config = $params; } /** * 配置信息 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2018-09-19 * @desc description */ public function Config() { // 基础信息 $base = [ 'name' => 'QQ支付', // 插件名称 'version' => '1.0.0', // 插件版本 'apply_version' => '不限', // 适用系统版本描述 'apply_terminal'=> ['pc', 'h5', 'qq', 'ios', 'android'], // 适用终端 默认全部 ['pc', 'h5', 'app', 'alipay', 'weixin', 'baidu'] 'desc' => '适用PC+H5+APP+QQ小程序，即时到帐支付方式，买家的交易资金直接打入卖家账户，快速回笼交易资金。 立即申请', // 插件描述（支持html） 'author' => 'Devil', // 开发者 'author_url' => 'http://shopxo.net/', // 开发者主页 ]; // 配置信息 $element = [ [ 'element' => 'input', 'type' => 'text', 'default' => '', 'name' => 'app_appid', 'placeholder' => '开放平台AppID', 'title' => '开放平台AppID', 'is_required' => 0, 'message' => '请填写QQ开放平台APP支付分配的AppID', ], [ 'element' => 'input', 'type' => 'text', 'default' => '', 'name' => 'appid', 'placeholder' => 'QQ小程序ID', 'title' => 'QQ小程序ID', 'is_required' => 0, 'message' => '请填写QQ分配的小程序ID', ], [ 'element' => 'input', 'type' => 'text', 'default' => '', 'name' => 'mch_id', 'placeholder' => 'QQ支付商户号', 'title' => 'QQ支付商户号', 'is_required' => 0, 'message' => '请填写QQ支付分配的商户号', ], [ 'element' => 'input', 'type' => 'text', 'default' => '', 'name' => 'key', 'placeholder' => '密钥', 'title' => '密钥', 'desc' => 'QQ支付商户平台API配置的密钥', 'is_required' => 0, 'message' => '请填写密钥', ], [ 'element' => 'input', 'type' => 'text', 'default' => '', 'name' => 'op_user_id', 'placeholder' => '操作员帐号', 'title' => '操作员帐号（退款操作必填项）', 'desc' => '也可以是商户号，操作员工创建参考：https://kf.qq.com/faq/170112AZ7Fzm170112VNz6zE.html', 'is_required' => 0, 'message' => '请填写操作员帐号', ], [ 'element' => 'input', 'type' => 'text', 'default' => '', 'name' => 'op_user_passwd', 'placeholder' => '操作员密码', 'title' => '操作员密码（退款操作必填项）', 'desc' => '如果操作员帐号填写的是商户号，那这里就是商户号登录密码', 'is_required' => 0, 'message' => '请填写操作员密码', ], [ 'element' => 'textarea', 'name' => 'apiclient_cert', 'placeholder' => '证书(apiclient_cert.pem)', 'title' => '证书(apiclient_cert.pem)（退款操作必填项）', 'is_required' => 0, 'rows' => 6, 'message' => '请填写证书(apiclient_cert.pem)', ], [ 'element' => 'textarea', 'name' => 'apiclient_key', 'placeholder' => '证书密钥(apiclient_key.pem)', 'title' => '证书密钥(apiclient_key.pem)（退款操作必填项）', 'is_required' => 0, 'rows' => 6, 'message' => '请填写证书密钥(apiclient_key.pem)', ], [ 'element' => 'select', 'title' => '异步通知协议', 'message' => '请选择协议类型', 'name' => 'agreement', 'is_multiple' => 0, 'element_data' => [ ['value'=>1, 'name'=>'默认当前协议'], ['value'=>2, 'name'=>'强制https转http协议'], ], ], ]; return [ 'base' => $base, 'element' => $element, ]; } /** * 支付入口 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2018-09-19 * @desc description * @param [array] $params [输入参数] */ public function Pay($params = []) { // 参数 if(empty($params)) { return DataReturn('参数不能为空', -1); } // 配置信息 if(empty($this->config)) { return DataReturn('支付缺少配置', -1); } // 获取支付参数 $ret = $this->GetPayParams($params); if($ret['code'] != 0) { return $ret; } // 请求接口处理 $result = $this->XmlToArray($this->HttpRequest('https://qpay.qq.com/cgi-bin/pay/qpay_unified_order.cgi', $this->ArrayToXml($ret['data']))); if(!empty($result['return_code']) && $result['return_code'] == 'SUCCESS' && !empty($result['prepay_id'])) { return $this->PayHandleReturn($ret['data'], $result, $params); } $msg = is_string($result) ? $result : (empty($result['retmsg']) ? (empty($result['return_msg']) ? '支付接口异常' : $result['return_msg']) : $result['retmsg']); if(!empty($result['err_code_des'])) { $msg .= '-'.