Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php //decode by nige112 header("Access-Control-Allow-Origin:*"); include "../../../..

Decoded Output download

<?php 
 
//decode by nige112 
header("Access-Control-Allow-Origin:*"); 
include "../../../config.inc.php"; 
require_once "libs/payjs.class.php"; 
require_once "libs/alipay.php"; 
require_once "libs/xunhupay.php"; 
require_once "libs/wxpay.php"; 
$db = Typecho_Db::get(); 
date_default_timezone_set("Asia/Shanghai"); 
$protocol = !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "off" || $_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://"; 
$unsign_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=unsign"; 
$attack_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=under_attack"; 
$refresh_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/refresh"; 
$servername = trim($_SERVER["HTTP_HOST"]); 
$TePass_Key = strtoupper(substr(md5(base64_encode($servername . date("Y"))), 0, 27) . substr(sha1($servername . "@PangSuan_Com#2023"), 0, 33)); 
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? htmlspecialchars($_COOKIE["tepassValidation"]) : ""; 
if (!empty($for_validate_cookie)) { 
	$for_cookietime_length = strlen($for_validate_cookie) - 92; 
	$feecookie = substr($for_validate_cookie, 0, 32); 
	$feekeeptime = substr($for_validate_cookie, 32, $for_cookietime_length); 
	$feevalidate = substr($for_validate_cookie, -60); 
	if ($feevalidate != $TePass_Key) { 
		$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1)); 
		if (empty($rstepassValidation["value"])) { 
			//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true); 
			$authority = [ 
				'status' => 'ok', 
				'key' => $TePass_Key, 
				'domain' => 'comicnormalpay.xyz', 
				'deadline' => 0 
			]; 
			if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) { 
				$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key])); 
				$new_for_validate = $feecookie . $feekeeptime . $TePass_Key; 
				setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/"); 
			} else { 
				//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>"; 
				exit(""); 
			} 
		} else { 
			if ($rstepassValidation["value"] != $TePass_Key) { 
				//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true); 
				$authority = [ 
					'status' => 'ok', 
					'key' => $TePass_Key, 
					'domain' => 'comicnormalpay.xyz', 
					'deadline' => 0 
				]; 
				if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) { 
					$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation")); 
					$new_for_validate = $feecookie . $feekeeptime . $TePass_Key; 
					setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/"); 
				} else { 
					//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>"; 
					exit(""); 
				} 
			} else { 
				$new_for_validate = $feecookie . $feekeeptime . $TePass_Key; 
				setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/"); 
			} 
		} 
	} 
} else { 
	$feecookie = strtoupper(substr(md5(uniqid(microtime(true), true)), 0, 32)); 
	$feekeepSql = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key=?", "cookie_time")->limit(1)); 
	$feekeeptime = $feekeepSql["cfg_value"]; 
	$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1)); 
	if (empty($rstepassValidation["value"])) { 
		//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true); 
		$authority = [ 
			'status' => 'ok', 
			'key' => $TePass_Key, 
			'domain' => 'comicnormalpay.xyz', 
			'deadline' => 0 
		]; 
		if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) { 
			$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key])); 
			$new_for_validate = $feecookie . $feekeeptime . $TePass_Key; 
			setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/"); 
		} else { 
			//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>"; 
			exit(""); 
		} 
	} else { 
		if ($rstepassValidation["value"] != $TePass_Key) { 
			//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true); 
			$authority = [ 
				'status' => 'ok', 
				'key' => $TePass_Key, 
				'domain' => 'comicnormalpay.xyz', 
				'deadline' => 0 
			]; 
			if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) { 
				$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation")); 
				$new_for_validate = $feecookie . $feekeeptime . $TePass_Key; 
				setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/"); 
			} else { 
				//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>"; 
				exit(""); 
			} 
		} 
	} 
} 
$tepass_time = isset($_POST["tepass_time"]) ? htmlspecialchars($_POST["tepass_time"]) : "0"; 
$tepass_sign = isset($_POST["tepass_sign"]) ? htmlspecialchars($_POST["tepass_sign"]) : "isnull"; 
if (!empty($_SERVER["HTTP_CLIENT_IP"])) { 
	$ip = $_SERVER["HTTP_CLIENT_IP"]; 
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) { 
	$ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; 
} else { 
	$ip = $_SERVER["REMOTE_ADDR"]; 
} 
$for_click_limit = $db->fetchRow($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_key=?", "for_click_limit")->limit(1)); 
if (!empty($for_click_limit["cfg_value"])) { 
	$click_limit = intval($for_click_limit["cfg_value"]); 
} else { 
	$click_limit = 30; 
} 
$Total_Click_Fees = $db->fetchAll($db->select()->from("table.tepass_fees")->where("fee_ip = ?", $ip)->where("fee_status = ?", 0)->where("UNIX_TIMESTAMP(fee_intime) > ?", time() - 1800)); 
$Total_Click_Fees_Count = count($Total_Click_Fees); 
if ($click_limit < $Total_Click_Fees_Count) { 
	$json = json_encode(["status" => "attack", "attack_url" => $attack_url]); 
	echo $json; 
	exit; 
} 
$paySql = $db->query($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "pay")); 
while ($paySqlRows = $db->fetchRow($paySql)) { 
	$conf[$paySqlRows["cfg_key"]] = $paySqlRows["cfg_value"]; 
} 
if (empty($conf["tepass_secret"])) { 
	$tepass_secret = strtoupper(md5(base64_encode("PangSuan_Com@2022#1024"))); 
} else { 
	$tepass_secret = $conf["tepass_secret"] . "PangSuan_Com@2022#1024"; 
} 
$tepass_key = strtoupper(md5(base64_encode("PangSuan.Com@2020#0402"))) . base64_encode("TePass" . $tepass_secret); 
$re_sign = strtoupper(md5($tepass_key . $tepass_time)); 
if ($re_sign != $tepass_sign) { 
	$json = json_encode(["status" => "unsign", "unsign_url" => $unsign_url]); 
	echo $json; 
	exit; 
} 
$blackpattern = "/\*|'|\"|#|;|,|or|\^|=|<|>|and/i"; 
$vipSql = $db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "vip"); 
$vipSqlRows = $db->fetchAll($vipSql); 
$ckey = array_column($vipSqlRows, "cfg_key"); 
$cvalue = array_column($vipSqlRows, "cfg_value"); 
$vipRows = array_combine($ckey, $cvalue); 
$qrcode_api = __TYPECHO_PLUGIN_DIR__ . "/TePass/libs/qrcode.php?data="; 
$action = isset($_POST["action"]) ? strip_tags($_POST["action"]) : ""; 
if ($action == "payvipsubmit") { 
	$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : ""; 
	$feeviptype = isset($_POST["feeviptype"]) ? strip_tags($_POST["feeviptype"]) : ""; 
	$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0; 
	$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : ""; 
	$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : ""; 
	$feecookie = substr($for_validate_cookie, 0, 32); 
	$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : ""; 
	$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile"; 
	if ($feeuid == "0") { 
		$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]); 
		echo $json; 
		exit; 
	} 
	if ($feeviptype == "vip_price_for_monthly") { 
		$vip_price = $vipRows["vip_price_for_monthly"]; 
		$vip_days = 31; 
		$vip_title = "VIP"; 
	} elseif ($feeviptype == "vip_price_for_annually") { 
		$vip_price = $vipRows["vip_price_for_annually"]; 
		$vip_days = 366; 
		$vip_title = "VIP"; 
	} elseif ($feeviptype == "vip_price_for_eternal") { 
		$vip_price = $vipRows["vip_price_for_eternal"]; 
		$vip_days = 9999; 
		$vip_title = "VIP"; 
	} 
	switch ($feepaytype) { 
		case "alipay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$appid = $conf["alipay_appid"]; 
			$notifyUrl = $conf["alipay_notify_url"]; 
			$outTradeNo = $feeid; 
			$payAmount = $vip_price; 
			$orderName = $vip_title; 
			$signType = "RSA2"; 
			$rsaPrivateKey = $conf["alipay_app_private_key"]; 
			$aliPay = new AlipayService(); 
			$aliPay->setAppid($appid); 
			$aliPay->setNotifyUrl($notifyUrl); 
			$aliPay->setRsaPrivateKey($rsaPrivateKey); 
			$aliPay->setTotalFee($payAmount); 
			$aliPay->setOutTradeNo($outTradeNo); 
			$aliPay->setOrderName($orderName); 
			$result = $aliPay->doPay(); 
			$result = $result["alipay_trade_precreate_response"]; 
			if ($result["code"] && $result["code"] == "10000") { 
