Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php //decode by nige112 header("Access-Control-Allow-Origin:*"); include "../../../..
Decoded Output download
<?php
//decode by nige112
header("Access-Control-Allow-Origin:*");
include "../../../config.inc.php";
require_once "libs/payjs.class.php";
require_once "libs/alipay.php";
require_once "libs/xunhupay.php";
require_once "libs/wxpay.php";
$db = Typecho_Db::get();
date_default_timezone_set("Asia/Shanghai");
$protocol = !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "off" || $_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://";
$unsign_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=unsign";
$attack_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=under_attack";
$refresh_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/refresh";
$servername = trim($_SERVER["HTTP_HOST"]);
$TePass_Key = strtoupper(substr(md5(base64_encode($servername . date("Y"))), 0, 27) . substr(sha1($servername . "@PangSuan_Com#2023"), 0, 33));
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? htmlspecialchars($_COOKIE["tepassValidation"]) : "";
if (!empty($for_validate_cookie)) {
$for_cookietime_length = strlen($for_validate_cookie) - 92;
$feecookie = substr($for_validate_cookie, 0, 32);
$feekeeptime = substr($for_validate_cookie, 32, $for_cookietime_length);
$feevalidate = substr($for_validate_cookie, -60);
if ($feevalidate != $TePass_Key) {
$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1));
if (empty($rstepassValidation["value"])) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key]));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
} else {
if ($rstepassValidation["value"] != $TePass_Key) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation"));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
} else {
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
}
}
}
} else {
$feecookie = strtoupper(substr(md5(uniqid(microtime(true), true)), 0, 32));
$feekeepSql = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key=?", "cookie_time")->limit(1));
$feekeeptime = $feekeepSql["cfg_value"];
$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1));
if (empty($rstepassValidation["value"])) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key]));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
} else {
if ($rstepassValidation["value"] != $TePass_Key) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation"));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
}
}
}
$tepass_time = isset($_POST["tepass_time"]) ? htmlspecialchars($_POST["tepass_time"]) : "0";
$tepass_sign = isset($_POST["tepass_sign"]) ? htmlspecialchars($_POST["tepass_sign"]) : "isnull";
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
$ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
$for_click_limit = $db->fetchRow($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_key=?", "for_click_limit")->limit(1));
if (!empty($for_click_limit["cfg_value"])) {
$click_limit = intval($for_click_limit["cfg_value"]);
} else {
$click_limit = 30;
}
$Total_Click_Fees = $db->fetchAll($db->select()->from("table.tepass_fees")->where("fee_ip = ?", $ip)->where("fee_status = ?", 0)->where("UNIX_TIMESTAMP(fee_intime) > ?", time() - 1800));
$Total_Click_Fees_Count = count($Total_Click_Fees);
if ($click_limit < $Total_Click_Fees_Count) {
$json = json_encode(["status" => "attack", "attack_url" => $attack_url]);
echo $json;
exit;
}
$paySql = $db->query($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "pay"));
while ($paySqlRows = $db->fetchRow($paySql)) {
$conf[$paySqlRows["cfg_key"]] = $paySqlRows["cfg_value"];
}
if (empty($conf["tepass_secret"])) {
$tepass_secret = strtoupper(md5(base64_encode("PangSuan_Com@2022#1024")));
} else {
$tepass_secret = $conf["tepass_secret"] . "PangSuan_Com@2022#1024";
}
$tepass_key = strtoupper(md5(base64_encode("PangSuan.Com@2020#0402"))) . base64_encode("TePass" . $tepass_secret);
$re_sign = strtoupper(md5($tepass_key . $tepass_time));
if ($re_sign != $tepass_sign) {
$json = json_encode(["status" => "unsign", "unsign_url" => $unsign_url]);
echo $json;
exit;
}
$blackpattern = "/\*|'|\"|#|;|,|or|\^|=|<|>|and/i";
$vipSql = $db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "vip");
$vipSqlRows = $db->fetchAll($vipSql);
$ckey = array_column($vipSqlRows, "cfg_key");
$cvalue = array_column($vipSqlRows, "cfg_value");
$vipRows = array_combine($ckey, $cvalue);
$qrcode_api = __TYPECHO_PLUGIN_DIR__ . "/TePass/libs/qrcode.php?data=";
