微信H5支付完整版含PHP回撥頁面
注意事項:
一,微信H5支付只能用在手機瀏覽器中,比如百度瀏覽器,UC瀏覽器等,不可以用在微信中,微信中只可以使用公眾號支付.要特別注意.
二,如果你的h5手機版網站加殼打包封裝成了APP,根據我們的測試,也可以使用微信h5支付.不過.據微信官方說,可能會提示商家引數格式有誤,請聯絡商家解決,原因. 當前調起H5支付的referer為空導致,一般是因為直接訪問頁面調起H5支付,請按正常流程進行頁面跳轉後發起支付,或自行抓包確認referer值是否為空如果是在封裝的APP裡調起H5支付,需要在webview中手動設referer,如(Map extraHeaders = new HashMap();ex
traHeaders.put(“Referer”, “商戶申請H5時提交的授權域名”);//例如
以上是,微信官方的說明,如果你的網站需要打包成APP.可以具體諮詢對方技術人員,打包後,是否影響h5支付.以免糾紛.
三,微信支付最麻煩的就是簽名失敗.很多時候與網站中的中文編碼有關,注意轉碼.
四,支付檔案需放到支付授權目錄下,可以在微信支付商戶平臺->產品中心->開發配置中設定。
程式碼如下,本文的所有程式碼預設放在m\user\wxpay目錄中,
一.wxpay目錄中的H5.config.php 配置檔案,這個檔案一般是後臺儲存後.自動生成的檔案.內容為
<? return array( 'APPID' => 'wxc35486954cde','MCHID' => '1496515882','KEY' => '6ac2b9e536763299','APPSECRET' => '6ac2b9e53676328c46e','SSLCERT_PATH' => '','SSLKEY_PATH' => '',' CURL_PROXY_HOST' => '','CURL_PROXY_PORT' => 0,'REPORT_LEVENL' => 1);?>
三,h5_pay.php 支付檔案.本檔案中,需要生成訂單並儲存到你的資料庫中,並跳轉到微信,進行支付.
<?php
$sj=date("Y-m-d H:i:s");
$userid=returnuserid($_SESSION["SHOPUSER"]);
$uip=$_SERVER["REMOTE_ADDR"];
$money1=sqlzhuru($_POST[t1]);
$bh=$ddbh=$_SESSION[h5_wx_ddbh]="h5wx_".time()."_uid".$userid;
intotable("yjcode_dingdang","bh,ddbh,userid,sj,uip,money1,ddzt,alipayzt,bz,ifok,wxddbh","'".$bh."','".$ddbh."',".$userid.",'".$sj."','".$uip."',".$money1.",'等待買家付款','','微信充值',0,''");//如果入庫失敗,注意本檔案的編碼,中文可需要轉碼
//die(mysql_error());
$lib_path = dirname(__FILE__)."/";
$wechatconfig=require_once "H5.config.php";
$config = array(
'APPID' => $wechatconfig['APPID'],
'MCHID' => $wechatconfig['MCHID'],
'KEY' => $wechatconfig['KEY'],
'APPSECRET' => $wechatconfig['APPSECRET'] ,
'REDIRECT_URL'=>weburl.'m/user/',
'NOTIFY_URL' => weburl.'m/user/wxpay/h5_pay_notify.php', //非同步通知地址,收到微信通知後,可以修改根據情況訂單狀態為付款成功並增加會員餘額
);
$out_trade_no = $_SESSION['h5_wx_ddbh'];//訂單號.