				$qrurl = $result["qr_code"]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$qrcode = $qrcode_api . $qrurl; 
				$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl; 
				$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} 
			break; 
		case "wxpay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]); 
			$outTradeNo = $feeid; 
			$payAmount = $vip_price; 
			$orderName = $vip_title; 
			$notifyUrl = $conf["wxpay_notify_url"]; 
			$payTime = time(); 
			$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger"); 
			if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) { 
				$feeviptype_arr = explode("___", $feeviptype); 
				$feeviptype_symbol = $feeviptype_arr[3]; 
				$pay_symbol = "/tepass/wxpayjsapi?tip=vip_" . $feeviptype_symbol . "/tepass/refresh"; 
			} else { 
				$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime); 
				if ($arr["result_code"] = "SUCCESS") { 
					$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
					$insert = $db->insert("table.tepass_fees")->rows($data); 
					$insertId = $db->query($insert); 
					$qrcode = $qrcode_api . $arr["code_url"]; 
				} 
				if ($conf["wxpay_h5_open"] === "on") { 
					if ($userAgent == "isMobile") { 
						require_once "libs/wxpay_h5.php"; 
						$mchid = $conf["wxpay_mchid"]; 
						$appid = $conf["wxpay_appid"]; 
						$appKey = $conf["wxpay_appkey"]; 
						$apiKey = $conf["wxpay_apikey"]; 
						$outTradeNo = date("YmdHis") . rand(10, 99); 
						$returnUrl = $callback_url; 
						$wapUrl = $_SERVER["HTTP_HOST"]; 
						$wapName = "H5"; 
						$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey); 
						$h5wxPay->setTotalFee($payAmount); 
						$h5wxPay->setOutTradeNo($outTradeNo); 
						$h5wxPay->setOrderName($orderName); 
						$h5wxPay->setNotifyUrl($notifyUrl); 
						$h5wxPay->setReturnUrl($returnUrl); 
						$h5wxPay->setWapUrl($wapUrl); 
						$h5wxPay->setWapName($wapName); 
						$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl); 
						$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
						$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5); 
						$insertId_h5 = $db->query($insert_h5); 
					} else { 
						$mwebUrl = ""; 
					} 
				} else { 
					$mwebUrl = ""; 
				} 
				$pay_symbol = ""; 
			} 
			$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]); 
			echo $json; 
			exit; 
			break; 
		case "xh_wxpay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$xh_appid = $conf["xhpay_wxpay_mchid"]; 
			$xh_appsecret = $conf["xhpay_wxpay_mchkey"]; 
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"]; 
			$hashkey = $xh_appsecret; 
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey); 
			$url = $conf["xhpay_gateway"]; 
			try { 
				$response = XH_Payment_Api::http_post($url, json_encode($data)); 
				$result = $response ? json_decode($response, true) : null; 
				if (!$result) { 
					throw new Exception("Internal server error", 500); 
				} 
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey); 
				if (!isset($result["hash"]) || $hash != $result["hash"]) { 
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029); 
				} 
				if ($result["errcode"] != 0) { 
					throw new Exception($result["errmsg"], $result["errcode"]); 
				} 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				if ($conf["xhpay_h5_open"] == "WAP") { 
					$h5_url = $result["url"]; 
				} else { 
					$h5_url = ""; 
				} 
				$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} catch (Exception $e) { 
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}"; 
			} 
			break; 
		case "xh_alipay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$xh_appid = $conf["xhpay_alipay_mchid"]; 
			$xh_appsecret = $conf["xhpay_alipay_mchkey"]; 
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())]; 
			$hashkey = $xh_appsecret; 
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey); 
			$url = $conf["xhpay_gateway"]; 
			try { 
				$response = XH_Payment_Api::http_post($url, json_encode($data)); 
				$result = $response ? json_decode($response, true) : null; 
				if (!$result) { 
					throw new Exception("Internal server error", 500); 
				} 
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey); 
				if (!isset($result["hash"]) || $hash != $result["hash"]) { 
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029); 
				} 
				if ($result["errcode"] != 0) { 
					throw new Exception($result["errmsg"], $result["errcode"]); 
				} 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$h5_url = $result["url"]; 
				$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} catch (Exception $e) { 
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}"; 
			} 
			break; 
		case "vmqwx": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$vmq_key = $conf["vmq_key"]; 
			$vmq_host = $conf["vmq_host"] . "createOrder"; 
			$vmq_payId = $feeid; 
			$vmq_param = $feecookie; 
			$vmq_type = 1; 
			$vmq_price = $vip_price; 
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key); 
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0"; 
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true); 
			if ($vmq_result["code"] == "1") { 
				$relly_vip_price = $vmq_result["data"]["reallyPrice"]; 
				$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]); 
				$payUrl = $qrcode_api . $payUrl; 
				$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]); 
			} else { 
				$json = json_encode(["status" => "fail"]); 
			} 
			echo $json; 
			exit; 
			break; 
		case "vmqali": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$vmq_key = $conf["vmq_key"]; 
			$vmq_host = $conf["vmq_host"] . "createOrder"; 
			$vmq_payId = $feeid; 
			$vmq_param = $feecookie; 
			$vmq_type = 2; 
			$vmq_price = $vip_price; 
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key); 
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0"; 
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true); 
			if ($vmq_result["code"] == "1") { 
				$relly_vip_price = $vmq_result["data"]["reallyPrice"]; 
				$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]); 
				$payUrl = $qrcode_api . $payUrl; 
				$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]); 
			} else { 
				$json = json_encode(["status" => "fail"]); 
			} 
			echo $json; 
			exit; 
			break; 
		case "payjs": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(10, 99); 
			$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $vip_price * 100, "attach" => $vip_price]; 
			$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
			$insert = $db->insert("table.tepass_fees")->rows($data); 
			$insertId = $db->query($insert); 
			$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1]; 
			$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]); 
			$cashier_url = $payjs->cashier($order); 
			$cashier_url_replace = str_replace("&", "%26", $cashier_url); 
			$cashier_code = $qrcode_api . $cashier_url_replace; 
			$h5_result = $payjs->mweb($order); 
			if (!isset($h5_result["h5_url"])) { 
				$h5_result["h5_url"] = ""; 
			} 
			$h5_url = $h5_result["h5_url"]; 
			$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]); 
			echo $json; 
			exit; 
			break; 
	} 
	$json = json_encode(["status" => "fail"]); 
	echo $json; 
	exit; 
} elseif ($action == "paypostsubmit") { 
	$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : ""; 
	$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : ""; 
	$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0; 
	$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : ""; 
	$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : ""; 
	$feecookie = substr($for_validate_cookie, 0, 32); 
	$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : ""; 
	$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile"; 
	$queryContent = $db->select()->from("table.tepass_posts")->where("post_id = ?", $feecid); 
	$rowContent = $db->fetchRow($queryContent); 
	$queryVip = $db->select()->from("table.tepass_vips")->where("vip_uid = ?", $feeuid)->where("vip_status > ?", 0); 
	$rowVip = $db->fetchRow($queryVip); 
	$rsconfig = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key = ?", "months_for_upgrade_eternal")->limit(1)); 
	if (empty($rowVip)) { 
		$total_price = $rowContent["post_price"]; 
	} else { 
		if ($rowVip["vip_status"] >= $rsconfig["cfg_value"]) { 
			$total_price = $rowContent["post_price_for_eternal"]; 
		} else { 
			$total_price = $rowContent["post_price_for_vip"]; 
		} 
	} 
	switch ($feepaytype) { 
		case "alipay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$appid = $conf["alipay_appid"]; 