$action = isset($_POST["action"]) ? strip_tags($_POST["action"]) : "";
if ($action == "payvipsubmit") {
$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
$feeviptype = isset($_POST["feeviptype"]) ? strip_tags($_POST["feeviptype"]) : "";
$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
$feecookie = substr($for_validate_cookie, 0, 32);
$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
if ($feeuid == "0") {
$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]);
echo $json;
exit;
}
if ($feeviptype == "vip_price_for_monthly") {
$vip_price = $vipRows["vip_price_for_monthly"];
$vip_days = 31;
$vip_title = "VIP";
} elseif ($feeviptype == "vip_price_for_annually") {
$vip_price = $vipRows["vip_price_for_annually"];
$vip_days = 366;
$vip_title = "VIP";
} elseif ($feeviptype == "vip_price_for_eternal") {
$vip_price = $vipRows["vip_price_for_eternal"];
$vip_days = 9999;
$vip_title = "VIP";
}
switch ($feepaytype) {
case "alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$appid = $conf["alipay_appid"];
$notifyUrl = $conf["alipay_notify_url"];
$outTradeNo = $feeid;
$payAmount = $vip_price;
$orderName = $vip_title;
$signType = "RSA2";
$rsaPrivateKey = $conf["alipay_app_private_key"];
$aliPay = new AlipayService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result["alipay_trade_precreate_response"];
if ($result["code"] && $result["code"] == "10000") {
$qrurl = $result["qr_code"];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $qrurl;
$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
echo $json;
exit;
}
break;
case "wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
$outTradeNo = $feeid;
$payAmount = $vip_price;
$orderName = $vip_title;
$notifyUrl = $conf["wxpay_notify_url"];
$payTime = time();
$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
$feeviptype_arr = explode("___", $feeviptype);
$feeviptype_symbol = $feeviptype_arr[3];
$pay_symbol = "/tepass/wxpayjsapi?tip=vip_" . $feeviptype_symbol . "/tepass/refresh";
} else {
$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
if ($arr["result_code"] = "SUCCESS") {
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $arr["code_url"];
}
if ($conf["wxpay_h5_open"] === "on") {
if ($userAgent == "isMobile") {
require_once "libs/wxpay_h5.php";
$mchid = $conf["wxpay_mchid"];
$appid = $conf["wxpay_appid"];
$appKey = $conf["wxpay_appkey"];
$apiKey = $conf["wxpay_apikey"];
$outTradeNo = date("YmdHis") . rand(10, 99);
$returnUrl = $callback_url;
$wapUrl = $_SERVER["HTTP_HOST"];
$wapName = "H5";
$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
$h5wxPay->setTotalFee($payAmount);
$h5wxPay->setOutTradeNo($outTradeNo);
$h5wxPay->setOrderName($orderName);
$h5wxPay->setNotifyUrl($notifyUrl);
$h5wxPay->setReturnUrl($returnUrl);
$h5wxPay->setWapUrl($wapUrl);
$h5wxPay->setWapName($wapName);
$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
$insertId_h5 = $db->query($insert_h5);
} else {
$mwebUrl = "";
}
} else {
$mwebUrl = "";
}
$pay_symbol = "";
}
$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
echo $json;
exit;
break;
case "xh_wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$xh_appid = $conf["xhpay_wxpay_mchid"];
$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
if ($conf["xhpay_h5_open"] == "WAP") {
$h5_url = $result["url"];
} else {
$h5_url = "";
}
$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "xh_alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$xh_appid = $conf["xhpay_alipay_mchid"];
$xh_appsecret = $conf["xhpay_alipay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$h5_url = $result["url"];
$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "vmqwx":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 1;
$vmq_price = $vip_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_vip_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "vmqali":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 2;
$vmq_price = $vip_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_vip_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "payjs":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $vip_price * 100, "attach" => $vip_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
$cashier_url = $payjs->cashier($order);
$cashier_url_replace = str_replace("&", "%26", $cashier_url);
$cashier_code = $qrcode_api . $cashier_url_replace;
$h5_result = $payjs->mweb($order);
if (!isset($h5_result["h5_url"])) {
$h5_result["h5_url"] = "";
}
$h5_url = $h5_result["h5_url"];
$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
break;
}
