrl;
+		$urlObj["response_type"] = "code";
+		$urlObj["scope"] = "snsapi_base";
+		$urlObj["state"] = "STATE"."#wechat_redirect";
+		$bizString = $this->ToUrlParams($urlObj);
+		return "https://open.weixin.qq.com/connect/oauth2/authorize?".$bizString;
+	}
+	
+	/**
+	 * 
+	 * 构造获取open和access_toke的url地址
+	 * @param string $code，微信跳转带回的code
+	 * 
+	 * @return 请求的url
+	 */
+	private function __CreateOauthUrlForOpenid($code)
+	{
+		$urlObj["appid"] = WxPayConfig::APPID;
+		$urlObj["secret"] = WxPayConfig::APPSECRET;
+		$urlObj["code"] = $code;
+		$urlObj["grant_type"] = "authorization_code";
+		$bizString = $this->ToUrlParams($urlObj);
+		return "https://api.weixin.qq.com/sns/oauth2/access_token?".$bizString;
+	}
+}

plugins/swiftpass/inc/class/ClientResponseHandler.class.php

@@ -0,0 +1,236 @@
+<?php
+
+/**
+ * 后台应答类
+ * ============================================================================
+ * api说明：
+ * getKey()/setKey(),获取/设置密钥
+ * getContent() / setContent(), 获取/设置原始内容
+ * getParameter()/setParameter(),获取/设置参数值
+ * getAllParameters(),获取所有参数
+ * isTenpaySign(),是否平台签名,true:是 false:否
+ * getDebugInfo(),获取debug信息
+ * 
+ * ============================================================================
+ *
+ */
+
+class ClientResponseHandler  {
+	
+	/** MD5密钥 */
+	var $key;
+
+	/* 平台RSA公钥 */
+	var $public_rsa_key;
+
+	var $signtype;
+	
+	/** 应答的参数 */
+	var $parameters;
+	
+	/** debug信息 */
+	var $debugInfo;
+	
+	//原始内容
+	var $content;
+	
+	function __construct() {
+		$this->ClientResponseHandler();
+	}
+	
+	function ClientResponseHandler() {
+		$this->key = "";
+		$this->public_rsa_key = "";
+		$this->signtype = "";
+		$this->parameters = array();
+		$this->debugInfo = "";
+		$this->content = "";
+	}
+		
+	/**
+	*获取密钥
+	*/
+	function getKey() {
+		return $this->key;
+	}
+	
+	/**
+	*设置密钥
+	*/	
+	function setKey($key) {
+		$this->key = $key;
+	}
+
+	/*设置平台公钥*/
+	function setRSAKey($key) {
+		$this->public_rsa_key = $key;
+	}
+
+	function setSignType($type) {
+		$this->signtype = $type;
+	}
+	
+	//设置原始内容
+	function setContent($content) {
+		$this->content = $content;
+		
+		libxml_disable_entity_loader(true);
+		$xml = simplexml_load_string($this->content);
+		$encode = $this->getXmlEncode($this->content);
+		
+		if($xml && $xml->children()) {
+			foreach ($xml->children() as $node){
+				//有子节点
+				if($node->children()) {
+					$k = $node->getName();
+					$nodeXml = $node->asXML();
+					$v = substr($nodeXml, strlen($k)+2, strlen($nodeXml)-2*strlen($k)-5);
+					
+				} else {
+					$k = $node->getName();
+					$v = (string)$node;
+				}
+				
+				if($encode!="" && $encode != "UTF-8") {
+					$k = iconv("UTF-8", $encode, $k);
+					$v = iconv("UTF-8", $encode, $v);
+				}
+				
+				$this->setParameter($k, $v);			
+			}
+		}
+	}
+	
+	//获取原始内容
+	function getContent() {
+		return $this->content;
+	}
+	
+	/**
+	*获取参数值
+	*/	
+	function getParameter($parameter) {