			$notifyUrl = $conf["alipay_notify_url"]; 
			$outTradeNo = $feeid; 
			$payAmount = $total_price; 
			$orderName = $rowContent["post_order_title"]; 
			$signType = "RSA2"; 
			$rsaPrivateKey = $conf["alipay_app_private_key"]; 
			$aliPay = new AlipayService(); 
			$aliPay->setAppid($appid); 
			$aliPay->setNotifyUrl($notifyUrl); 
			$aliPay->setRsaPrivateKey($rsaPrivateKey); 
			$aliPay->setTotalFee($payAmount); 
			$aliPay->setOutTradeNo($outTradeNo); 
			$aliPay->setOrderName($orderName); 
			$result = $aliPay->doPay(); 
			$result = $result["alipay_trade_precreate_response"]; 
			if ($result["code"] && $result["code"] == "10000") { 
				$qrurl = $result["qr_code"]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$qrcode = $qrcode_api . $qrurl; 
				$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl; 
				$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} 
			break; 
		case "wxpay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]); 
			$outTradeNo = $feeid; 
			$payAmount = $total_price; 
			$orderName = $rowContent["post_order_title"]; 
			$notifyUrl = $conf["wxpay_notify_url"]; 
			$payTime = time(); 
			$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger"); 
			if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) { 
				$pay_symbol = "/tepass/wxpayjsapi?tip=post_" . $feecid; 
			} else { 
				$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime); 
				if ($arr["result_code"] = "SUCCESS") { 
					$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
					$insert = $db->insert("table.tepass_fees")->rows($data); 
					$insertId = $db->query($insert); 
					$qrcode = $qrcode_api . $arr["code_url"]; 
				} 
				if ($conf["wxpay_h5_open"] === "on") { 
					if ($userAgent == "isMobile") { 
						require_once "libs/wxpay_h5.php"; 
						$mchid = $conf["wxpay_mchid"]; 
						$appid = $conf["wxpay_appid"]; 
						$appKey = $conf["wxpay_appkey"]; 
						$apiKey = $conf["wxpay_apikey"]; 
						$outTradeNo = date("YmdHis") . rand(100000, 999999); 
						$returnUrl = $callback_url; 
						$wapUrl = $_SERVER["HTTP_HOST"]; 
						$wapName = "H5"; 
						$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey); 
						$h5wxPay->setTotalFee($payAmount); 
						$h5wxPay->setOutTradeNo($outTradeNo); 
						$h5wxPay->setOrderName($orderName); 
						$h5wxPay->setNotifyUrl($notifyUrl); 
						$h5wxPay->setReturnUrl($returnUrl); 
						$h5wxPay->setWapUrl($wapUrl); 
						$h5wxPay->setWapName($wapName); 
						$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl); 
						$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
						$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5); 
						$insertId_h5 = $db->query($insert_h5); 
					} else { 
						$mwebUrl = ""; 
					} 
				} else { 
					$mwebUrl = ""; 
				} 
				$pay_symbol = ""; 
			} 
			$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]); 
			echo $json; 
			exit; 
			break; 
		case "xh_wxpay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$xh_appid = $conf["xhpay_wxpay_mchid"]; 
			$xh_appsecret = $conf["xhpay_wxpay_mchkey"]; 
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"]; 
			$hashkey = $xh_appsecret; 
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey); 
			$url = $conf["xhpay_gateway"]; 
			try { 
				$response = XH_Payment_Api::http_post($url, json_encode($data)); 
				$result = $response ? json_decode($response, true) : null; 
				if (!$result) { 
					throw new Exception("Internal server error", 500); 
				} 
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey); 
				if (!isset($result["hash"]) || $hash != $result["hash"]) { 
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029); 
				} 
				if ($result["errcode"] != 0) { 
					throw new Exception($result["errmsg"], $result["errcode"]); 
				} 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				if ($conf["xhpay_h5_open"] == "WAP") { 
					$h5_url = $result["url"]; 
				} else { 
					$h5_url = ""; 
				} 
				$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} catch (Exception $e) { 
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}"; 
			} 
			break; 
		case "xh_alipay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$xh_appid = $conf["xhpay_alipay_mchid"]; 
			$xh_appsecret = $conf["xhpay_alipay_mchkey"]; 
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())]; 
			$hashkey = $xh_appsecret; 
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey); 
			$url = $conf["xhpay_gateway"]; 
			try { 
				$response = XH_Payment_Api::http_post($url, json_encode($data)); 
				$result = $response ? json_decode($response, true) : null; 
				if (!$result) { 
					throw new Exception("Internal server error", 500); 
				} 
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey); 
				if (!isset($result["hash"]) || $hash != $result["hash"]) { 
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029); 
				} 
				if ($result["errcode"] != 0) { 
					throw new Exception($result["errmsg"], $result["errcode"]); 
				} 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$h5_url = $result["url"]; 
				$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} catch (Exception $e) { 
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}"; 
			} 
			break; 
		case "vmqwx": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$vmq_key = $conf["vmq_key"]; 
			$vmq_host = $conf["vmq_host"] . "createOrder"; 
			$vmq_payId = $feeid; 
			$vmq_param = $feecookie; 
			$vmq_type = 1; 
			$vmq_price = $total_price; 
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key); 
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0"; 
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true); 
			if ($vmq_result["code"] == "1") { 
				$relly_totle_price = $vmq_result["data"]["reallyPrice"]; 
				$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]); 
				$payUrl = $qrcode_api . $payUrl; 
				$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]); 
			} else { 
				$json = json_encode(["status" => "fail"]); 
			} 
			echo $json; 
			exit; 
			break; 
		case "vmqali": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$vmq_key = $conf["vmq_key"]; 
			$vmq_host = $conf["vmq_host"] . "createOrder"; 
			$vmq_payId = $feeid; 
			$vmq_param = $feecookie; 
			$vmq_type = 2; 
			$vmq_price = $total_price; 
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key); 
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0"; 
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true); 
			if ($vmq_result["code"] == "1") { 
				$relly_totle_price = $vmq_result["data"]["reallyPrice"]; 
				$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]); 
				$payUrl = $qrcode_api . $payUrl; 
				$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]); 
			} else { 
				$json = json_encode(["status" => "fail"]); 
			} 
			echo $json; 
			exit; 
			break; 
		case "payjs": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $total_price * 100, "attach" => $total_price]; 
			$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
			$insert = $db->insert("table.tepass_fees")->rows($data); 
			$insertId = $db->query($insert); 
			$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1]; 
			$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]); 
			$cashier_url = $payjs->cashier($order); 
			$cashier_url_replace = str_replace("&", "%26", $cashier_url); 
			$cashier_code = $qrcode_api . $cashier_url_replace; 
			$h5_result = $payjs->mweb($order); 
			if (!isset($h5_result["h5_url"])) { 
				$h5_result["h5_url"] = ""; 
			} 
			$h5_url = $h5_result["h5_url"]; 
			$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]); 
			echo $json; 
			exit; 
			break; 
	} 
	$json = json_encode(["status" => "fail"]); 
	echo $json; 
	exit; 
} elseif ($action == "payrewardsubmit") { 
	$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : ""; 
	$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : ""; 
	$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0; 
	$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : ""; 
	$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : ""; 
	$feecookie = substr($for_validate_cookie, 0, 32); 
	$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : ""; 
	$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile"; 
	$reward_from = isset($_POST["reward_from"]) ? strip_tags(str_replace("&nbsp;", "", $_POST["reward_from"])) : ""; 
	$reward_money = isset($_POST["reward_money"]) ? floatval(urldecode($_POST["reward_money"])) : "5"; 