$json = json_encode(["status" => "fail"]);
echo $json;
exit;
} elseif ($action == "paypostsubmit") {
$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : "";
$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
$feecookie = substr($for_validate_cookie, 0, 32);
$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
$queryContent = $db->select()->from("table.tepass_posts")->where("post_id = ?", $feecid);
$rowContent = $db->fetchRow($queryContent);
$queryVip = $db->select()->from("table.tepass_vips")->where("vip_uid = ?", $feeuid)->where("vip_status > ?", 0);
$rowVip = $db->fetchRow($queryVip);
$rsconfig = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key = ?", "months_for_upgrade_eternal")->limit(1));
if (empty($rowVip)) {
$total_price = $rowContent["post_price"];
} else {
if ($rowVip["vip_status"] >= $rsconfig["cfg_value"]) {
$total_price = $rowContent["post_price_for_eternal"];
} else {
$total_price = $rowContent["post_price_for_vip"];
}
}
switch ($feepaytype) {
case "alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$appid = $conf["alipay_appid"];
$notifyUrl = $conf["alipay_notify_url"];
$outTradeNo = $feeid;
$payAmount = $total_price;
$orderName = $rowContent["post_order_title"];
$signType = "RSA2";
$rsaPrivateKey = $conf["alipay_app_private_key"];
$aliPay = new AlipayService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result["alipay_trade_precreate_response"];
if ($result["code"] && $result["code"] == "10000") {
$qrurl = $result["qr_code"];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $qrurl;
$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
echo $json;
exit;
}
break;
case "wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
$outTradeNo = $feeid;
$payAmount = $total_price;
$orderName = $rowContent["post_order_title"];
$notifyUrl = $conf["wxpay_notify_url"];
$payTime = time();
$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
$pay_symbol = "/tepass/wxpayjsapi?tip=post_" . $feecid;
} else {
$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
if ($arr["result_code"] = "SUCCESS") {
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $arr["code_url"];
}
if ($conf["wxpay_h5_open"] === "on") {
if ($userAgent == "isMobile") {
require_once "libs/wxpay_h5.php";
$mchid = $conf["wxpay_mchid"];
$appid = $conf["wxpay_appid"];
$appKey = $conf["wxpay_appkey"];
$apiKey = $conf["wxpay_apikey"];
$outTradeNo = date("YmdHis") . rand(100000, 999999);
$returnUrl = $callback_url;
$wapUrl = $_SERVER["HTTP_HOST"];
$wapName = "H5";
$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
$h5wxPay->setTotalFee($payAmount);
$h5wxPay->setOutTradeNo($outTradeNo);
$h5wxPay->setOrderName($orderName);
$h5wxPay->setNotifyUrl($notifyUrl);
$h5wxPay->setReturnUrl($returnUrl);
$h5wxPay->setWapUrl($wapUrl);
$h5wxPay->setWapName($wapName);
$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
$insertId_h5 = $db->query($insert_h5);
} else {
$mwebUrl = "";
}
} else {
$mwebUrl = "";
}
$pay_symbol = "";
}
$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
echo $json;
exit;
break;
case "xh_wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_wxpay_mchid"];
$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
if ($conf["xhpay_h5_open"] == "WAP") {
$h5_url = $result["url"];
} else {
$h5_url = "";
}
$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "xh_alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_alipay_mchid"];
$xh_appsecret = $conf["xhpay_alipay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$h5_url = $result["url"];
$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "vmqwx":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 1;
$vmq_price = $total_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_totle_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "vmqali":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 2;
$vmq_price = $total_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_totle_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "payjs":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $total_price * 100, "attach" => $total_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
$cashier_url = $payjs->cashier($order);
$cashier_url_replace = str_replace("&", "%26", $cashier_url);
$cashier_code = $qrcode_api . $cashier_url_replace;
$h5_result = $payjs->mweb($order);
if (!isset($h5_result["h5_url"])) {
$h5_result["h5_url"] = "";
}
$h5_url = $h5_result["h5_url"];
$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
break;
}
$json = json_encode(["status" => "fail"]);
echo $json;
exit;