$result['err_code_des']; } return DataReturn($msg, -1); } /** * 支付返回处理 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-08 * @desc description * @param [array] $pay_params [支付参数] * @param [array] $data [支付返回数据] * @param [array] $params [输入参数] */ private function PayHandleReturn($pay_params = [], $data = [], $params = []) { $redirect_url = empty($params['order_id']) ? '' : urlencode(MyUrl('index/order/detail', ['id'=>$params['order_id']])); $result = DataReturn('支付接口异常', -1); switch($pay_params['trade_type']) { // web支付 case 'NATIVE' : // 手机模式下直接返回微信的支付url地址，打开支付（缺点是支付后会直接关闭站点） // QQ支付本身没有提供H5支付方案，这种方式也可以直接支付（缺点是支付后不能回调到原来浏览器） // 公众号后续再采用公众号的方式支付，体验会更好一些，只是可以不关闭站点 if(APPLICATION == 'web' && IsMobile()) { $result = DataReturn('success', 0, $data['code_url']); } else { if(empty($params['check_url'])) { return DataReturn('支付状态校验地址不能为空', -50); } if(APPLICATION == 'app') { $data = [ 'pay_url' => $data['code_url'], 'qrcode_url' => MyUrl('index/qrcode/index', ['content'=>urlencode(base64_encode($data['code_url']))]), 'order_no' => $params['order_no'], 'name' => 'QQ支付', 'msg' => '打开QQAPP扫一扫进行支付', 'check_url' => $params['check_url'], ]; } else { $pay_params = [ 'url' => urlencode(base64_encode($data['code_url'])), 'order_no' => $params['order_no'], 'name' => urlencode('QQ支付'), 'msg' => urlencode('打开QQAPP扫一扫进行支付'), 'check_url' => urlencode(base64_encode($params['check_url'])), ]; $data = MyUrl('index/pay/qrcode', $pay_params); } $result = DataReturn('success', 0, $data); } break; // QQ中公众号支付 case 'JSAPI' : $result = DataReturn('公众号暂不支持', -1); break; // QQ小程序支付 case 'MINIAPP' : $result = DataReturn('success', 0, 'prepay_id='.$data['prepay_id']); break; // APP支付 case 'APP' : $pay_data = array( 'appid' => $this->pay_params['app_appid'], 'partnerid' => $this->pay_params['mch_id'], 'prepayid' => $data['prepay_id'], 'package' => 'Sign=WXPay', 'noncestr' => md5(time().rand()), 'timestamp' => (string) time(), ); $pay_data['sign'] = $this->GetSign($pay_data); $result = DataReturn('success', 0, $pay_data); break; } return $result; } /** * 获取支付参数 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-07 * @desc description * @param [array] $params [输入参数] */ private function GetPayParams($params = []) { // 平台 $client_type = APPLICATION_CLIENT_TYPE; if($client_type == 'pc' && IsMobile()) { $client_type = 'h5'; } // 支付类型 $trade_type = empty($params['trade_type']) ? $this->GetTradeType($client_type) : $params['trade_type']; if(empty($trade_type)) { return DataReturn('支付类型不匹配', -1); } // 异步地址处理 $notify_url = (__MY_HTTP__ == 'https' && isset($this->config['agreement']) && $this->config['agreement'] == 1) ? 'http'.mb_substr($params['notify_url'], 5, null, 'utf-8') : $params['notify_url']; // appid $appid = $this->PayAppID($client_type); // 请求参数 $data = [ 'appid' => $appid, 'mch_id' => $this->config['mch_id'], 'nonce_str' => md5(time().$params['order_no']), 'body' => $params['site_name'].'-'.$params['name'], 'notify_url' => $notify_url, 'out_trade_no' => $params['order_no'], 'fee_type' => 'CNY', 'total_fee' => (int) (($params['total_price']*1000)/10), 'spbill_create_ip' => GetClientIP(), 'trade_type' => $trade_type, 'attach' => empty($params['attach']) ? $params['site_name'].'-'.