	if (preg_match($blackpattern, $reward_from) || preg_match($blackpattern, $reward_money)) { 
		$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]); 
		echo $json; 
		exit; 
	} 
	$queryContent = $db->select()->from("table.contents")->where("table.contents.cid = ?", $feecid); 
	$rowContent = $db->fetchRow($queryContent); 
	switch ($feepaytype) { 
		case "wxpay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]); 
			$outTradeNo = $feeid; 
			$payAmount = $reward_money; 
			$orderName = $rowContent["title"]; 
			$notifyUrl = $conf["wxpay_notify_url"]; 
			$payTime = time(); 
			$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger"); 
			if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) { 
				$pay_symbol = "/tepass/wxpayjsapi?tip=reward_" . $feecid . "_" . $payAmount . "_" . $reward_from; 
			} else { 
				$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime); 
				if ($arr["result_code"] = "SUCCESS") { 
					$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_cookie" => $feecookie, "fee_user_agent" => $userAgent]; 
					$insert = $db->insert("table.tepass_fees")->rows($data); 
					$insertId = $db->query($insert); 
					$qrcode = $qrcode_api . $arr["code_url"]; 
				} 
				if ($conf["wxpay_h5_open"] === "on") { 
					if ($userAgent == "isMobile") { 
						require_once "libs/wxpay_h5.php"; 
						$mchid = $conf["wxpay_mchid"]; 
						$appid = $conf["wxpay_appid"]; 
						$appKey = $conf["wxpay_appkey"]; 
						$apiKey = $conf["wxpay_apikey"]; 
						$outTradeNo = date("YmdHis") . rand(100000, 999999); 
						$returnUrl = $callback_url; 
						$wapUrl = $_SERVER["HTTP_HOST"]; 
						$wapName = "H5"; 
						$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey); 
						$h5wxPay->setTotalFee($payAmount); 
						$h5wxPay->setOutTradeNo($outTradeNo); 
						$h5wxPay->setOrderName($orderName); 
						$h5wxPay->setNotifyUrl($notifyUrl); 
						$h5wxPay->setReturnUrl($returnUrl); 
						$h5wxPay->setWapUrl($wapUrl); 
						$h5wxPay->setWapName($wapName); 
						$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl); 
						$data_h5 = ["fee_id" => $out_trade_no, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
						$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5); 
						$insertId_h5 = $db->query($insert_h5); 
					} else { 
						$mwebUrl = ""; 
					} 
				} else { 
					$mwebUrl = ""; 
				} 
				$pay_symbol = ""; 
			} 
			$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]); 
			echo $json; 
			exit; 
			break; 
		case "alipay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$appid = $conf["alipay_appid"]; 
			$notifyUrl = $conf["alipay_notify_url"]; 
			$outTradeNo = $feeid; 
			$payAmount = $reward_money; 
			$orderName = $rowContent["title"]; 
			$signType = "RSA2"; 
			$rsaPrivateKey = $conf["alipay_app_private_key"]; 
			$aliPay = new AlipayService(); 
			$aliPay->setAppid($appid); 
			$aliPay->setNotifyUrl($notifyUrl); 
			$aliPay->setRsaPrivateKey($rsaPrivateKey); 
			$aliPay->setTotalFee($payAmount); 
			$aliPay->setOutTradeNo($outTradeNo); 
			$aliPay->setOrderName($orderName); 
			$result = $aliPay->doPay(); 
			$result = $result["alipay_trade_precreate_response"]; 
			if ($result["code"] && $result["code"] == "10000") { 
				$qrurl = $result["qr_code"]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$qrcode = $qrcode_api . $qrurl; 
				$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl; 
				$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} 
			break; 
		case "xh_wxpay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$xh_appid = $conf["xhpay_wxpay_mchid"]; 
			$xh_appsecret = $conf["xhpay_wxpay_mchkey"]; 
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"]; 
			$hashkey = $xh_appsecret; 
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey); 
			$url = $conf["xhpay_gateway"]; 
			try { 
				$response = XH_Payment_Api::http_post($url, json_encode($data)); 
				$result = $response ? json_decode($response, true) : null; 
				if (!$result) { 
					throw new Exception("Internal server error", 500); 
				} 
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey); 
				if (!isset($result["hash"]) || $hash != $result["hash"]) { 
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029); 
				} 
				if ($result["errcode"] != 0) { 
					throw new Exception($result["errmsg"], $result["errcode"]); 
				} 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				if ($conf["xhpay_h5_open"] == "WAP") { 
					$h5_url = $result["url"]; 
				} else { 
					$h5_url = ""; 
				} 
				$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} catch (Exception $e) { 
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}"; 
			} 
			break; 
		case "xh_alipay": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$xh_appid = $conf["xhpay_alipay_mchid"]; 
			$xh_appsecret = $conf["xhpay_alipay_mchkey"]; 
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())]; 
			$hashkey = $xh_appsecret; 
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey); 
			$url = $conf["xhpay_gateway"]; 
			try { 
				$response = XH_Payment_Api::http_post($url, json_encode($data)); 
				$result = $response ? json_decode($response, true) : null; 
				if (!$result) { 
					throw new Exception("Internal server error", 500); 
				} 
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey); 
				if (!isset($result["hash"]) || $hash != $result["hash"]) { 
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029); 
				} 
				if ($result["errcode"] != 0) { 
					throw new Exception($result["errmsg"], $result["errcode"]); 
				} 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$h5_url = $result["url"]; 
				$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]); 
				echo $json; 
				exit; 
			} catch (Exception $e) { 
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}"; 
			} 
			break; 
		case "vmqwx": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$vmq_key = $conf["vmq_key"]; 
			$vmq_host = $conf["vmq_host"] . "createOrder"; 
			$vmq_payId = $feeid; 
			$vmq_param = $feecookie; 
			$vmq_type = 1; 
			$vmq_price = $reward_money; 
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key); 
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0"; 
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true); 
			if ($vmq_result["code"] == "1") { 
				$relly_reward_money = $vmq_result["data"]["reallyPrice"]; 
				$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]); 
				$payUrl = $qrcode_api . $payUrl; 
				$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]); 
			} else { 
				$json = json_encode(["status" => "fail"]); 
			} 
			echo $json; 
			exit; 
			break; 
		case "vmqali": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$vmq_key = $conf["vmq_key"]; 
			$vmq_host = $conf["vmq_host"] . "createOrder"; 
			$vmq_payId = $feeid; 
			$vmq_param = $feecookie; 
			$vmq_type = 2; 
			$vmq_price = $reward_money; 
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key); 
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0"; 
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true); 
			if ($vmq_result["code"] == "1") { 
				$relly_reward_money = $vmq_result["data"]["reallyPrice"]; 
				$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money]; 
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
				$insert = $db->insert("table.tepass_fees")->rows($data); 
				$insertId = $db->query($insert); 
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]); 
				$payUrl = $qrcode_api . $payUrl; 
				$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]); 
			} else { 
				$json = json_encode(["status" => "fail"]); 
			} 
			echo $json; 
			exit; 
			break; 
		case "payjs": 
			$time = time(); 
			$feeid = date("YmdHis", $time) . rand(100000, 999999); 
			$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $reward_money * 100, "attach" => $reward_money]; 
			$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent]; 
			$insert = $db->insert("table.tepass_fees")->rows($data); 
			$insertId = $db->query($insert); 
			$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1]; 
			$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]); 
			$cashier_url = $payjs->cashier($order); 
			$cashier_url_replace = str_replace("&", "%26", $cashier_url); 
			$cashier_code = $qrcode_api . $cashier_url_replace; 
			$h5_url = ""; 
			$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]); 
			echo $json; 
			exit; 
			break; 
	} 
	$json = json_encode(["status" => "fail"]); 
	echo $json; 
	exit; 
} else { 
	echo "pay.php"; 
} ?>

Did this file decode correctly?

