return_verify(); if($verify_result) { //验证成功 //获取支付宝的通知返回参数 $dingdan = $_GET['out_trade_no']; //获取订单号 $total_fee = $_GET['total_fee']; //获取总价格 if(!preg_match('/^[0-9]+$/',$dingdan)){ die; } /*假设: sOld_trade_status="0";表示订单未处理; sOld_trade_status="1";表示交易成功(TRADE_FINISHED/TRADE_SUCCESS); */ if($_GET['trade_status'] == 'TRADE_FINISHED' || $_GET['trade_status'] == 'TRADE_SUCCESS') { //放入订单交易完成后的数据库更新程序代码,请务必保证echo出来的信息只有success //为了保证不被重复调用,或重复执行数据库更新程序,请判断该笔交易状态是否是订单未处理状态 if ($sOld_trade_status < 1) { //根据订单号更新订单,把订单处理成交易成功 require_once(APP_PATH.'app/public/common.php'); require_once(LIB_PATH.'ApiPay.class.php'); $apiPay = new apipay($phpyun,$db,$db_config['def'],'index'); $apiPay->payAll($dingdan,$total_fee,'alipay'); } header("Location:".$config['sy_weburl']."/member/index.php?c=paylog"); }else { echo "trade_status=".$_GET['trade_status']; } }else { //验证失败 //如要调试,请看alipay_notify.php页面的return_verify函数,比对sign和mysign的值是否相等,或者检查$veryfy_result有没有返回true //echo "fail"; } }else{ require_once dirname(dirname(dirname(__FILE__))).'/api/aop/AopClient.php'; $aop = new AopClient(); $aop->alipayrsaPublicKey = $alipaydata['sy_alipaypublickey']; $aop->signType = 'RSA2'; $requestParamsArr = $_GET; //除去sign、sign_type两个参数外,凡是通知返回回来的参数皆是待验签的参数。 //unset($requestParamsArr['sign_type']); // $requestParamsArr['fund_bill_list'] = stripslashes($_GET['fund_bill_list']); //验证RSA2格式签名 $verify_result = $aop->rsaCheckV1($requestParamsArr, $aop->alipayrsaPublicKey,$aop->signType); if($verify_result) { if(!preg_match('/^[0-9]+$/', $_GET['out_trade_no'])){ die; } //验证成功 //获取支付宝的反馈参数 $dingdan = $_GET['out_trade_no']; //获取支付宝传递过来的订单号 $total_amount = $_GET['total_amount']; //获取支付宝传递过来的总价格 //为了保证不被重复调用,或重复执行数据库更新程序,请判断该笔交易状态是否是订单未处理状态 //根据订单号更新订单,把订单处理成交易成功 require_once(APP_PATH.'app/public/common.php'); require_once(LIB_PATH.'ApiPay.class.php'); $apiPay = new apipay($phpyun,$db,$db_config['def'],'index'); $return = $apiPay->payAll($dingdan,$total_amount,'alipay'); if ($return==2){ header("Location:".$config['sy_weburl']."/member/index.php?c=paylog"); // echo "success"; } }else { //验证失败 echo "fail"; } } ?>