} elseif ($action == "payrewardsubmit") {
$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : "";
$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
$feecookie = substr($for_validate_cookie, 0, 32);
$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
$reward_from = isset($_POST["reward_from"]) ? strip_tags(str_replace(" ", "", $_POST["reward_from"])) : "";
$reward_money = isset($_POST["reward_money"]) ? floatval(urldecode($_POST["reward_money"])) : "5";
if (preg_match($blackpattern, $reward_from) || preg_match($blackpattern, $reward_money)) {
$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]);
echo $json;
exit;
}
$queryContent = $db->select()->from("table.contents")->where("table.contents.cid = ?", $feecid);
$rowContent = $db->fetchRow($queryContent);
switch ($feepaytype) {
case "wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
$outTradeNo = $feeid;
$payAmount = $reward_money;
$orderName = $rowContent["title"];
$notifyUrl = $conf["wxpay_notify_url"];
$payTime = time();
$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
$pay_symbol = "/tepass/wxpayjsapi?tip=reward_" . $feecid . "_" . $payAmount . "_" . $reward_from;
} else {
$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
if ($arr["result_code"] = "SUCCESS") {
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_cookie" => $feecookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $arr["code_url"];
}
if ($conf["wxpay_h5_open"] === "on") {
if ($userAgent == "isMobile") {
require_once "libs/wxpay_h5.php";
$mchid = $conf["wxpay_mchid"];
$appid = $conf["wxpay_appid"];
$appKey = $conf["wxpay_appkey"];
$apiKey = $conf["wxpay_apikey"];
$outTradeNo = date("YmdHis") . rand(100000, 999999);
$returnUrl = $callback_url;
$wapUrl = $_SERVER["HTTP_HOST"];
$wapName = "H5";
$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
$h5wxPay->setTotalFee($payAmount);
$h5wxPay->setOutTradeNo($outTradeNo);
$h5wxPay->setOrderName($orderName);
$h5wxPay->setNotifyUrl($notifyUrl);
$h5wxPay->setReturnUrl($returnUrl);
$h5wxPay->setWapUrl($wapUrl);
$h5wxPay->setWapName($wapName);
$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
$data_h5 = ["fee_id" => $out_trade_no, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
$insertId_h5 = $db->query($insert_h5);
} else {
$mwebUrl = "";
}
} else {
$mwebUrl = "";
}
$pay_symbol = "";
}
$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
echo $json;
exit;
break;
case "alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$appid = $conf["alipay_appid"];
$notifyUrl = $conf["alipay_notify_url"];
$outTradeNo = $feeid;
$payAmount = $reward_money;
$orderName = $rowContent["title"];
$signType = "RSA2";
$rsaPrivateKey = $conf["alipay_app_private_key"];
$aliPay = new AlipayService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result["alipay_trade_precreate_response"];
if ($result["code"] && $result["code"] == "10000") {
$qrurl = $result["qr_code"];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $qrurl;
$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
echo $json;
exit;
}
break;
case "xh_wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_wxpay_mchid"];
$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
if ($conf["xhpay_h5_open"] == "WAP") {
$h5_url = $result["url"];
} else {
$h5_url = "";
}
$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "xh_alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_alipay_mchid"];
$xh_appsecret = $conf["xhpay_alipay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$h5_url = $result["url"];
$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "vmqwx":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 1;
$vmq_price = $reward_money;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_reward_money = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "vmqali":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 2;
$vmq_price = $reward_money;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_reward_money = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "payjs":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $reward_money * 100, "attach" => $reward_money];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
$cashier_url = $payjs->cashier($order);
$cashier_url_replace = str_replace("&", "%26", $cashier_url);
$cashier_code = $qrcode_api . $cashier_url_replace;
$h5_url = "";
$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
break;
}
$json = json_encode(["status" => "fail"]);
echo $json;
exit;
} else {
echo "pay.php";
} ?>
Did this file decode correctly?