while1("*","yjcode_dingdang where ddbh='".$out_trade_no."'");
$pay_order_data=mysql_fetch_array($res1);
$notify_url = $config['NOTIFY_URL'];
$wechatAppPay = new wechatAppPay($config['APPID'], $config['MCHID'], $notify_url, $config['KEY']);
$params['body'] = iconv("GB2312//IGNORE","UTF-8",'充值中'); //注意檢測編碼.否則簽名很可失敗
$params['out_trade_no'] = $out_trade_no;
$params['total_fee'] = $pay_order_data['money1'] * 100;
$params['trade_type'] = 'MWEB';
$params['scene_info'] = '{"h5_info": {"type":"Wap","wap_url": "'.weburl.'","wap_name": "h5pay"}}';
$result = $wechatAppPay->unifiedOrder($params);
//file_put_contents('3.txt', $result);//日誌
$url_encode_redirect_url = urlencode($config['REDIRECT_URL']);
$url = $result['mweb_url'] . '&redirect_url=' . $url_encode_redirect_url;
echo "<script>window.location.href='" . $url . "';</script>";
exit();
//以下為類檔案,不需要修改
/**
* 微信支付伺服器端下單
* 微信APP支付文件地址: https://pay.weixin.qq.com/wiki/doc/api/app.php?chapter=8_6
* 使用示例
* 構造方法引數
* 'appid' => //填寫微信分配的公眾賬號ID
* 'mch_id' => //填寫微信支付分配的商戶號
* 'notify_url'=> //填寫微信支付結果回撥地址
* 'key' => //填寫微信商戶支付金鑰
* );
* 統一下單方法
* $WechatAppPay = new wechatAppPay($options);
* $params['body'] = '商品描述'; //商品描述
* $params['out_trade_no'] = '1217752501201407'; //自定義的訂單號,不能重複
* $params['total_fee'] = '100'; //訂單金額 只能為整數 單位為分
* $params['trade_type'] = 'APP'; //交易型別 JSAPI | NATIVE |APP | WAP
* $wechatAppPay->unifiedOrder( $params );
*/
class wechatAppPay
{
//介面API URL字首
const API_URL_PREFIX = 'https://api.mch.weixin.qq.com';
//下單地址URL
const UNIFIEDORDER_URL = "/pay/unifiedorder";//微信官方的下單地址,不可修改
//查詢訂單URL
const ORDERQUERY_URL = "/pay/orderquery";
//關閉訂單URL
const CLOSEORDER_URL = "/pay/closeorder";
//公眾賬號ID
private $appid;
//商戶號
private $mch_id;
//隨機字串
private $nonce_str;
//簽名
private $sign;
//商品描述
private $body;
//商戶訂單號
private $out_trade_no;
//支付總金額
private $total_fee;
//終端IP
private $spbill_create_ip;
//支付結果回撥通知地址
private $notify_url;
//交易型別
private $trade_type;
//支付金鑰
private $key;
//證書路徑
private $SSLCERT_PATH;
private $SSLKEY_PATH;
//所有引數
private $params = array();
public function __construct($appid, $mch_id, $notify_url, $key)
{
$this->appid = $appid;
$this->mch_id = $mch_id;
$this->notify_url = $notify_url;
$this->key = $key;
}
/**
* 下單方法
* @param $params 下單引數
*/
public function unifiedOrder($params)
{
$this->body = $params['body'];
$this->out_trade_no = $params['out_trade_no'];
$this->total_fee = $params['total_fee'];
$this->trade_type = $params['trade_type'];
$this->scene_info = $params['scene_info'];
$this->nonce_str = $this->genRandomString();
$this->spbill_create_ip = $this->get_client_ip();
$this->params['appid'] = $this->appid;
$this->params['mch_id'] = $this->mch_id;
$this->params['nonce_str'] = $this->nonce_str;
$this->params['body'] = $this->body;
$this->params['out_trade_no'] = $this->out_trade_no;
$this->params['total_fee'] = $this->total_fee;
$this->params['spbill_create_ip'] = $this->spbill_create_ip;
$this->params['notify_url'] = $this->notify_url;
$this->params['trade_type'] = $this->trade_type;
$this->params['scene_info'] = $this->scene_info;
//獲取簽名資料
//print_r($this->params);
//如果簽名失敗,請到https://pay.weixin.qq.com/wiki/tools/signverify/
//填上相同引數.測試是哪個引數的變化導致簽名錯誤.本頁面需要谷歌瀏覽器開啟才行
$this->sign = $this->MakeSign($this->params);
//print_r( "---");;print_r( $this->sign);exit;
$this->params['sign'] = $this->sign;
$xml = $this->data_to_xml($this->params);
$response = $this->postXmlCurl($xml, self::API_URL_PREFIX . self::UNIFIEDORDER_URL);
//print_r($response );exit;
if (!$response) {
return false;
}
$result = $this->xml_to_data($response);