Original Code

<?php

//decode by nige112
header("Access-Control-Allow-Origin:*");
include "../../../config.inc.php";
require_once "libs/payjs.class.php";
require_once "libs/alipay.php";
require_once "libs/xunhupay.php";
require_once "libs/wxpay.php";
$db = Typecho_Db::get();
date_default_timezone_set("Asia/Shanghai");
$protocol = !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "off" || $_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://";
$unsign_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=unsign";
$attack_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=under_attack";
$refresh_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/refresh";
$servername = trim($_SERVER["HTTP_HOST"]);
$TePass_Key = strtoupper(substr(md5(base64_encode($servername . date("Y"))), 0, 27) . substr(sha1($servername . "@PangSuan_Com#2023"), 0, 33));
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? htmlspecialchars($_COOKIE["tepassValidation"]) : "";
if (!empty($for_validate_cookie)) {
	$for_cookietime_length = strlen($for_validate_cookie) - 92;
	$feecookie = substr($for_validate_cookie, 0, 32);
	$feekeeptime = substr($for_validate_cookie, 32, $for_cookietime_length);
	$feevalidate = substr($for_validate_cookie, -60);
	if ($feevalidate != $TePass_Key) {
		$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1));
		if (empty($rstepassValidation["value"])) {
			//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
			$authority = [
				'status' => 'ok',
				'key' => $TePass_Key,
				'domain' => 'comicnormalpay.xyz',
				'deadline' => 0
			];
			if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
				$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key]));
				$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
				setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
			} else {
				//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
				exit("");
			}
		} else {
			if ($rstepassValidation["value"] != $TePass_Key) {
				//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
				$authority = [
					'status' => 'ok',
					'key' => $TePass_Key,
					'domain' => 'comicnormalpay.xyz',
					'deadline' => 0
				];
				if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
					$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation"));
					$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
					setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
				} else {
					//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
					exit("");
				}
			} else {
				$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
				setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
			}
		}
	}
} else {
	$feecookie = strtoupper(substr(md5(uniqid(microtime(true), true)), 0, 32));
	$feekeepSql = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key=?", "cookie_time")->limit(1));
	$feekeeptime = $feekeepSql["cfg_value"];
	$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1));
	if (empty($rstepassValidation["value"])) {
		//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
		$authority = [
			'status' => 'ok',
			'key' => $TePass_Key,
			'domain' => 'comicnormalpay.xyz',
			'deadline' => 0
		];
		if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
			$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key]));
			$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
			setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
		} else {
			//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
			exit("");
		}
	} else {
		if ($rstepassValidation["value"] != $TePass_Key) {
			//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
			$authority = [
				'status' => 'ok',
				'key' => $TePass_Key,
				'domain' => 'comicnormalpay.xyz',
				'deadline' => 0
			];
			if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
				$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation"));
				$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
				setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
			} else {
				//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
				exit("");
			}
		}
	}
}
$tepass_time = isset($_POST["tepass_time"]) ? htmlspecialchars($_POST["tepass_time"]) : "0";
$tepass_sign = isset($_POST["tepass_sign"]) ? htmlspecialchars($_POST["tepass_sign"]) : "isnull";
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
	$ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
	$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
	$ip = $_SERVER["REMOTE_ADDR"];
}
$for_click_limit = $db->fetchRow($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_key=?", "for_click_limit")->limit(1));
if (!empty($for_click_limit["cfg_value"])) {
	$click_limit = intval($for_click_limit["cfg_value"]);
} else {
	$click_limit = 30;
}
$Total_Click_Fees = $db->fetchAll($db->select()->from("table.tepass_fees")->where("fee_ip = ?", $ip)->where("fee_status = ?", 0)->where("UNIX_TIMESTAMP(fee_intime) > ?", time() - 1800));
$Total_Click_Fees_Count = count($Total_Click_Fees);
if ($click_limit < $Total_Click_Fees_Count) {
	$json = json_encode(["status" => "attack", "attack_url" => $attack_url]);
	echo $json;
	exit;
}
$paySql = $db->query($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "pay"));
while ($paySqlRows = $db->fetchRow($paySql)) {
	$conf[$paySqlRows["cfg_key"]] = $paySqlRows["cfg_value"];
}
if (empty($conf["tepass_secret"])) {
	$tepass_secret = strtoupper(md5(base64_encode("PangSuan_Com@2022#1024")));
} else {
	$tepass_secret = $conf["tepass_secret"] . "PangSuan_Com@2022#1024";
}
$tepass_key = strtoupper(md5(base64_encode("PangSuan.Com@2020#0402"))) . base64_encode("TePass" . $tepass_secret);
$re_sign = strtoupper(md5($tepass_key . $tepass_time));
if ($re_sign != $tepass_sign) {
	$json = json_encode(["status" => "unsign", "unsign_url" => $unsign_url]);
	echo $json;
	exit;
}
$blackpattern = "/\\*|'|\"|#|;|,|or|\\^|=|<|>|and/i";
$vipSql = $db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "vip");
$vipSqlRows = $db->fetchAll($vipSql);
$ckey = array_column($vipSqlRows, "cfg_key");
$cvalue = array_column($vipSqlRows, "cfg_value");
$vipRows = array_combine($ckey, $cvalue);
$qrcode_api = __TYPECHO_PLUGIN_DIR__ . "/TePass/libs/qrcode.php?data=";
$action = isset($_POST["action"]) ? strip_tags($_POST["action"]) : "";
if ($action == "payvipsubmit") {
	$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
	$feeviptype = isset($_POST["feeviptype"]) ? strip_tags($_POST["feeviptype"]) : "";
	$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
	$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
	$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
	$feecookie = substr($for_validate_cookie, 0, 32);
	$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
	$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
	if ($feeuid == "0") {
		$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]);
		echo $json;
		exit;
	}
	if ($feeviptype == "vip_price_for_monthly") {
		$vip_price = $vipRows["vip_price_for_monthly"];
		$vip_days = 31;
		$vip_title = "VIP";
	} elseif ($feeviptype == "vip_price_for_annually") {
		$vip_price = $vipRows["vip_price_for_annually"];
		$vip_days = 366;
		$vip_title = "VIP";
	} elseif ($feeviptype == "vip_price_for_eternal") {
		$vip_price = $vipRows["vip_price_for_eternal"];
		$vip_days = 9999;
		$vip_title = "VIP";
	}
	switch ($feepaytype) {
		case "alipay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$appid = $conf["alipay_appid"];
			$notifyUrl = $conf["alipay_notify_url"];
			$outTradeNo = $feeid;
			$payAmount = $vip_price;
			$orderName = $vip_title;
			$signType = "RSA2";
			$rsaPrivateKey = $conf["alipay_app_private_key"];
			$aliPay = new AlipayService();
			$aliPay->setAppid($appid);
			$aliPay->setNotifyUrl($notifyUrl);
			$aliPay->setRsaPrivateKey($rsaPrivateKey);
			$aliPay->setTotalFee($payAmount);
			$aliPay->setOutTradeNo($outTradeNo);
			$aliPay->setOrderName($orderName);
			$result = $aliPay->doPay();
			$result = $result["alipay_trade_precreate_response"];
			if ($result["code"] && $result["code"] == "10000") {
