API payment page code. Please help!

<?php

require_once("vendor/autoload.php");

global $_W;

global $_GPC;

$site_info = $_W["setting"]["site"];

$current_module = $_W["current_module"];

/**

* Create payment order number

* @return string

function getconfig($key, $uid,$default = ''){

$config = pdo_get('zunyue_ysyccs_site', ['key' => $key,'uniacid' => $uid]);

return $config ? $config['value'] : $default;

}

function createOutTradeNo()

{

mt_srand((double) microtime() * 1000000);

return date("YmdHis") . str_pad(mt_rand(10000, 99999), 5, "0", STR_PAD_LEFT) . rand(10000, 99999);

}

function calendar($date = 0)

{

$calendar = new Overtrue\ChineseCalendar\Calendar();

$timestamp = strtotime($date);

return $calendar->solar(date("Y", $timestamp), date("m", $timestamp), date("d", $timestamp));

}

function getPlatform()

{

$agent = new Jenssegers\Agent\Agent();

$isMobile = $agent->isMobile();

if( $isMobile )

{

return "wap";

}

return "pc";

}

function postXmlCurl($xml = "", $url = "", $second = 30)

{

$ch = curl_init();

curl_setopt($ch, CURLOPT_TIMEOUT, $second);

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);

curl_setopt($ch, CURLOPT_HEADER, false);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

curl_setopt($ch, CURLOPT_POST, true);

curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);

$data = curl_exec($ch);

if( $data )

{

curl_close($ch);

return $data;

}

$error = curl_errno($ch);

curl_close($ch);

return $error;

}

function authcodeData($string, $operation = "", $key = "", $expiry = 0)

{

$ckey_length = 4;

$key = md5(($key != "" ? $key : "zunyue"));

$keya = md5(substr($key, 0, 16));

$keyb = md5(substr($key, 16, 16));

$keyc = ($ckey_length ? ($operation == "DECODE" ? substr($string, 0, $ckey_length) : substr(md5(microtime()), 0 - $ckey_length)) : "");

$cryptkey = $keya . md5($keya . $keyc);

$key_length = strlen($cryptkey);

$string = ($operation == "DECODE" ? base64_decode(substr($string, $ckey_length)) : sprintf("0d", ($expiry ? $expiry time() : 0)) . substr(md5($string . $keyb), 0, 16) . $string);

$string_length = strlen($string);

$result = "";

$box = range(0, 255);

$rndkey = array( );

$i = 0;

while( $i <= 255 )

{

$rndkey[$i] = ord($cryptkey[$i % $key_length]);

$i ;

}

$j = $i = 0;

while( $i < 256 )

{

$j = ($j $box[$i] $rndkey[$i]) % 256;

$tmp = $box[$i];

$box[$i] = $box[$j];

$box[$j] = $tmp;

$i ;

}

$a = $j = $i = 0;

while( $i < $string_length )

{

$a = ($a 1) % 256;

$j = ($j $box[$a]) % 256;

$tmp = $box[$a];

$box[$a] = $box[$j];

$box[$j] = $tmp;

$result .= chr(ord($string[$i]) ^ $box[($box[$a] $box[$j]) % 256]);

$i ;

}

if( $operation == "DECODE" )

{

if( (substr($result, 0, 10) == 0 || 0 < substr($result, 0, 10) - time()) && substr($result, 10, 16) == substr(md5(substr($result, 26) . $keyb), 0, 16) )

{

return substr($result, 26);

}

return "";

}

return $keyc . str_replace("=", "", base64_encode($result));

}

function getCesuanDataOrder($order_info = array( ), $product_sn = "", $return_data_original = false, $app_id = "", $token = "")

{

global $_W;

$current_module = $_W["current_module"];

$site_info = $_W["setting"]["site"];

//$content = postxmlcurl(array_merge($order_info, array( "host" => $_SERVER["HTTP_HOST"], "module" => $current_module["name"], "version" => $current_module["version"], "site_id" => $site_info["key"], "domain" => $site_info["url"], "product_sn" => $product_sn, "app_id" => $app_id, "token" => $token )), "http://auth.zunyue.me/api/fortunetelling/cesuan", 5);

$content = postXmlCurl(array_merge($order_info, [

'product_id' => $product_sn,

'app_id' => $app_id,

'token' => $token,

]), 'http://api.kuzhuti.cn/api/sm.php', 5);

if($content && $content != "error"){

return $content;