if (!empty($result['result_code']) && !empty($result['err_code'])) {
$result['err_msg'] = $this->error_code($result['err_code']);
}
return $result;
}
/**
* 將引數拼接為url: key=value&key=value
* @param $params
* @return string
*/
public function ToUrlParams($params)
{
//print_r($params);
$string = '';
if (!empty($params)) {
$array = array();
foreach ($params as $key => $value) {
$array[] = $key . '=' . $value;
}
//print_r($array);exit;
$string = implode("&", $array);
//$string = str_replace("---","&" ,$string);
// file_put_contents('1.txt',$string);
}
//print_r($string);exit;
return $string;
}
/**
* 生成簽名
* @return 簽名
*/
public function MakeSign($params)
{
//簽名步驟一:按字典序排序陣列引數
ksort($params);
$string = $this->ToUrlParams($params);
//簽名步驟二:在string後加入KEY
$string = $string . "&key=" . $this->key;
//print_r($string);exit;
// file_put_contents('4.txt', $string);
//print_r($string);exit;
//簽名步驟三:MD5加密
$string = md5($string);
//簽名步驟四:所有字元轉為大寫
$result = strtoupper($string);
return $result;
}
/**
* @author:周洪亮< [email protected]>;
* @copyright:2017/12/14;
* @var:使用者真實ip地址
*/
public function get_client_ip110000000000()
{
$cip = "unknown";
if ($_SERVER['REMOTE_ADDR']) {
$cip = $_SERVER['REMOTE_ADDR'];
} elseif (getenv("REMOTE_ADDR")) {
$cip = getenv("REMOTE_ADDR");
}
return $cip;
}
function get_client_ip() {
if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
$ip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
$ip = getenv('REMOTE_ADDR');
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
$ip = $_SERVER['REMOTE_ADDR'];
}
return preg_match ( '/[\d\.]{7,15}/', $ip, $matches ) ? $matches [0] : '';
}
/**
* 查詢訂單資訊
* @param $out_trade_no 訂單號
* @return array
*/
public function orderQuery($out_trade_no)
{
$this->params['appid'] = $this->appid;
$this->params['mch_id'] = $this->mch_id;
$this->params['nonce_str'] = $this->genRandomString();
$this->params['out_trade_no'] = $out_trade_no;
//獲取簽名資料
$this->sign = $this->MakeSign($this->params);
$this->params['sign'] = $this->sign;
$xml = $this->data_to_xml($this->params);
$response = $this->postXmlCurl($xml, self::API_URL_PREFIX . self::ORDERQUERY_URL);
if (!$response) {
return false;
}
$result = $this->xml_to_data($response);
if (!empty($result['result_code']) && !empty($result['err_code'])) {
$result['err_msg'] = $this->error_code($result['err_code']);
}
return $result;
}
/**
* 關閉訂單
* @param $out_trade_no 訂單號
* @return array
*/
public function closeOrder($out_trade_no)
{
$this->params['appid'] = $this->appid;
$this->params['mch_id'] = $this->mch_id;
$this->params['nonce_str'] = $this->genRandomString();
$this->params['out_trade_no'] = $out_trade_no;
//獲取簽名資料
$this->sign = $this->MakeSign($this->params);
$this->params['sign'] = $this->sign;
$xml = $this->data_to_xml($this->params);
$response = $this->postXmlCurl($xml, self::API_URL_PREFIX . self::CLOSEORDER_URL);
if (!$response) {
return false;
}
$result = $this->xml_to_data($response);
return $result;
}
/**
*
* 獲取支付結果通知資料
* return array
*/
public function getNotifyData()
{
//獲取通知的資料
$xml = $GLOBALS['HTTP_RAW_POST_DATA'];
$data = array();
if (empty($xml)) {
return false;
}
$data = $this->xml_to_data($xml);
if (!empty($data['return_code'])) {
if ($data['return_code'] == 'FAIL') {
return false;
}
}
return $data;
}
/**
* 接收通知成功後應答輸出XML資料
* @param string $xml
*/
public function replyNotify()
{
$data['return_code'] = 'SUCCESS';
$data['return_msg'] = 'OK';
$xml = $this->data_to_xml($data);
echo $xml;
die();
}
/**
* 生成APP端支付引數
* @param $prepayid 預支付id
*/
public function getAppPayParams($prepayid)
{
$data['appid'] = $this->appid;