				$qrurl = $result["qr_code"];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$qrcode = $qrcode_api . $qrurl;
				$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
				$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
				echo $json;
				exit;
			}
			break;
		case "wxpay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
			$outTradeNo = $feeid;
			$payAmount = $vip_price;
			$orderName = $vip_title;
			$notifyUrl = $conf["wxpay_notify_url"];
			$payTime = time();
			$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
			if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
				$feeviptype_arr = explode("___", $feeviptype);
				$feeviptype_symbol = $feeviptype_arr[3];
				$pay_symbol = "/tepass/wxpayjsapi?tip=vip_" . $feeviptype_symbol . "/tepass/refresh";
			} else {
				$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
				if ($arr["result_code"] = "SUCCESS") {
					$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
					$insert = $db->insert("table.tepass_fees")->rows($data);
					$insertId = $db->query($insert);
					$qrcode = $qrcode_api . $arr["code_url"];
				}
				if ($conf["wxpay_h5_open"] === "on") {
					if ($userAgent == "isMobile") {
						require_once "libs/wxpay_h5.php";
						$mchid = $conf["wxpay_mchid"];
						$appid = $conf["wxpay_appid"];
						$appKey = $conf["wxpay_appkey"];
						$apiKey = $conf["wxpay_apikey"];
						$outTradeNo = date("YmdHis") . rand(10, 99);
						$returnUrl = $callback_url;
						$wapUrl = $_SERVER["HTTP_HOST"];
						$wapName = "H5";
						$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
						$h5wxPay->setTotalFee($payAmount);
						$h5wxPay->setOutTradeNo($outTradeNo);
						$h5wxPay->setOrderName($orderName);
						$h5wxPay->setNotifyUrl($notifyUrl);
						$h5wxPay->setReturnUrl($returnUrl);
						$h5wxPay->setWapUrl($wapUrl);
						$h5wxPay->setWapName($wapName);
						$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
						$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
						$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
						$insertId_h5 = $db->query($insert_h5);
					} else {
						$mwebUrl = "";
					}
				} else {
					$mwebUrl = "";
				}
				$pay_symbol = "";
			}
			$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
			echo $json;
			exit;
			break;
		case "xh_wxpay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$xh_appid = $conf["xhpay_wxpay_mchid"];
			$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
			$hashkey = $xh_appsecret;
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
			$url = $conf["xhpay_gateway"];
			try {
				$response = XH_Payment_Api::http_post($url, json_encode($data));
				$result = $response ? json_decode($response, true) : null;
				if (!$result) {
					throw new Exception("Internal server error", 500);
				}
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
				if (!isset($result["hash"]) || $hash != $result["hash"]) {
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
				}
				if ($result["errcode"] != 0) {
					throw new Exception($result["errmsg"], $result["errcode"]);
				}
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				if ($conf["xhpay_h5_open"] == "WAP") {
					$h5_url = $result["url"];
				} else {
					$h5_url = "";
				}
				$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
				echo $json;
				exit;
			} catch (Exception $e) {
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
			}
			break;
		case "xh_alipay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$xh_appid = $conf["xhpay_alipay_mchid"];
			$xh_appsecret = $conf["xhpay_alipay_mchkey"];
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
			$hashkey = $xh_appsecret;
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
			$url = $conf["xhpay_gateway"];
			try {
				$response = XH_Payment_Api::http_post($url, json_encode($data));
				$result = $response ? json_decode($response, true) : null;
				if (!$result) {
					throw new Exception("Internal server error", 500);
				}
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
				if (!isset($result["hash"]) || $hash != $result["hash"]) {
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
				}
				if ($result["errcode"] != 0) {
					throw new Exception($result["errmsg"], $result["errcode"]);
				}
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$h5_url = $result["url"];
				$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
				echo $json;
				exit;
			} catch (Exception $e) {
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
			}
			break;
		case "vmqwx":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$vmq_key = $conf["vmq_key"];
			$vmq_host = $conf["vmq_host"] . "createOrder";
			$vmq_payId = $feeid;
			$vmq_param = $feecookie;
			$vmq_type = 1;
			$vmq_price = $vip_price;
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
			if ($vmq_result["code"] == "1") {
				$relly_vip_price = $vmq_result["data"]["reallyPrice"];
				$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
				$payUrl = $qrcode_api . $payUrl;
				$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]);
			} else {
				$json = json_encode(["status" => "fail"]);
			}
			echo $json;
			exit;
			break;
		case "vmqali":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$vmq_key = $conf["vmq_key"];
			$vmq_host = $conf["vmq_host"] . "createOrder";
			$vmq_payId = $feeid;
			$vmq_param = $feecookie;
			$vmq_type = 2;
			$vmq_price = $vip_price;
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
			if ($vmq_result["code"] == "1") {
				$relly_vip_price = $vmq_result["data"]["reallyPrice"];
				$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
				$payUrl = $qrcode_api . $payUrl;
				$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]);
			} else {
				$json = json_encode(["status" => "fail"]);
			}
			echo $json;
			exit;
			break;
		case "payjs":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(10, 99);
			$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $vip_price * 100, "attach" => $vip_price];
			$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
			$insert = $db->insert("table.tepass_fees")->rows($data);
			$insertId = $db->query($insert);
			$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
			$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
			$cashier_url = $payjs->cashier($order);
			$cashier_url_replace = str_replace("&", "%26", $cashier_url);
			$cashier_code = $qrcode_api . $cashier_url_replace;
			$h5_result = $payjs->mweb($order);
			if (!isset($h5_result["h5_url"])) {
				$h5_result["h5_url"] = "";
			}
			$h5_url = $h5_result["h5_url"];
			$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
			echo $json;
			exit;
			break;
	}
	$json = json_encode(["status" => "fail"]);
	echo $json;
	exit;
} elseif ($action == "paypostsubmit") {
	$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
	$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : "";
	$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
	$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
	$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
	$feecookie = substr($for_validate_cookie, 0, 32);
	$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
	$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
	$queryContent = $db->select()->from("table.tepass_posts")->where("post_id = ?", $feecid);
	$rowContent = $db->fetchRow($queryContent);
	$queryVip = $db->select()->from("table.tepass_vips")->where("vip_uid = ?", $feeuid)->where("vip_status > ?", 0);
	$rowVip = $db->fetchRow($queryVip);
	$rsconfig = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key = ?", "months_for_upgrade_eternal")->limit(1));
	if (empty($rowVip)) {
		$total_price = $rowContent["post_price"];
	} else {
		if ($rowVip["vip_status"] >= $rsconfig["cfg_value"]) {
			$total_price = $rowContent["post_price_for_eternal"];
		} else {
			$total_price = $rowContent["post_price_for_vip"];
		}
	}
	switch ($feepaytype) {
		case "alipay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$appid = $conf["alipay_appid"];
			$notifyUrl = $conf["alipay_notify_url"];
			$outTradeNo = $feeid;
			$payAmount = $total_price;
