Detailed explanation of the php background interface of App WeChat Payment

This article will introduce to you the PHP (7.0) background payment and callback interface of the App WeChat Pay (2016.10.11). The framework is Thinkphp5.0: I hope it can help you.

• Various parameters of the account

• Order information

• Request prepay_id

• *Return to APP data processing

• WeChat callback

• Modify order status

---

Various parameters of the account

The various parameters of the account are like when WeChat applies for app payment, an email will be sent to your account mailbox, and there will be the corresponding WeChat payment allocation. The merchant number (MCHID), APPID and APPSECRET are returned when applying for app payment permissions, and the KEY needs to be set by the user in the merchant backend on WeChat. This is very important! Avoid leaks!

Order information

• **The client will transfer the product data in the shopping cart to the backend, including user information, etc. After getting the data, you first need to verify the data. , the verification here generally determines the transmission rules with the client at the beginning of the project, such as transmission method, parameter name, and method of verifying parameters. The focus here is verification, and signature authentication is generally used:

• //Signature Step 1: Sort parameters in lexicographic order;

• The code example is given here (formatting parameters are formatted into url parameters):

/**
     * 格式化参数格式化成url参数
     */
    public function ToUrlParams()
    {
        $buff = "";
        foreach ($this->values as $k => $v)
        {            if($k != "sign" && $v != "" && !is_array($v)){
                $buff .= $k . "=" . $v . "&";
            }
        }

        $buff = trim($buff, "&");        return $buff;
    }

• //Signature step 2: Add KEY after the string (this KEY is negotiated with the front-end personnel);

• 
  

• //Signature step three: MD5 encryption;

• 
  

• // Signature Step 4: Convert all characters to uppercase

• 
  

It is best to encapsulate these in the early stages of the project, and you will only need to call them later. Just fine, for example:
(You only need $param = $this->request('parameter name')); later), and then pre-store the order information.

Request prepay_id

Here I will go directly to the code, (here is the interface document download address:), although there are many self-written request interfaces on the Internet, but since WeChat has been packaged, just use it:

$input = new \app\wxpay\WxPayUnifiedOrder();//这里引用微信的统一下单接口

$input->SetBody($data['gname']['g_name']);//商品或支付单简要描述
$input->SetAttach($data['gname']['g_name']);//置附加数据 
$input->SetOut_trade_no($order_sn); // 商户订单号
$input->SetTotal_fee(intval($data['data']['order_price']*100)); 
$input->SetTime_start(date("YmdHis"));//订单生成时间
$input->SetTime_expire(date("YmdHis", time() + 600));//订单失效时间
$input->SetGoods_tag($data['gname']['g_name']); //商品标记  
$input->SetNotify_url("http://www.weixin.qq.com/wxpay/notify.php"); // 支付成功后的回调地址,
$input->SetTrade_type("APP");
$order = \app\wxpay\WxPayApi::unifiedOrder($input);return $order['prepay_id'];

Here is the WeChat official unified ordering interface description address:
https://pay.weixin.qq.com/wiki/doc/api/app/app.php?chapter=9_1

Return client information

$info = array();
//账号的信息一般都放在配置文件里面,用到的地方也很多
$info['appid'] = config('APP_APPID');
$info['partnerid'] = config('APP_MCHID');
$info['package'] = config('APP_PACKAGE');
$info['noncestr'] = $this->random_number();//生成随机数,下面有生成实例,统一下单接口需要
$info['timestamp'] = time();
$info['prepayid'] = $prepay_id;
$info['sign'] = self::_makeSign($info);//生成签名return $info;

$info is the information the client needs
Generate random number instance

//生成随机数
    public function random_number($len=21,$format='ALL' ){
        $is_abc = $is_numer = 0;
        $password = $tmp ='';
        switch($format){
            case 'ALL':
            $chars='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';            break;
            case 'CHAR':
            $chars='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';            break;
            case 'NUMBER':
            $chars='0123456789';            break;
            default :
            $chars='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';            break;
        } // www.jb51.net
        mt_srand((double)microtime()*1000000*getmypid());        while(strlen($password)<$len){
            $tmp =substr($chars,(mt_rand()%strlen($chars)),1);            if(($is_numer <> 1 && is_numeric($tmp) && $tmp >0 )|| $format == &#39;CHAR&#39;){
                $is_numer = 1;
            }            if(($is_abc <> 1 && preg_match(&#39;/[a-zA-Z]/&#39;,$tmp)) || $format == &#39;NUMBER&#39;){
                $is_abc = 1;
            }
            $password.= $tmp;
        }        if($is_numer <> 1 || $is_abc <> 1 || empty($password) ){
            $password = $this->random_number($len,$format);
        }        return $password;
        }