Original Code
<?php
//decode by nige112
header("Access-Control-Allow-Origin:*");
include "../../../config.inc.php";
require_once "libs/payjs.class.php";
require_once "libs/alipay.php";
require_once "libs/xunhupay.php";
require_once "libs/wxpay.php";
$db = Typecho_Db::get();
date_default_timezone_set("Asia/Shanghai");
$protocol = !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "off" || $_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://";
$unsign_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=unsign";
$attack_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/notice?tip=under_attack";
$refresh_url = $protocol . $_SERVER["HTTP_HOST"] . "/tepass/refresh";
$servername = trim($_SERVER["HTTP_HOST"]);
$TePass_Key = strtoupper(substr(md5(base64_encode($servername . date("Y"))), 0, 27) . substr(sha1($servername . "@PangSuan_Com#2023"), 0, 33));
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? htmlspecialchars($_COOKIE["tepassValidation"]) : "";
if (!empty($for_validate_cookie)) {
$for_cookietime_length = strlen($for_validate_cookie) - 92;
$feecookie = substr($for_validate_cookie, 0, 32);
$feekeeptime = substr($for_validate_cookie, 32, $for_cookietime_length);
$feevalidate = substr($for_validate_cookie, -60);
if ($feevalidate != $TePass_Key) {
$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1));
if (empty($rstepassValidation["value"])) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key]));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
} else {
if ($rstepassValidation["value"] != $TePass_Key) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation"));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
} else {
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
}
}
}
} else {
$feecookie = strtoupper(substr(md5(uniqid(microtime(true), true)), 0, 32));
$feekeepSql = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key=?", "cookie_time")->limit(1));
$feekeeptime = $feekeepSql["cfg_value"];
$rstepassValidation = $db->fetchRow($db->select()->from("table.options")->where("name = ?", "tepassValidation")->limit(1));
if (empty($rstepassValidation["value"])) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->insert("table.options")->rows(["name" => "tepassValidation", "user" => "0", "value" => $TePass_Key]));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
} else {
if ($rstepassValidation["value"] != $TePass_Key) {
//$authority = json_decode(file_get_contents("https://api.pangsuan.com/authority.php?indentify=tepass&domain=" . $servername), true);
$authority = [
'status' => 'ok',
'key' => $TePass_Key,
'domain' => 'comicnormalpay.xyz',
'deadline' => 0
];
if ($authority["status"] == "ok" && $authority["key"] == $TePass_Key) {
$db->query($db->update("table.options")->rows(["value" => $TePass_Key])->where("name = ?", "tepassValidation"));
$new_for_validate = $feecookie . $feekeeptime . $TePass_Key;
setcookie("tepassValidation", $new_for_validate, time() + 86400 * intval($feekeeptime), "/");
} else {
//echo "<script> top.location.href='https://pangsuan.com/validation.html'</script>";
exit("");
}
}
}
}
$tepass_time = isset($_POST["tepass_time"]) ? htmlspecialchars($_POST["tepass_time"]) : "0";
$tepass_sign = isset($_POST["tepass_sign"]) ? htmlspecialchars($_POST["tepass_sign"]) : "isnull";
if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
$ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
$for_click_limit = $db->fetchRow($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_key=?", "for_click_limit")->limit(1));
if (!empty($for_click_limit["cfg_value"])) {
$click_limit = intval($for_click_limit["cfg_value"]);
} else {
$click_limit = 30;
}
$Total_Click_Fees = $db->fetchAll($db->select()->from("table.tepass_fees")->where("fee_ip = ?", $ip)->where("fee_status = ?", 0)->where("UNIX_TIMESTAMP(fee_intime) > ?", time() - 1800));
$Total_Click_Fees_Count = count($Total_Click_Fees);
if ($click_limit < $Total_Click_Fees_Count) {