			$orderName = $rowContent["post_order_title"];
			$signType = "RSA2";
			$rsaPrivateKey = $conf["alipay_app_private_key"];
			$aliPay = new AlipayService();
			$aliPay->setAppid($appid);
			$aliPay->setNotifyUrl($notifyUrl);
			$aliPay->setRsaPrivateKey($rsaPrivateKey);
			$aliPay->setTotalFee($payAmount);
			$aliPay->setOutTradeNo($outTradeNo);
			$aliPay->setOrderName($orderName);
			$result = $aliPay->doPay();
			$result = $result["alipay_trade_precreate_response"];
			if ($result["code"] && $result["code"] == "10000") {
				$qrurl = $result["qr_code"];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$qrcode = $qrcode_api . $qrurl;
				$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
				$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
				echo $json;
				exit;
			}
			break;
		case "wxpay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
			$outTradeNo = $feeid;
			$payAmount = $total_price;
			$orderName = $rowContent["post_order_title"];
			$notifyUrl = $conf["wxpay_notify_url"];
			$payTime = time();
			$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
			if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
				$pay_symbol = "/tepass/wxpayjsapi?tip=post_" . $feecid;
			} else {
				$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
				if ($arr["result_code"] = "SUCCESS") {
					$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
					$insert = $db->insert("table.tepass_fees")->rows($data);
					$insertId = $db->query($insert);
					$qrcode = $qrcode_api . $arr["code_url"];
				}
				if ($conf["wxpay_h5_open"] === "on") {
					if ($userAgent == "isMobile") {
						require_once "libs/wxpay_h5.php";
						$mchid = $conf["wxpay_mchid"];
						$appid = $conf["wxpay_appid"];
						$appKey = $conf["wxpay_appkey"];
						$apiKey = $conf["wxpay_apikey"];
						$outTradeNo = date("YmdHis") . rand(100000, 999999);
						$returnUrl = $callback_url;
						$wapUrl = $_SERVER["HTTP_HOST"];
						$wapName = "H5";
						$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
						$h5wxPay->setTotalFee($payAmount);
						$h5wxPay->setOutTradeNo($outTradeNo);
						$h5wxPay->setOrderName($orderName);
						$h5wxPay->setNotifyUrl($notifyUrl);
						$h5wxPay->setReturnUrl($returnUrl);
						$h5wxPay->setWapUrl($wapUrl);
						$h5wxPay->setWapName($wapName);
						$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
						$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
						$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
						$insertId_h5 = $db->query($insert_h5);
					} else {
						$mwebUrl = "";
					}
				} else {
					$mwebUrl = "";
				}
				$pay_symbol = "";
			}
			$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
			echo $json;
			exit;
			break;
		case "xh_wxpay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$xh_appid = $conf["xhpay_wxpay_mchid"];
			$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
			$hashkey = $xh_appsecret;
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
			$url = $conf["xhpay_gateway"];
			try {
				$response = XH_Payment_Api::http_post($url, json_encode($data));
				$result = $response ? json_decode($response, true) : null;
				if (!$result) {
					throw new Exception("Internal server error", 500);
				}
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
				if (!isset($result["hash"]) || $hash != $result["hash"]) {
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
				}
				if ($result["errcode"] != 0) {
					throw new Exception($result["errmsg"], $result["errcode"]);
				}
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				if ($conf["xhpay_h5_open"] == "WAP") {
					$h5_url = $result["url"];
				} else {
					$h5_url = "";
				}
				$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
				echo $json;
				exit;
			} catch (Exception $e) {
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
			}
			break;
		case "xh_alipay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$xh_appid = $conf["xhpay_alipay_mchid"];
			$xh_appsecret = $conf["xhpay_alipay_mchkey"];
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
			$hashkey = $xh_appsecret;
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
			$url = $conf["xhpay_gateway"];
			try {
				$response = XH_Payment_Api::http_post($url, json_encode($data));
				$result = $response ? json_decode($response, true) : null;
				if (!$result) {
					throw new Exception("Internal server error", 500);
				}
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
				if (!isset($result["hash"]) || $hash != $result["hash"]) {
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
				}
				if ($result["errcode"] != 0) {
					throw new Exception($result["errmsg"], $result["errcode"]);
				}
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$h5_url = $result["url"];
				$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
				echo $json;
				exit;
			} catch (Exception $e) {
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
			}
			break;
		case "vmqwx":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$vmq_key = $conf["vmq_key"];
			$vmq_host = $conf["vmq_host"] . "createOrder";
			$vmq_payId = $feeid;
			$vmq_param = $feecookie;
			$vmq_type = 1;
			$vmq_price = $total_price;
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
			if ($vmq_result["code"] == "1") {
				$relly_totle_price = $vmq_result["data"]["reallyPrice"];
				$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
				$payUrl = $qrcode_api . $payUrl;
				$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]);
			} else {
				$json = json_encode(["status" => "fail"]);
			}
			echo $json;
			exit;
			break;
		case "vmqali":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$vmq_key = $conf["vmq_key"];
			$vmq_host = $conf["vmq_host"] . "createOrder";
			$vmq_payId = $feeid;
			$vmq_param = $feecookie;
			$vmq_type = 2;
			$vmq_price = $total_price;
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
			if ($vmq_result["code"] == "1") {
				$relly_totle_price = $vmq_result["data"]["reallyPrice"];
				$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
				$payUrl = $qrcode_api . $payUrl;
				$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]);
			} else {
				$json = json_encode(["status" => "fail"]);
			}
			echo $json;
			exit;
			break;
		case "payjs":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $total_price * 100, "attach" => $total_price];
			$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
			$insert = $db->insert("table.tepass_fees")->rows($data);
			$insertId = $db->query($insert);
			$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
			$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
			$cashier_url = $payjs->cashier($order);
			$cashier_url_replace = str_replace("&", "%26", $cashier_url);
			$cashier_code = $qrcode_api . $cashier_url_replace;
			$h5_result = $payjs->mweb($order);
			if (!isset($h5_result["h5_url"])) {
				$h5_result["h5_url"] = "";
			}
			$h5_url = $h5_result["h5_url"];
			$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
			echo $json;
			exit;
			break;
	}
	$json = json_encode(["status" => "fail"]);
	echo $json;
	exit;
} elseif ($action == "payrewardsubmit") {
	$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
	$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : "";
	$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
	$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
	$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
	$feecookie = substr($for_validate_cookie, 0, 32);
	$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
	$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
	$reward_from = isset($_POST["reward_from"]) ? strip_tags(str_replace("&nbsp;", "", $_POST["reward_from"])) : "";
	$reward_money = isset($_POST["reward_money"]) ? floatval(urldecode($_POST["reward_money"])) : "5";
	if (preg_match($blackpattern, $reward_from) || preg_match($blackpattern, $reward_money)) {
		$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]);
		echo $json;
		exit;
	}
	$queryContent = $db->select()->from("table.contents")->where("table.contents.cid = ?", $feecid);