$params['name'] : $params['attach'], ]; $data['sign'] = $this->GetSign($data); return DataReturn('success', 0, $data); } /** * appid获取 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2021-04-25 * @desc description * @param [string] $client_type [客户端类型] */ public function PayAppID($client_type) { $arr = [ 'app' => $this->config['app_appid'], 'ios' => $this->config['app_appid'], 'android' => $this->config['app_appid'], ]; return array_key_exists($client_type, $arr) ? $arr[$client_type] : $this->config['appid']; } /** * 获取支付交易类型 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-08 * @param [string] $client_type [客户端类型] * @desc description */ private function GetTradeType($client_type) { // 平台类型定义 $type_all = [ 'pc' => 'NATIVE', 'h5' => 'NATIVE', 'qq' => 'MINIAPP', 'app' => 'APP', 'ios' => 'APP', 'android' => 'APP', ]; return isset($type_all[$client_type]) ? $type_all[$client_type] : ''; } /** * 支付回调处理 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2018-09-19 * @desc description * @param [array] $params [输入参数] */ public function Respond($params = []) { $result = empty($GLOBALS['HTTP_RAW_POST_DATA']) ? $this->XmlToArray(file_get_contents('php://input')) : $this->XmlToArray($GLOBALS['HTTP_RAW_POST_DATA']); if(isset($result['trade_state']) && $result['trade_state'] == 'SUCCESS' && $result['sign'] == $this->GetSign($result)) { return DataReturn('支付成功', 0, $this->ReturnData($result)); } $error_msg = empty($result['return_msg']) ? '' : '['.$result['return_msg'].']'; return DataReturn('处理异常错误'.$error_msg, -100); } /** * [ReturnData 返回数据统一格式] * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @datetime 2018-10-06T16:54:24+0800 * @param [array] $data [返回数据] */ private function ReturnData($data) { // 返回数据固定基础参数 $data['trade_no'] = $data['transaction_id']; // 支付平台 - 订单号 $data['buyer_user'] = isset($data['openid']) ? $data['openid'] : ''; // 支付平台 - 用户 $data['out_trade_no'] = $data['out_trade_no']; // 本系统发起支付的 - 订单号 $data['subject'] = isset($data['attach']) ? $data['attach'] : ''; // 本系统发起支付的 - 商品名称 $data['pay_price'] = $data['total_fee']/100; // 本系统发起支付的 - 总价 return $data; } /** * 退款处理 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-05-28 * @desc description * @param [array] $params [输入参数] */ public function Refund($params = []) { // 参数 $p = [ [ 'checked_type' => 'empty', 'key_name' => 'order_no', 'error_msg' => '订单号不能为空', ], [ 'checked_type' => 'empty', 'key_name' => 'trade_no', 'error_msg' => '交易平台订单号不能为空', ], [ 'checked_type' => 'empty', 'key_name' => 'pay_price', 'error_msg' => '支付金额不能为空', ], [ 'checked_type' => 'empty', 'key_name' => 'refund_price', 'error_msg' => '退款金额不能为空', ], ]; $ret = ParamsChecked($params, $p); if($ret !== true) { return DataReturn($ret, -1); } // 请求参数 $data = [ 'appid' => $this->PayAppID($params['client_type']), 'mch_id' => $this->config['mch_id'], 'nonce_str' => md5(time().rand().$params['order_no']), 'transaction_id' => $params['trade_no'], 'out_trade_no' => $params['order_no'], 'out_refund_no' => $params['order_no'].GetNumberCode(), 'refund_fee' => (int) (($params['refund_price']*1000)/10), 'op_user_id' => $this->config['op_user_id'], 'op_user_passwd' => md5($this->config['op_user_passwd']), ]; $data['sign'] = $this->GetSign($data); // 请求接口处理 $result = $this->XmlToArray($this->HttpRequest('https://api.qpay.qq.com/cgi-bin/pay/qpay_refund.cgi', $this->ArrayToXml($data), true)); if(!empty($result['return_code']) && $result['return_code'] == 'SUCCESS') { // 统一返回格式 $data = [ 'out_trade_no' => isset($result['out_trade_no']) ? $result['out_trade_no'] : '', 'trade_no' => isset($result['refund_id']) ? $result['refund_id'] : '', 'buyer_user' => isset($result['openid']) ? $result['openid'] : '', 'refund_price' => isset($result['refund_fee']) ? $result['refund_fee']/100 : 0.00, 'return_params' => $result, ]; return DataReturn('退款成功', 0, $data); } $msg = is_string($result) ? $result : (empty($result['err_code']) ? '退款接口异常' : $result['err_code']); if(!empty($result['err_code_des'])) { $msg .= '-'.