+		return isset($this->parameters[$parameter])?$this->parameters[$parameter] : '';
+	}
+	
+	/**
+	*设置参数值
+	*/	
+	function setParameter($parameter, $parameterValue) {
+		$this->parameters[$parameter] = $parameterValue;
+	}
+	
+	/**
+	*获取所有请求的参数
+	*@return array
+	*/
+	function getAllParameters() {
+		return $this->parameters;
+	}	
+	
+	/**
+	*是否平台签名,规则是:按参数名称a-z排序,遇到空值的参数不参加签名。
+	*true:是
+	*false:否
+	*/	
+	function isTenpaySign() {
+		$swiftpassSign = strtolower($this->getParameter("sign"));
+		if ($this->getParameter('sign_type') == 'MD5') {
+			return $this->getMD5Sign() == $swiftpassSign;
+		} else if ($this->getParameter('sign_type') == 'RSA_1_1' || $this->getParameter('sign_type') == 'RSA_1_256') {
+			return $this->verifyRSASign();
+		}
+	}
+
+	function getMD5Sign() {
+		$signPars = "";
+		ksort($this->parameters);
+		foreach($this->parameters as $k => $v) {
+			if("sign" != $k && "" != $v) {
+				$signPars .= $k . "=" . $v . "&";
+			}
+		}
+		$signPars .= "key=" . $this->getKey();
+		
+		return strtolower(md5($signPars));
+	}
+
+	function verifyRSASign() {
+		$signPars = "";
+		ksort($this->parameters);
+		foreach($this->parameters as $k => $v) {
+			if("sign" != $k && "" != $v) {
+				$signPars .= $k . "=" . $v . "&";
+			}
+		}
+
+		$signPars = substr($signPars, 0, strlen($signPars) - 1);
+		$res = openssl_get_publickey($this->public_rsa_key);
+		if ($this->getParameter('sign_type') == 'RSA_1_1') {
+			$result = (bool)openssl_verify($signPars, base64_decode($this->getParameter("sign")), $res);
+			openssl_free_key($res);
+			return $result;
+		} else if($this->getParameter('sign_type') == 'RSA_1_256') {
+			$result = (bool)openssl_verify($signPars, base64_decode($this->getParameter("sign")), $res, OPENSSL_ALGO_SHA256);
+			openssl_free_key($res);
+			return $result;
+		}
+	}
+	
+	/**
+	*获取debug信息
+	*/	
+	function getDebugInfo() {
+		return $this->debugInfo;
+	}
+	
+	//获取xml编码
+	function getXmlEncode($xml) {
+		$ret = preg_match ("/<?xml[^>]* encoding=\"(.*)\"[^>]* ?>/i", $xml, $arr);
+		if($ret) {
+			return strtoupper ( $arr[1] );
+		} else {
+			return "";
+		}
+	}
+	
+	/**
+	*设置debug信息
+	*/	
+	function _setDebugInfo($debugInfo) {
+		$this->debugInfo = $debugInfo;
+	}
+	
+	/**
+	 * 是否财付通签名
+	 * @param signParameterArray 签名的参数数组
+	 * @return boolean
+	 */	
+	function _isTenpaySign($signParameterArray) {
+	
+		$signPars = "";
+		foreach($signParameterArray as $k) {
+			$v = $this->getParameter($k);
+			if("sign" != $k && "" != $v) {
+				$signPars .= $k . "=" . $v . "&";
+			}			
+		}
+		$signPars .= "key=" . $this->getKey();
+		
+		$sign = strtolower(md5($signPars));
+		
+		$tenpaySign = strtolower($this->getParameter("sign"));
+				
+		//debug信息
+		$this->_setDebugInfo($signPars . " => sign:" . $sign .
+				" tenpaySign:" . $this->getParameter("sign"));
+		
+		return $sign == $tenpaySign;		
+		
+	
+	}
+	
+}
+
+
+?>