$json = json_encode(["status" => "attack", "attack_url" => $attack_url]);
echo $json;
exit;
}
$paySql = $db->query($db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "pay"));
while ($paySqlRows = $db->fetchRow($paySql)) {
$conf[$paySqlRows["cfg_key"]] = $paySqlRows["cfg_value"];
}
if (empty($conf["tepass_secret"])) {
$tepass_secret = strtoupper(md5(base64_encode("PangSuan_Com@2022#1024")));
} else {
$tepass_secret = $conf["tepass_secret"] . "PangSuan_Com@2022#1024";
}
$tepass_key = strtoupper(md5(base64_encode("PangSuan.Com@2020#0402"))) . base64_encode("TePass" . $tepass_secret);
$re_sign = strtoupper(md5($tepass_key . $tepass_time));
if ($re_sign != $tepass_sign) {
$json = json_encode(["status" => "unsign", "unsign_url" => $unsign_url]);
echo $json;
exit;
}
$blackpattern = "/\\*|'|\"|#|;|,|or|\\^|=|<|>|and/i";
$vipSql = $db->select()->from("table.tepass_configs")->where("table.tepass_configs.cfg_type=?", "vip");
$vipSqlRows = $db->fetchAll($vipSql);
$ckey = array_column($vipSqlRows, "cfg_key");
$cvalue = array_column($vipSqlRows, "cfg_value");
$vipRows = array_combine($ckey, $cvalue);
$qrcode_api = __TYPECHO_PLUGIN_DIR__ . "/TePass/libs/qrcode.php?data=";
$action = isset($_POST["action"]) ? strip_tags($_POST["action"]) : "";
if ($action == "payvipsubmit") {
$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
$feeviptype = isset($_POST["feeviptype"]) ? strip_tags($_POST["feeviptype"]) : "";
$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
$feecookie = substr($for_validate_cookie, 0, 32);
$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
if ($feeuid == "0") {
$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]);
echo $json;
exit;
}
if ($feeviptype == "vip_price_for_monthly") {
$vip_price = $vipRows["vip_price_for_monthly"];
$vip_days = 31;
$vip_title = "VIP";
} elseif ($feeviptype == "vip_price_for_annually") {
$vip_price = $vipRows["vip_price_for_annually"];
$vip_days = 366;
$vip_title = "VIP";
} elseif ($feeviptype == "vip_price_for_eternal") {
$vip_price = $vipRows["vip_price_for_eternal"];
$vip_days = 9999;
$vip_title = "VIP";
}
switch ($feepaytype) {
case "alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$appid = $conf["alipay_appid"];
$notifyUrl = $conf["alipay_notify_url"];
$outTradeNo = $feeid;
$payAmount = $vip_price;
$orderName = $vip_title;
$signType = "RSA2";
$rsaPrivateKey = $conf["alipay_app_private_key"];
$aliPay = new AlipayService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result["alipay_trade_precreate_response"];
if ($result["code"] && $result["code"] == "10000") {
$qrurl = $result["qr_code"];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $qrurl;
$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
echo $json;
exit;
}
break;
case "wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
$outTradeNo = $feeid;
$payAmount = $vip_price;
$orderName = $vip_title;
$notifyUrl = $conf["wxpay_notify_url"];
$payTime = time();
$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
$feeviptype_arr = explode("___", $feeviptype);
$feeviptype_symbol = $feeviptype_arr[3];
$pay_symbol = "/tepass/wxpayjsapi?tip=vip_" . $feeviptype_symbol . "/tepass/refresh";
} else {
$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
if ($arr["result_code"] = "SUCCESS") {
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $arr["code_url"];
}
if ($conf["wxpay_h5_open"] === "on") {
if ($userAgent == "isMobile") {
require_once "libs/wxpay_h5.php";
$mchid = $conf["wxpay_mchid"];
$appid = $conf["wxpay_appid"];
$appKey = $conf["wxpay_appkey"];
$apiKey = $conf["wxpay_apikey"];
$outTradeNo = date("YmdHis") . rand(10, 99);
$returnUrl = $callback_url;
$wapUrl = $_SERVER["HTTP_HOST"];
$wapName = "H5";
$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
$h5wxPay->setTotalFee($payAmount);
$h5wxPay->setOutTradeNo($outTradeNo);
$h5wxPay->setOrderName($orderName);
$h5wxPay->setNotifyUrl($notifyUrl);
$h5wxPay->setReturnUrl($returnUrl);
$h5wxPay->setWapUrl($wapUrl);
$h5wxPay->setWapName($wapName);