	$rowContent = $db->fetchRow($queryContent);
	switch ($feepaytype) {
		case "wxpay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
			$outTradeNo = $feeid;
			$payAmount = $reward_money;
			$orderName = $rowContent["title"];
			$notifyUrl = $conf["wxpay_notify_url"];
			$payTime = time();
			$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
			if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
				$pay_symbol = "/tepass/wxpayjsapi?tip=reward_" . $feecid . "_" . $payAmount . "_" . $reward_from;
			} else {
				$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
				if ($arr["result_code"] = "SUCCESS") {
					$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_cookie" => $feecookie, "fee_user_agent" => $userAgent];
					$insert = $db->insert("table.tepass_fees")->rows($data);
					$insertId = $db->query($insert);
					$qrcode = $qrcode_api . $arr["code_url"];
				}
				if ($conf["wxpay_h5_open"] === "on") {
					if ($userAgent == "isMobile") {
						require_once "libs/wxpay_h5.php";
						$mchid = $conf["wxpay_mchid"];
						$appid = $conf["wxpay_appid"];
						$appKey = $conf["wxpay_appkey"];
						$apiKey = $conf["wxpay_apikey"];
						$outTradeNo = date("YmdHis") . rand(100000, 999999);
						$returnUrl = $callback_url;
						$wapUrl = $_SERVER["HTTP_HOST"];
						$wapName = "H5";
						$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
						$h5wxPay->setTotalFee($payAmount);
						$h5wxPay->setOutTradeNo($outTradeNo);
						$h5wxPay->setOrderName($orderName);
						$h5wxPay->setNotifyUrl($notifyUrl);
						$h5wxPay->setReturnUrl($returnUrl);
						$h5wxPay->setWapUrl($wapUrl);
						$h5wxPay->setWapName($wapName);
						$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
						$data_h5 = ["fee_id" => $out_trade_no, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
						$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
						$insertId_h5 = $db->query($insert_h5);
					} else {
						$mwebUrl = "";
					}
				} else {
					$mwebUrl = "";
				}
				$pay_symbol = "";
			}
			$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
			echo $json;
			exit;
			break;
		case "alipay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$appid = $conf["alipay_appid"];
			$notifyUrl = $conf["alipay_notify_url"];
			$outTradeNo = $feeid;
			$payAmount = $reward_money;
			$orderName = $rowContent["title"];
			$signType = "RSA2";
			$rsaPrivateKey = $conf["alipay_app_private_key"];
			$aliPay = new AlipayService();
			$aliPay->setAppid($appid);
			$aliPay->setNotifyUrl($notifyUrl);
			$aliPay->setRsaPrivateKey($rsaPrivateKey);
			$aliPay->setTotalFee($payAmount);
			$aliPay->setOutTradeNo($outTradeNo);
			$aliPay->setOrderName($orderName);
			$result = $aliPay->doPay();
			$result = $result["alipay_trade_precreate_response"];
			if ($result["code"] && $result["code"] == "10000") {
				$qrurl = $result["qr_code"];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$qrcode = $qrcode_api . $qrurl;
				$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
				$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
				echo $json;
				exit;
			}
			break;
		case "xh_wxpay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$xh_appid = $conf["xhpay_wxpay_mchid"];
			$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
			$hashkey = $xh_appsecret;
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
			$url = $conf["xhpay_gateway"];
			try {
				$response = XH_Payment_Api::http_post($url, json_encode($data));
				$result = $response ? json_decode($response, true) : null;
				if (!$result) {
					throw new Exception("Internal server error", 500);
				}
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
				if (!isset($result["hash"]) || $hash != $result["hash"]) {
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
				}
				if ($result["errcode"] != 0) {
					throw new Exception($result["errmsg"], $result["errcode"]);
				}
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				if ($conf["xhpay_h5_open"] == "WAP") {
					$h5_url = $result["url"];
				} else {
					$h5_url = "";
				}
				$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
				echo $json;
				exit;
			} catch (Exception $e) {
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
			}
			break;
		case "xh_alipay":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$xh_appid = $conf["xhpay_alipay_mchid"];
			$xh_appsecret = $conf["xhpay_alipay_mchkey"];
			$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
			$hashkey = $xh_appsecret;
			$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
			$url = $conf["xhpay_gateway"];
			try {
				$response = XH_Payment_Api::http_post($url, json_encode($data));
				$result = $response ? json_decode($response, true) : null;
				if (!$result) {
					throw new Exception("Internal server error", 500);
				}
				$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
				if (!isset($result["hash"]) || $hash != $result["hash"]) {
					throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
				}
				if ($result["errcode"] != 0) {
					throw new Exception($result["errmsg"], $result["errcode"]);
				}
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$h5_url = $result["url"];
				$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
				echo $json;
				exit;
			} catch (Exception $e) {
				echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
			}
			break;
		case "vmqwx":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$vmq_key = $conf["vmq_key"];
			$vmq_host = $conf["vmq_host"] . "createOrder";
			$vmq_payId = $feeid;
			$vmq_param = $feecookie;
			$vmq_type = 1;
			$vmq_price = $reward_money;
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
			if ($vmq_result["code"] == "1") {
				$relly_reward_money = $vmq_result["data"]["reallyPrice"];
				$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
				$payUrl = $qrcode_api . $payUrl;
				$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]);
			} else {
				$json = json_encode(["status" => "fail"]);
			}
			echo $json;
			exit;
			break;
		case "vmqali":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$vmq_key = $conf["vmq_key"];
			$vmq_host = $conf["vmq_host"] . "createOrder";
			$vmq_payId = $feeid;
			$vmq_param = $feecookie;
			$vmq_type = 2;
			$vmq_price = $reward_money;
			$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
			$vmq_p = "payId=" . $vmq_payId . "&param=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
			$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
			if ($vmq_result["code"] == "1") {
				$relly_reward_money = $vmq_result["data"]["reallyPrice"];
				$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money];
				$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
				$insert = $db->insert("table.tepass_fees")->rows($data);
				$insertId = $db->query($insert);
				$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
				$payUrl = $qrcode_api . $payUrl;
				$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]);
			} else {
				$json = json_encode(["status" => "fail"]);
			}
			echo $json;
			exit;
			break;
		case "payjs":
			$time = time();
			$feeid = date("YmdHis", $time) . rand(100000, 999999);
			$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $reward_money * 100, "attach" => $reward_money];
			$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
			$insert = $db->insert("table.tepass_fees")->rows($data);
			$insertId = $db->query($insert);
			$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
			$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
			$cashier_url = $payjs->cashier($order);
			$cashier_url_replace = str_replace("&", "%26", $cashier_url);
			$cashier_code = $qrcode_api . $cashier_url_replace;
			$h5_url = "";
			$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
			echo $json;
			exit;
			break;
	}
	$json = json_encode(["status" => "fail"]);
	echo $json;
	exit;
} else {
	echo "pay.php";
}

Function Calls

None

Variables

None

Stats

MD5 5e75081e9990d453ec530b6f5e1256af
Eval Count 0
Decode Time 116 ms