plugins/swiftpass/inc/class/PayHttpClient.class.php

@@ -0,0 +1,119 @@
+<?php
+
+/**
+ * http、https通信类
+ * ============================================================================
+ * api说明：
+ * setReqContent($reqContent),设置请求内容
+ * getResContent(), 获取应答内容
+ * setMethod($method),设置请求方法,post或者get
+ * getErrInfo(),获取错误信息
+ * setCertInfo($certFile, $certPasswd, $certType="PEM"),设置证书，双向https时需要使用
+ * setCaInfo($caFile), 设置CA，格式未pem，不设置则不检查
+ * setTimeOut($timeOut)， 设置超时时间，单位秒
+ * getResponseCode(), 取返回的http状态码
+ * call(),真正调用接口
+ * 
+ * ============================================================================
+ *
+ */
+
+class PayHttpClient {
+	//请求内容，无论post和get，都用get方式提供
+	var $reqUrl;
+	var $reqContent;
+	//应答内容
+	var $resContent;
+	
+	//错误信息
+	var $errInfo;
+	
+	//超时时间
+	var $timeOut;
+	
+	//http状态码
+	var $responseCode;
+	
+	function __construct() {
+		$this->PayHttpClient();
+	}
+	
+	
+	function PayHttpClient() {
+		$this->reqContent = "";
+		$this->resContent = "";
+		
+		$this->errInfo = "";
+		
+		$this->timeOut = 120;
+		
+		$this->responseCode = 0;
+		
+	}
+	
+	//设置请求内容
+	function setReqContent($url,$data) {
+		$this->reqUrl=$url;
+        $this->reqContent=$data;
+	}
+	
+	//获取结果内容
+	function getResContent() {
+		return $this->resContent;
+	}
+	
+	//获取错误信息
+	function getErrInfo() {
+		return $this->errInfo;
+	}
+	
+	//设置超时时间,单位秒
+	function setTimeOut($timeOut) {
+		$this->timeOut = $timeOut;
+	}
+	
+	//执行http调用
+	function call() {
+		//启动一个CURL会话
+		$ch = curl_init();
+
+		// 设置curl允许执行的最长秒数
+		curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeOut);
+        curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
+        curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,false);
+		// 获取的信息以文件流的形式返回，而不是直接输出。
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
+		
+        //发送一个常规的POST请求。
+        curl_setopt($ch, CURLOPT_POST, 1);
+        curl_setopt($ch, CURLOPT_URL, $this->reqUrl);
+        //要传送的所有数据
+        curl_setopt($ch, CURLOPT_POSTFIELDS, $this->reqContent);
+		
+		// 执行操作
+		$res = curl_exec($ch);
+		$this->responseCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+		
+		if ($res == NULL) { 
+		   $this->errInfo = "call http err :" . curl_errno($ch) . " - " . curl_error($ch) ;
+		   curl_close($ch);
+		   return false;
+		} else if($this->responseCode  != "200") {
+			$this->errInfo = "call http err httpcode=" . $this->responseCode  ;
+			curl_close($ch);
+			return false;
+		}
+		
+		curl_close($ch);
+		$this->resContent = $res;
+
+		
+		return true;
+	}
+	
+	function getResponseCode() {
+		return $this->responseCode;
+	}
+	
+}
+?>