$result['err_code_des']; } return DataReturn($msg, -1); } /** * 签名生成 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-07 * @desc description * @param [array] $params [输入参数] */ private function GetSign($params = []) { ksort($params); $sign = ''; foreach($params as $k=>$v) { if($k != 'sign' && $v != '' && $v != null) { $sign .= "$k=$v&"; } } return strtoupper(md5($sign.'key='.$this->config['key'])); } /** * 数组转xml * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-07 * @desc description * @param [array] $data [数组] */ private function ArrayToXml($data) { $xml = ''; foreach($data as $k=>$v) { $xml .= '<'.$k.'>'.$v.''; } $xml .= ''; return $xml; } /** * xml转数组 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-07 * @desc description * @param [string] $xml [xm数据] */ private function XmlToArray($xml) { if(!$this->XmlParser($xml)) { return is_string($xml) ? $xml : '接口返回数据有误'; } return json_decode(json_encode(simplexml_load_string($xml, 'SimpleXMLElement', LIBXML_NOCDATA)), true); } /** * 判断字符串是否为xml格式 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-01-07 * @desc description * @param [string] $string [字符串] */ function XmlParser($string) { $xml_parser = xml_parser_create(); if(!xml_parse($xml_parser, $string, true)) { xml_parser_free($xml_parser); return false; } else { return (json_decode(json_encode(simplexml_load_string($string)),true)); } } /** * [HttpRequest 网络请求] * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @datetime 2017-09-25T09:10:46+0800 * @param [string] $url [请求url] * @param [array] $data [发送数据] * @param [boolean] $use_cert [是否需要使用证书] * @param [int] $second [超时] * @return [mixed] [请求返回数据] */ private function HttpRequest($url, $data, $use_cert = false, $second = 30) { $options = array( CURLOPT_RETURNTRANSFER => true, CURLOPT_HEADER => false, CURLOPT_POST => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_POSTFIELDS => $data, CURLOPT_TIMEOUT => $second, ); if($use_cert == true) { //设置证书 //使用证书：cert 与 key 分别属于两个.pem文件 $apiclient = $this->GetApiclientFile(); $options[CURLOPT_SSLCERTTYPE] = 'PEM'; $options[CURLOPT_SSLCERT] = $apiclient['cert']; $options[CURLOPT_SSLKEYTYPE] = 'PEM'; $options[CURLOPT_SSLKEY] = $apiclient['key']; } $ch = curl_init($url); curl_setopt_array($ch, $options); $result = curl_exec($ch); //返回结果 if($result) { curl_close($ch); return $result; } else { $error = curl_errno($ch); curl_close($ch); return "curl出错，错误码:$error"; } } /** * 获取证书文件路径 * @author Devil * @blog http://gong.gg/ * @version 1.0.0 * @date 2019-05-29 * @desc description */ private function GetApiclientFile() { // 证书位置 $apiclient_cert_file = ROOT.'runtime'.DS.'temp'.DS.'payment_qq_pay_apiclient_cert.pem'; $apiclient_key_file = ROOT.'runtime'.DS.'temp'.DS.'payment_qq_pay_apiclient_key.pem'; // 证书处理 if(stripos($this->config['apiclient_cert'], '-----') === false) { $apiclient_cert = "-----BEGIN CERTIFICATE-----\n"; $apiclient_cert .= wordwrap($this->config['apiclient_cert'], 64, "\n", true); $apiclient_cert .= "\n-----END CERTIFICATE-----"; } else { $apiclient_cert = $this->config['apiclient_cert']; } file_put_contents($apiclient_cert_file, $apiclient_cert); if(stripos($this->config['apiclient_key'], '-----') === false) { $apiclient_key = "-----BEGIN PRIVATE KEY-----\n"; $apiclient_key .= wordwrap($this->config['apiclient_key'], 64, "\n", true); $apiclient_key .= "\n-----END PRIVATE KEY-----"; } else { $apiclient_key = $this->config['apiclient_key']; } file_put_contents($apiclient_key_file, $apiclient_key); return ['cert' => $apiclient_cert_file, 'key' => $apiclient_key_file]; } } ?>