| public verifyReturn ( ) : 验证结果 | ||
| return | 验证结果 | |
public function verifyReturn()
{
if (empty($_GET)) {
//判断POST来的数组是否为空
return false;
} else {
//生成签名结果
$isSign = $this->getSignVeryfy($_GET, $_GET['sign']);
//获取支付宝远程服务器ATN结果(验证是否是支付宝发来的消息)
$responseTxt = 'true';
if (!empty($_GET['notify_id'])) {
$responseTxt = $this->getResponse($_GET['notify_id']);
}
//写日志记录
//if ($isSign) {
// $isSignStr = 'true';
//}
//else {
// $isSignStr = 'false';
//}
//$log_text = "responseTxt=".$responseTxt."\n return_url_log:isSign=".$isSignStr.",";
//$log_text = $log_text.createLinkString($_GET);
//logResult($log_text);
//验证
//$responsetTxt的结果不是true,与服务器设置问题、合作身份者ID、notify_id一分钟失效有关
//isSign的结果不是true,与安全校验码、请求时的参数格式(如:带自定义参数等)、编码格式有关
if (preg_match('/true$/i', $responseTxt) && $isSign) {
return true;
} else {
return false;
}
}
} function respond() {
ini_set("display_errors","On");
$where = array('ologin_code'=>front::$get['ologin_code']);
$ologins = ologin::getInstance()->getrows($where);
$ologin = unserialize_config($ologins[0]['ologin_config']);
//var_dump($ologin);
$aliapy_config['partner'] = $ologin['alipaylogin_id'];
$aliapy_config['key'] = $ologin['alipaylogin_key'];
$aliapy_config['return_url'] = ologin::url(basename(__FILE__,'.php'));
$aliapy_config['sign_type'] = 'MD5';
$aliapy_config['input_charset']= 'utf-8';
$aliapy_config['transport'] = 'http';
$aliapy_config['cacert'] = getcwd().'/lib/plugins/alipayauth/cacert.pem';
//var_dump($aliapy_config);
unset($_GET['case']);unset($_GET['act']);unset($_GET['ologin_code']);unset($_GET['site']);
require_once("alipayauth/alipay_notify.class.php");
$alipayNotify = new AlipayNotify($aliapy_config);
//var_dump($alipayNotify);
$verify_result = $alipayNotify->verifyReturn();
//var_dump($verify_result);
if($verify_result) {//验证成功
$user_id = front::$get['user_id'];
$token = front::$get['token'];
session::set('access_token',$token);
session::set("openid",$user_id);
return array('nickname'=> front::get('real_name'));
}
else {
echo "验证失败";exit;
}
}