plugins/swiftpass/inc/class/RequestHandler.class.php

@@ -0,0 +1,225 @@
+<?php
+/**
+ * 请求类
+ * ============================================================================
+ * api说明：
+ * init(),初始化函数，默认给一些参数赋值，如cmdno,date等。
+ * getGateURL()/setGateURL(),获取/设置入口地址,不包含参数值
+ * getKey()/setKey(),获取/设置密钥
+ * getParameter()/setParameter(),获取/设置参数值
+ * getAllParameters(),获取所有参数
+ * getRequestURL(),获取带参数的请求URL
+ * getDebugInfo(),获取debug信息
+ * 
+ * ============================================================================
+ *
+ */
+class RequestHandler {
+	
+	/** 网关url地址 */
+	var $gateUrl;
+	
+	/** 密钥 */
+	var $key;
+
+	/* RSA私钥*/
+	var $private_rsa_key;
+
+	var $signtype;
+	
+	/** 请求的参数 */
+	var $parameters;
+	
+	/** debug信息 */
+	var $debugInfo;
+	
+	function __construct() {
+		$this->RequestHandler();
+	}
+	
+	function RequestHandler() {
+		$this->gateUrl = "";
+		$this->key = "";
+		$this->private_rsa_key = "";
+		$this->signtype = "";
+		$this->parameters = array();
+		$this->debugInfo = "";
+	}
+	
+	/**
+	*初始化函数。
+	*/
+	function init() {
+		//nothing to do
+	}
+	
+	/**
+	*获取入口地址,不包含参数值
+	*/
+	function getGateURL() {
+		return $this->gateUrl;
+	}
+	
+	/**
+	*设置入口地址,不包含参数值
+	*/
+	function setGateURL($gateUrl) {
+		$this->gateUrl = $gateUrl;
+	}
+
+	function setSignType($type) {
+		$this->signtype = $type;
+	}
+	
+	/**
+	*获取MD5密钥
+	*/
+	function getKey() {
+		return $this->key;
+	}
+	
+	/**
+	*设置MD5密钥
+	*/
+	function setKey($key) {
+		$this->key = $key;
+	}
+	
+	/*设置RSA私钥*/
+	function setRSAKey($key) {
+		$this->private_rsa_key = $key;
+	}
+
+	/**
+	*获取参数值
+	*/
+	function getParameter($parameter) {
+		return isset($this->parameters[$parameter])?$this->parameters[$parameter]:'';
+	}
+	
+	/**
+	*设置参数值
+	*/
+	function setParameter($parameter, $parameterValue) {
+		$this->parameters[$parameter] = $parameterValue;
+	}
+
+    /**
+     * 一次性设置参数
+     */
+    function setReqParams($post,$filterField=null){
+        if($filterField !== null){
+            forEach($filterField as $k=>$v){
+                unset($post[$v]);
+            }
+        }
+        
+        //判断是否存在空值，空值不提交
+        forEach($post as $k=>$v){
+            if(empty($v)){
+                unset($post[$k]);
+            }
+        }
+
+        $this->parameters = $post;
+    }
+	
+	/**
+	*获取所有请求的参数
+	*@return array
+	*/
+	function getAllParameters() {
+		return $this->parameters;
+	}
+	
+	/**
+	*获取带参数的请求URL
+	*/
+	function getRequestURL() {
+	
+		$this->createSign();
+		
+		$reqPar = "";
+		ksort($this->parameters);
+		foreach($this->parameters as $k => $v) {
+			$reqPar .= $k . "=" . urlencode($v) . "&";
+		}
+		
+		//去掉最后一个&
+		$reqPar = substr($reqPar, 0, strlen($reqPar)-1);
+		
+		$requestURL = $this->getGateURL() . "?" . $reqPar;
+		
+		return $requestURL;
+		
+	}
+		
+	/**
+	*获取debug信息
+	*/
+	function getDebugInfo() {
+		return $this->debugInfo;
+	}
+	
+	/**
+	*创建md5摘要,规则是:按参数名称a-z排序,遇到空值的参数不参加签名。
+	*/
+	function createSign() {
+		if($this->signtype == 'MD5') {
+			$this->createMD5Sign();
+		} else {
+			$this->createRSASign();
+		}
+	}	
+
+	function createMD5Sign() {
+		$signPars = "";
+		ksort($this->parameters);
+		foreach($this->parameters as $k => $v) {
+			if("" != $v && "sign" != $k) {
+				$signPars .= $k . "=" . $v . "&";
+			}
+		}
+		$signPars .= "key=" . $this->getKey();
+		$sign = strtoupper(md5($signPars));
+		$this->setParameter("sign", $sign);
+		
+		//debug信息
+		$this->_setDebugInfo($signPars . " => sign:" . $sign);
+	}
+
+	function createRSASign() {
+		$signPars = "";
+		ksort($this->parameters);
+		foreach($this->parameters as $k => $v) {
+			if("" != $v && "sign" != $k) {
+				$signPars .= $k . "=" . $v . "&";
+			}
+		}
+
+		$signPars = substr($signPars, 0, strlen($signPars) - 1);
+
+		$res = openssl_get_privatekey($this->private_rsa_key);
+		if ($this->signtype == 'RSA_1_1') {
+			openssl_sign($signPars, $sign, $res);
+		} else if ($this->signtype == 'RSA_1_256') {
+			openssl_sign($signPars, $sign, $res, OPENSSL_ALGO_SHA256);
+		}
+		openssl_free_key($res);
+		$sign = base64_encode($sign);
+		$this->setParameter("sign", $sign);
+
+		//debug信息
+		$this->_setDebugInfo($signPars . " => sign:" . $sign);
+	}
+	
+	/**
+	*设置debug信息
+	*/
+	function _setDebugInfo($debugInfo) {
+		$this->debugInfo = $debugInfo;
+	}
+
+}
+
+?>