$data['partnerid'] = $this->mch_id;
$data['prepayid'] = $prepayid;
$data['package'] = 'Sign=WXPay';
$data['noncestr'] = $this->genRandomString();
$data['timestamp'] = time();
$data['sign'] = $this->MakeSign($data);
return $data;
}
/**
* 輸出xml字元
* @param $params 引數名稱
* return string 返回組裝的xml
**/
public function data_to_xml($params)
{
if (!is_array($params) || count($params) <= 0) {
return false;
}
$xml = "<xml>";
foreach ($params as $key => $val) {
if (is_numeric($val)) {
$xml .= "<" . $key . ">" . $val . "</" . $key . ">";
} else {
$xml .= "<" . $key . "><![CDATA[" . $val . "]]></" . $key . ">";
}
}
$xml .= "</xml>";
return $xml;
}
/**
* 將xml轉為array
* @param string $xml
* return array
*/
public function xml_to_data($xml)
{
if (!$xml) {
return false;
}
//將XML轉為array
//禁止引用外部xml實體
libxml_disable_entity_loader(true);
$data = json_decode(json_encode(simplexml_load_string($xml, 'SimpleXMLElement', LIBXML_NOCDATA)), true);
return $data;
}
/**
* 獲取毫秒級別的時間戳
*/
private static function getMillisecond()
{
//獲取毫秒的時間戳
$time = explode(" ", microtime());
$time = $time[1] . ($time[0] * 1000);
$time2 = explode(".", $time);
$time = $time2[0];
return $time;
}
/**
* 產生一個指定長度的隨機字串,並返回給使用者
* @param type $len 產生字串的長度
* @return string 隨機字串
*/
private function genRandomString($len = 32)
{
$chars = array(
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k",
"l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",
"w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G",
"H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R",
"S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",
"3", "4", "5", "6", "7", "8", "9",
);
$charsLen = count($chars) - 1;
// 將陣列打亂
shuffle($chars);
$output = "";
for ($i = 0; $i < $len; $i++) {
$output .= $chars[mt_rand(0, $charsLen)];
}
return $output;
}
/**
* 以post方式提交xml到對應的介面url
*
* @param string $xml 需要post的xml資料
* @param string $url url
* @param bool $useCert 是否需要證書,預設不需要
* @param int $second url執行超時時間,預設30s
* @throws WxPayException
*/
private function postXmlCurl($xml, $url, $useCert = false, $second = 30)
{
$ch = curl_init();
//設定超時
curl_setopt($ch, CURLOPT_TIMEOUT, $second);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
//設定header
curl_setopt($ch, CURLOPT_HEADER, false);
//要求結果為字串且輸出到螢幕上
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
if ($useCert == true) {
//設定證書
//使用證書:cert 與 key 分別屬於兩個.pem檔案
curl_setopt($ch, CURLOPT_SSLCERTTYPE, 'PEM');
//curl_setopt($ch,CURLOPT_SSLCERT, WxPayConfig::SSLCERT_PATH);
curl_setopt($ch, CURLOPT_SSLKEYTYPE, 'PEM');
//curl_setopt($ch,CURLOPT_SSLKEY, WxPayConfig::SSLKEY_PATH);
}
//post提交方式
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
//執行curl
$data = curl_exec($ch);
//返回結果
if ($data) {
curl_close($ch);
return $data;
} else {
$error = curl_errno($ch);
curl_close($ch);
return false;
}
}
/**
* 錯誤程式碼
* @param $code 伺服器輸出的錯誤程式碼
* return string
*/
public function error_code($code)
{
$errList = array(
'NOAUTH' => '商戶未開通此介面許可權',
'NOTENOUGH' => '使用者帳號餘額不足',
'ORDERNOTEXIST' => '訂單號不存在',
'ORDERPAID' => '商戶訂單已支付,無需重複操作',
'ORDERCLOSED' => '當前訂單已關閉,無法支付',
'SYSTEMERROR' => '系統錯誤!系統超時',
'APPID_NOT_EXIST' => '引數中缺少APPID',
'MCHID_NOT_EXIST' => '引數中缺少MCHID',
'APPID_MCHID_NOT_MATCH' => 'appid和mch_id不匹配',
'LACK_PARAMS' => '缺少必要的請求引數',
'OUT_TRADE_NO_USED' => '同一筆交易不能多次提交',
'SIGNERROR' => '引數簽名結果不正確',
'XML_FORMAT_ERROR' => 'XML格式錯誤',
'REQUIRE_POST_METHOD' => '未使用post傳遞引數 ',
'POST_DATA_EMPTY' => 'post資料不能為空',
'NOT_UTF8' => '未使用指定編碼格式',
);
if (array_key_exists($code, $errList)) {
return $errList[$code];
}
}
}
?>
四,h5_pay_notify.php 非同步通知檔案.根據使用者是否付款.來修改使用者的充值餘額及訂單支付狀態.
