create_direct_pay_by_user 官方参数API文档地址:
步骤:
- 1. 按照官方文档,编写此接口所需要的各个参数;
- 2. 对各参数进行签名处理,生成URL;
- 3.调用此URL,跳转到支付宝官方扫码支付页面;
- 4.支付成功后会进行回调通知,通知自己系统已经支付
一.访问参数:
二.回调参数
array(22) {
["body"]=>//商品描述
string(18) "690525226950818654"
["buyer_email"]=>
string(16) "11111@qq.com"
["buyer_id"]=>
string(16) "2222902033926271"
["exterface"]=>
string(25) "create_direct_pay_by_user" //调用的接口
["extra_common_param"]=>
string(10) "real_order" //公用回传参数
["is_success"]=>
string(1) "T" //支付结果
["notify_id"]=>
string(70) "RqPnCoPT3K9%2Fvwbh3InWf0XW8pWwcio6G0Hni8UM0LwgNbG56RwvWoCVp73ob902VflF"
["notify_time"]=>
string(19) "2016-08-23 00:24:34"
["notify_type"]=>
string(17) "trade_status_sync"
["out_trade_no"]=> //自己生成的支付码,pay_SN
string(18) "690525226950818654"
["payment_type"]=>
string(1) "1"
["seller_email"]=>
string(20) "zhifubao@qq.com"//卖家email
["seller_id"]=>
string(16) "<span class="KSFIND_CLASS_SELECT" id="0KSFindDIV">2088</span>221624104006"//卖家alipay_partner
["subject"]=>商品名称
string(31) "实物订单_690525226950818654"
["total_fee"]=>
string(4) "0.01"//交易金额,单位是元
["trade_no"]=>
string(28) "2016082321001004270244845496",//支付宝生成的
["trade_status"]=>
string(13) "TRADE_SUCCESS"//交易结果
["sign"]=>
string(32) "1e85b163affcaab205767ec8585d64cd"//签名
["sign_type"]=>
string(3) "MD5"
}
记得在自己回调方法的逻辑里添加合法性验证
三. 注意:
1.需要特别提醒的两个参数:
return_url:同步页面回调地址,可以配置HOST在本地调试(扫码成功以后,会在扫码页面
带回调参数跳转回此URL,进行后续操作)
notify_url: 异步回调通知地址,只能在服务器调试
(扫码成功以后,支付宝系统带回调参数异步访问此URL,进行后续操作)
2.回调时记得进行合法性验证(详细代码见下方)
四.相关函数:
1.支付相关
/**2.回调相关:
* 取得支付宝签名
*
* @return string
*/
private function sign($parameter) {
$mysign = "";
$filtered_array = $this->para_filter($parameter);
$sort_array = $this->arg_sort($filtered_array);
$arg = "";
while (list ($key, $val) = each ($sort_array)) {
$arg .= $key."=".$this->charset_encode($val,(empty($parameter['_input_charset'])?"UTF-8":$parameter['_input_charset']),(empty($parameter['_input_charset'])?"UTF-8":$parameter['_input_charset']))."&";
}
$prestr = substr($arg,0,-1); //去掉最后一个&号
$prestr .= $parameter['key'];
if($parameter['sign_type'] == 'MD5') {
$mysign = md5($prestr);
}elseif($parameter['sign_type'] =='DSA') {
//DSA 签名方法待后续开发
die("DSA 签名方法待后续开发,请先使用MD5签名方式");
}else {
die("支付宝暂不支持".$parameter['sign_type']."类型的签名方式");
}
return $mysign;
}
/**
* 除去数组中的空值和签名模式
*
* @param array $parameter
* @return array
*/
private function para_filter($parameter) {
$para = array();
while (list ($key, $val) = each ($parameter)) {
if($key == "sign" || $key == "sign_type" || $key == "key" || $val == "")continue;
else $para[$key] = $parameter[$key];
}
return $para;
}
/**
* 重新排序参数数组
*
* @param array $array
* @return array
*/
private function arg_sort($array) {
ksort($array);
reset($array);
return $array;
}
/**
* 实现多种字符编码方式
*/
private function charset_encode($input,$_output_charset,$_input_charset="UTF-8") {
$output = "";
if(!isset($_output_charset))$_output_charset = $this->parameter['_input_charset'];
if($_input_charset == $_output_charset || $input == null) {
$output = $input;
} elseif (function_exists("mb_convert_encoding")){
$output = mb_convert_encoding($input,$_output_charset,$_input_charset);
} elseif(function_exists("iconv")) {
$output = iconv($_input_charset,$_output_charset,$input);
} else die("sorry, you have no libs support for charset change.");
return $output;
}
/**
* 制作支付接口的请求地址
*
* @return string
*/
private function create_url() {
$url = $this->alipay_gateway_new;
$filtered_array = $this->para_filter($this->parameter);
$sort_array = $this->arg_sort($filtered_array);
$arg = "";
while (list ($key, $val) = each ($sort_array)) {
$arg.=$key."=".urlencode($val)."&";
}
$url.= $arg."sign=" .$this->parameter['sign'] ."&sign_type=".$this->parameter['sign_type'];
return $url;
}
/**
* 通知地址验证
*
* @return bool
*/
public function notify_verify() {
$param = $_POST;
$param['key'] = $this->payment['payment_config']['alipay_key'];
$veryfy_url = $this->alipay_verify_url. "partner=" .$this->payment['payment_config']['alipay_partner']. "¬ify_id=".$param["notify_id"];
$veryfy_result = $this->getHttpResponse($veryfy_url);
$mysign = $this->sign($param);
if (preg_match("/true$/i",$veryfy_result) && $mysign == $param["sign"]) {
return true;
} else {
return false;
}
}
/**
* 远程获取数据
* $url 指定URL完整路径地址
* @param $time_out 超时时间。默认值:60
* return 远程输出的数据
*/
private function getHttpResponse($url,$time_out = "60") {
$urlarr = parse_url($url);
$errno = "";
$errstr = "";
$transports = "";
$responseText = "";
if($urlarr["scheme"] == "https") {
$transports = "ssl://";
$urlarr["port"] = "443";
} else {
$transports = "tcp://";
$urlarr["port"] = "80";
}
$fp=@fsockopen($transports . $urlarr['host'],$urlarr['port'],$errno,$errstr,$time_out);
if(!$fp) {
die("ERROR: $errno - $errstr<br />\n");
} else {
if (trim(CHARSET) == '') {
fputs($fp, "POST ".$urlarr["path"]." HTTP/1.1\r\n");
} else {
fputs($fp, "POST ".$urlarr["path"].'?_input_charset='.CHARSET." HTTP/1.1\r\n");
}
fputs($fp, "Host: ".$urlarr["host"]."\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: ".strlen($urlarr["query"])."\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $urlarr["query"] . "\r\n\r\n");
while(!feof($fp)) {
$responseText .= @fgets($fp, 1024);
}
fclose($fp);
$responseText = trim(stristr($responseText,"\r\n\r\n"),"\r\n");
return $responseText;
}
}