plugins/swiftpass/inc/class/Utils.class.php

@@ -0,0 +1,73 @@
+<?php
+class Utils{
+    /**
+     * 将数据转为XML
+     */
+    public static function toXml($array){
+        $xml = '<xml>';
+        forEach($array as $k=>$v){
+            $xml.='<'.$k.'><![CDATA['.$v.']]></'.$k.'>';
+        }
+        $xml.='</xml>';
+        return $xml;
+    }
+    
+    public static function dataRecodes($title,$data){
+        $handler = fopen('result.txt','a+');
+        $content = "================".$title."===================\n";
+        if(is_string($data) === true){
+            $content .= $data."\n";
+        }
+        if(is_array($data) === true){
+            forEach($data as $k=>$v){
+                $content .= "key: ".$k." value: ".$v."\n";
+            }
+        }
+        $flag = fwrite($handler,$content);
+        fclose($handler);
+        return $flag;
+    }
+
+    public static function parseXML($xmlSrc){
+        if(empty($xmlSrc)){
+            return false;
+        }
+        $array = array();
+        libxml_disable_entity_loader(true);
+        $xml = simplexml_load_string($xmlSrc);
+        $encode = Utils::getXmlEncode($xmlSrc);
+
+        if($xml && $xml->children()) {
+			foreach ($xml->children() as $node){
+				//有子节点
+				if($node->children()) {
+					$k = $node->getName();
+					$nodeXml = $node->asXML();
+					$v = substr($nodeXml, strlen($k)+2, strlen($nodeXml)-2*strlen($k)-5);
+					
+				} else {
+					$k = $node->getName();
+					$v = (string)$node;
+				}
+				
+				if($encode!="" && $encode != "UTF-8") {
+					$k = iconv("UTF-8", $encode, $k);
+					$v = iconv("UTF-8", $encode, $v);
+				}
+				$array[$k] = $v;
+			}
+		}
+        return $array;
+    }
+
+    //获取xml编码
+	public static function getXmlEncode($xml) {
+		$ret = preg_match ("/<?xml[^>]* encoding=\"(.*)\"[^>]* ?>/i", $xml, $arr);
+		if($ret) {
+			return strtoupper ( $arr[1] );
+		} else {
+			return "";
+		}
+	}
+}
+?>

plugins/swiftpass/inc/config.php

@@ -0,0 +1,20 @@
+<?php
+//威富通配置文件
+define("PAY_API_APPID", $channel['appid']);
+define("PAY_API_KEY", $channel['appkey']);
+define("PAY_API_APPSECRET", $channel['appsecret']);
+class Config{
+    private $cfg = array(
+        'url'=>'https://pay.swiftpass.cn/pay/gateway', /*支付接口请求地址 */
+        'mchId'=>PAY_API_APPID, /* 商户号，于申请成功后的开户邮件中获取 */
+        'version'=>'2.0',
+        'sign_type'=>'RSA_1_256',
+        'public_rsa_key'=>PAY_API_KEY,   /* RSA验签平台公钥 */
+        'private_rsa_key'=>PAY_API_APPSECRET   /* RSA签名私钥 */
+       );
+    
+    public function C($cfgName){
+        return $this->cfg[$cfgName];
+    }
+}
+?>