注意,本檔案只是參考.裡面有一個驗證簽名的步驟
<?php
header('Content-type:text/html; Charset=utf-8');
define('PHPS_PATH', dirname(__FILE__).DIRECTORY_SEPARATOR);
$mchid = '14982'; //微信支付商戶號 PartnerID 通過微信支付商戶資料稽核後郵件傳送
$appid = 'wxd664cdf588'; //公眾號APPID 通過微信支付商戶資料稽核後郵件傳送
$apiKey = '725bf'; // 帳戶設定-安全設定-API安全-API金鑰-設定API金鑰
$wxPay = new WxpayService_PC2($mchid,$appid,$apiKey);
$result = $wxPay->notify();
if($result){
if(array_key_exists("return_code", $result)&& array_key_exists("result_code", $result)&& $result["return_code"] == "SUCCESS"&& $result["result_code"] == "SUCCESS"){
file_put_contents('1.txt',1);//$result['transaction_id']
//ini_set('display_errors',1); //錯誤資訊
//ini_set('display_startup_errors',1); //php啟動錯誤資訊
//error_reporting(-1); //打印出所有的 錯誤資訊
$mysql_user=include(PHPS_PATH.'/caches/configs/database.php');
$username=$mysql_user['default']['username'];
$password=$mysql_user['default']['password'];
$tablepre=$mysql_user['default']['tablepre'];
$database=$mysql_user['default']['database'];
$out_trade_no=$result['out_trade_no'];
//$out_trade_no='2018022401013737544';
$con = mysqli_connect($mysql_user['default']['hostname'],$username,$password);
mysqli_select_db($con,$database);
$sql = ' SELECT * FROM '.$tablepre."pay_account where trade_sn='".$out_trade_no."'";
$result2=mysqli_query($con,$sql);
$orderinfo=mysqli_fetch_array($result2);;
$uid=$orderinfo['userid'];
$sql2 = ' SELECT * FROM '.$tablepre."member where userid=".$uid;
$result1=mysqli_query($con,$sql2);
$userinfo=mysqli_fetch_array($result1);;
if($orderinfo){
if($orderinfo['status']=='succ'){
//file_put_contents('31.txt',1);
return true;
mysqli_close($con);
exit();
}else{
// if($orderinfo['money']== $_POST['total_fee'] ){
$money = $orderinfo['money'];
$amount = $userinfo['amount'] + $money;
$sql3 = ' update '.$tablepre."member set amount= ".$amount." where userid=".$uid;
$result3=mysqli_query($con,$sql3);
$sql4 = ' update '.$tablepre."pay_account set status= 'succ' where userid=".$uid ." and trade_sn='".$out_trade_no."'";
$result4=mysqli_query($con,$sql4);
//file_put_contents('1.txt',$result4);
return true;
mysqli_close($con);
exit();
// }
}
}
return true;
}
//完成你的邏輯
//例如連線資料庫,獲取付款金額$result['cash_fee'],獲取訂單號$result['out_trade_no'],修改資料庫中的訂單狀態等;
}else{
echo 'pay error';
}
class WxpayService_PC2
{
protected $mchid;
protected $appid;
protected $apiKey;
public function __construct($mchid, $appid, $key)
{
$this->mchid = $mchid;
$this->appid = $appid;
$this->apiKey = $key;
}
public function notify()
{
$config = array(
'mch_id' => $this->mchid,
'appid' => $this->appid,
'key' => $this->apiKey,
);
$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
if ($postObj === false) {
die('parse xml error');
}
if ($postObj->return_code != 'SUCCESS') {
die($postObj->return_msg);
}
if ($postObj->result_code != 'SUCCESS') {
die($postObj->err_code);
}
$arr = (array)$postObj;
unset($arr['sign']);
if (self::getSign($arr, $config['key']) == $postObj->sign) {
echo '<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xml>';
return $arr;
}
}
/**
* 獲取簽名
*/
public static function getSign($params, $key)
{
ksort($params, SORT_STRING);
$unSignParaString = self::formatQueryParaMap($params, false);
$signStr = strtoupper(md5($unSignParaString . "&key=" . $key));
return $signStr;
}
protected static function formatQueryParaMap($paraMap, $urlEncode = false)
{
$buff = "";
ksort($paraMap);
foreach ($paraMap as $k => $v) {
if (null != $v && "null" != $v) {
if ($urlEncode) {
$v = urlencode($v);
}
$buff .= $k . "=" . $v . "&";
}
}
$reqPar = '';
if (strlen($buff) > 0) {
$reqPar = substr($buff, 0, strlen($buff) - 1);
}
return $reqPar;
}
}
四,前臺支付按鈕頁面程式碼,表單
<html>
<head>
<meta http-equiv="x-ua-compatible" content="ie=7" />
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<meta name="viewport" content="width=device-width,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no"/>
<title>會員中心</title>
</head>
<body>
<form name="f1" method="post" action="">
<input type="hidden" value="pay" name="jvs" />
<div class="d1">充值金額</div>
<input type="text" name="t1" class="inp" style="font-weight:700;color:#ff6600;" value="0.01" />
<br/>
<input type="submit" class="tjinput" value="立即充值" />
</form>
</div>
</body>
</html>