WeChat callback

Payment result notification notify.php (here The address is the callback address filled in when placing an order, WeChat has already encapsulated it), the document download address
http://mch.weixin.qq.com/wiki/doc/api/jsapi.php?chapter=11_1
In fact, the most important code of this page is only two lines

[php] view plain copy

    $notify = new PayNotifyCallBack();  
    $notify->Handle(false);

Most of the logic is processed in the Handle function to process the file WxPay.Notify.php

[php] view plain copy

    final public function Handle($needSign = true)  
        {  
            $msg = "OK";  
            //当返回false的时候，表示notify中调用NotifyCallBack回调失败获取签名校验失败，此时直接回复失败  
            $result = WxpayApi::notify(array($this, 'NotifyCallBack'), $msg);  
            if($result == false){  
                $this->SetReturn_code("FAIL");  
                $this->SetReturn_msg($msg);  
                $this->ReplyNotify(false);  
                return;  
            } else {  
                //该分支在成功回调到NotifyCallBack方法，处理完成之后流程  
                $this->SetReturn_code("SUCCESS");  
                $this->SetReturn_msg("OK");  
            }  
            $this->ReplyNotify($needSign);  
        }

Main code:
[php] view plain copy

    $result = WxpayApi::notify(array($this, 'NotifyCallBack'), $msg);

Track function notify file WxPay.Api.php

[ php] view plain copy

    public static function notify($callback, &$msg)  
        {  
            //获取通知的数据  
            $xml = $GLOBALS['HTTP_RAW_POST_DATA'];  
            //如果返回成功则验证签名  
            try {  
                $result = WxPayResults::Init($xml);  
            } catch (WxPayException $e){  
                $msg = $e->errorMessage();  
                return false;  
            }  

            return call_user_func($callback, $result);  
        }

Get gay data through $GLOBALS['HTTP_RAW_POST_DATA']; and then use the Init function to verify the signature, etc. The signature verification is successful and the code is run.
It needs to be explained here that php7 itself does not support $GLOBALS['HTTP_RAW_POST_DATA']. You need to download a plug-in. You can Baidu for details. What I want to say is that you can use file_get_contents('php:/ /input'), for specific reasons, please refer to the blog below, which is very detailed (https://my.oschina.net/jiec/blog/485359)
[php] view plain copy

return call_user_func($callback, $result);

That is, a callback function is called, the NotifyCallBack() function and the parameter $result is passed. In the NotifyCallBack function, our rewritten NotifyProcess() function will be called (this function is rewritten in notify.php)

NotifyProcess( ) If there is no problem, it will set the xml information to return success

[php] view plain copy

$this->SetReturn_code("SUCCESS");  
$this->SetReturn_msg("OK");

and finally call the function this−>ReplyNotify(this−>ReplyNotify(needSign) ; echo success result

Function ReplyNotify needs to modify one code:

[php] view plain copy

final private function ReplyNotify($needSign = true)  
    {  
        //如果需要签名  
        if($needSign == true &&   
            $this->GetReturn_code($return_code) == "SUCCESS")  
        {  
            $this->SetSign();  
        }  
        WxpayApi::replyNotify($this->ToXml());  
    }

[php] view plain copy

$this->GetReturn_code($return_code) == "SUCCESS")

Change to

[php] view plain copy

$this->GetReturn_code() == "SUCCESS")

Then modify the order status based on the returned information, mainly where to modify, I am notifying. Create a new method

//修改订单状态
    public function updateState($data){        if($data){
            $order_sn = $data['out_trade_no'];\

            $data = array();
            $data['order_id'] = $order_id;
            //修改订单状态(用curlpost方法请求至thinkphp目录下的Controller里面控制器里面的方法,修改状态)
            $url = 'www.test.com';
            header('content-type:text/html;charset=utf8');
            $curl = curl_init();
            curl_setopt($curl, CURLOPT_URL, $url);
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($curl, CURLOPT_POST, true);
            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
            $result = curl_exec($curl);
            curl_close($curl);            if($result == 'success'){                return true;
            }else{                return false;
            }

        }
    }

in php and add

under

$notify = new PayNotifyCallBack();
$notify->Handle(false);

in notify.php

//接受参数,修改状态
$xml = file_get_contents("php://input");
$data = json_decode(json_encode(simplexml_load_string($xml, 'SimpleXMLElement', LIBXML_NOCDATA)), true);
$notify->updateState($data);

相关推荐：

PHP后台接口的一些问题

5 分钟实现微信支付接入教程

php初学者如何学习实现微信支付和支付宝支付的相关教程

The above is the detailed content of Detailed explanation of the php background interface of App WeChat Payment. For more information, please follow other related articles on the PHP Chinese website!