}else{

return array("error_code"=>1,"error_msg"=>'授权错误');

}

//支付下单计算签名

function f_pay_sign($paydata){

if (!is_array($paydata)) {

exit("data错误");

}

$fpappkey = getconfig('fpappkey',$paydata['uid']);

$secretkey = getconfig('fpsecretkey',$paydata['uid']);

$str_sign="appkey={$fpappkey}&order_no={$paydata['order_no']}&secretkey={$secretkey}&total_fee={$paydata['total_fee']}&uid={$paydata['uid']}&";

$sign=md5($str_sign);

return $sign;

}

//异步回调计算签名

function f_notify_sign($paydata)

{

if (!is_array($paydata)) {

exit("data错误");

}

$fpappkey = getconfig('fpappkey',$paydata['uid']);

$secretkey = getconfig('fpsecretkey',$paydata['uid']);

$str_sign="appkey={$fpappkey}&order_no={$paydata['order_no']}&secretkey={$secretkey}&me_pri={$paydata['me_pri']}&uid={$paydata['uid']}&";

$sign=md5($str_sign);

return $sign;

}

function httpGet($url, $second = 30)

{

$curl = curl_init();

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

curl_setopt($curl, CURLOPT_TIMEOUT, $second);

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);

curl_setopt($curl, CURLOPT_URL, $url);

$res = curl_exec($curl);

curl_close($curl);

return $res;

}

function createNonceStr($length = 16)

{

$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

$str = "";

$i = 0;

while( $i < $length )

{

$str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);

$i ;

}

return $str;

}

function mobileUrl($params = array( ), $share_url = "")

{

global $_W;

list($controller, $action, $do) = explode("/", "entry");

if( empty($share_url) )

{

$url = $_W["siteroot"] . "app/";

}

else

{

$url = $share_url . "/app/";

}

$str = "";

$url .= "index.php?i=" . $_W["uniacid"] . $str . "&";

if( !empty($controller) )

{

$url .= "c=" . $controller . "&";

}

if( !empty($action) )

{

$url .= "a=" . $action . "&";

}

if( !empty($do) )

{

$url .= "do=" . $do . "&";

}

if( !empty($params) )

{

$queryString = http_build_query($params, "", "&");

$url .= $queryString;

}

return $url;

}

function createDomainUrl($domain = "")

{

$ishttps = ($_SERVER["SERVER_PORT"] == 443 || isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) != "off" || strtolower($_SERVER["HTTP_X_FORWARDED_PROTO"]) == "https" || strtolower($_SERVER["HTTP_X_CLIENT_SCHEME"]) == "https" ? true : false);

$sitescheme = ($ishttps ? "https://" : "http://");

$sitepath = substr($_SERVER["PHP_SELF"], 0, strrpos($_SERVER["PHP_SELF"], "/"));

$http_host = (empty($domain) ? $sitescheme . $_SERVER["HTTP_HOST"] : $domain);

$domain_url = htmlspecialchars($http_host . $sitepath);

if( substr($domain_url, -1) != "/" )

{

$domain_url .= "/";

}

$urls = parse_url($domain_url);

$urls["path"] = str_replace(array( "/web", "/app", "/payment/wechat", "/payment/alipay", "/payment/jueqiymf", "/api" ), "", $urls["path"]);

return $urls["scheme"] . "://" . $urls["host"] . ((!empty($urls["port"]) && $urls["port"] != "80" ? ":" . $urls["port"] : "")) . $urls["path"];

}

function qrcodeBase64($qrcode_resize, $share_url)

{

$qrcode = new SimpleSoftwareIO\QrCode\BaconQrCodeGenerator();

return base64_encode($qrcode->format("png")->margin(0)->size($qrcode_resize)->generate($share_url));

}

/**

* @return bool

function isWeixin()

{

if( stripos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger") === false )

{

return false;

}

return true;

}

其中126行" http://auth.zunyue.me/api/fortunetelling/cesuan", 5);
和130行的 ' http://api.kuzhuti.cn/api/sm2.php', 5); 这个是什么意思？如果这2个位置别别人后台进行修改，那我的软件是不是也用不了了？？？如何能破解呢？？

张龙＝124811941 days ago1210

API payment page code. Please help!

reply all(2)I'll reply