Home > Article > Backend Development > A brief analysis of how to handle WeChat payment notifications in PHP_PHP Tutorial
A brief analysis of how to handle WeChat payment notifications in PHP_PHP Tutorial
- WBOYOriginal
- 2016-07-13 10:29:24777browse
The implementation of the notification mechanism only has official documentation and no demo code. For those who have never done it before, it will take a lot of time to test.
From what the document says, the structure of the data notified by WeChat each time is relatively complex. It is a multi-segment data. In addition to fetching the POST data, other data must also be fetched.
This first involves a question about the values of php://input and $_POST. Here are a few simple points:
1. When the Content-Type value is application/x-www-form-urlencoded , PHP will fill in the corresponding data of the http request body into the array $_POST. The data filled in the $_POST array is the result of urldecode() parsing. (Actually, in addition to the Content-Type, there is also multipart/form-data indicating that the data is form data, which we will introduce later)
2. php://input data, as long as the Content-Type is not multipart/form-data (This condition will be introduced later). Then the php://input data is consistent with the http entity body part of the data. The length of this partially consistent data is specified by Content-Length.
3. Only when the Content-Type is application/x-www-form-urlencoded and the submission method is the POST method, the $_POST data and the php://input data are "consistent" (with quotes to indicate their formats) Inconsistent, consistent content). Otherwise, they are inconsistent.
4. php://input cannot read $_GET data. This is because the $_GET data is written as query_path in the PATH field of the http request header (header), rather than in the body part of the http request.
This also helps us understand why the xml_rpc server reads data through file_get_contents(‘php://input’, ‘r’). Instead of reading from $_POST, it is precisely because the data specification of xml_rpc is xml and its Content-Type is text/xml.
5. php://input encounters multipart/form-data, please check RFC1867 for its description. multipart/form-data also means submitting form data using the POST method. It is also accompanied by file upload, so it will be different from the application/x- www-form-urlencoded data format. It will be passed to the server in a more reasonable and efficient data format. When Content-Type is multipart/form-data, even if there is data in the HTTP request body, php://input is empty. At this time, PHP will not fill in the data into the php://input stream. Therefore, it is certain: php://input cannot be used to read enctype=multipart/form-data data.
6. When Content-Type is application/x- www-form-urlencoded, php://input and $_POST data are "consistent". When it is other Content-Type, php://input and The $_POST data is inconsistent. Because only when the Content-Type is application/x-www-form-urlencoded or multipart/form-data, PHP will fill in the corresponding part of the body data in the http request packet into the $_POST global variable. In other cases, PHP ignores both. Except for php://input, which is empty when the data type is multipart/form-data, it may not be empty in other situations
The meaning of the above paraphrased words is that these two methods must be used to read the data sent from WeChat.
Get $POST first. This is a regular payment notification message, in the form of:
array (
'bank_type' => '3006',
'discount' => '0',
'fee_type' => '1',
'input_charset' => 'UTF-8',
'notify_id' => 'YaNO6cznoNZK0aGb8nJWGgVUWssjt7Ze7gWRaRS0R_5w9oXgGN kRGxReEk0r45yk3I9a2_gzo9IqgqMYbap6bxC2T3p0o- 2C',
'out_trade_no' => '1214284731',
'partner' => '12xxxxxxxx',
'product_fee' => '3400',
'sign' => ; '545fa0e8b594bbxxx48xx142F084ty',
'Sign_type' = & GT; e '= & gt;' 3400 ',
' trade_mode ' => '1',
'trade_state' => '0',
'transaction_id' => '12XXX449012014XXX33174005XXX',
'transport_fee' => '0',
)
< ;/xml>