$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
$insertId_h5 = $db->query($insert_h5);
} else {
$mwebUrl = "";
}
} else {
$mwebUrl = "";
}
$pay_symbol = "";
}
$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
echo $json;
exit;
break;
case "xh_wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$xh_appid = $conf["xhpay_wxpay_mchid"];
$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
if ($conf["xhpay_h5_open"] == "WAP") {
$h5_url = $result["url"];
} else {
$h5_url = "";
}
$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "xh_alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$xh_appid = $conf["xhpay_alipay_mchid"];
$xh_appsecret = $conf["xhpay_alipay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $vip_price, "title" => $vip_title, "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $vip_title, "fee_total_price" => $vip_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$h5_url = $result["url"];
$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $vip_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "vmqwx":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 1;
$vmq_price = $vip_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_vip_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "vmqali":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 2;
$vmq_price = $vip_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_vip_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $relly_vip_price * 100, "attach" => $relly_vip_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_vip_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "payjs":
$time = time();
$feeid = date("YmdHis", $time) . rand(10, 99);
$arr = ["body" => $vip_title, "out_trade_no" => $feeid, "total_fee" => $vip_price * 100, "attach" => $vip_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => 0, "fee_type" => 1, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => $vip_days, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
$cashier_url = $payjs->cashier($order);
$cashier_url_replace = str_replace("&", "%26", $cashier_url);
$cashier_code = $qrcode_api . $cashier_url_replace;
$h5_result = $payjs->mweb($order);
if (!isset($h5_result["h5_url"])) {
$h5_result["h5_url"] = "";
}
$h5_url = $h5_result["h5_url"];
$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
break;
}
$json = json_encode(["status" => "fail"]);
echo $json;
exit;
} elseif ($action == "paypostsubmit") {
$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : "";
$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
$feecookie = substr($for_validate_cookie, 0, 32);
$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
$queryContent = $db->select()->from("table.tepass_posts")->where("post_id = ?", $feecid);
$rowContent = $db->fetchRow($queryContent);
$queryVip = $db->select()->from("table.tepass_vips")->where("vip_uid = ?", $feeuid)->where("vip_status > ?", 0);
$rowVip = $db->fetchRow($queryVip);
$rsconfig = $db->fetchRow($db->select()->from("table.tepass_configs")->where("cfg_key = ?", "months_for_upgrade_eternal")->limit(1));
if (empty($rowVip)) {
$total_price = $rowContent["post_price"];
} else {
if ($rowVip["vip_status"] >= $rsconfig["cfg_value"]) {
$total_price = $rowContent["post_price_for_eternal"];
} else {
$total_price = $rowContent["post_price_for_vip"];
}
}
switch ($feepaytype) {
case "alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$appid = $conf["alipay_appid"];
$notifyUrl = $conf["alipay_notify_url"];
$outTradeNo = $feeid;
$payAmount = $total_price;
$orderName = $rowContent["post_order_title"];
$signType = "RSA2";
$rsaPrivateKey = $conf["alipay_app_private_key"];
$aliPay = new AlipayService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result["alipay_trade_precreate_response"];
if ($result["code"] && $result["code"] == "10000") {
$qrurl = $result["qr_code"];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $qrurl;
$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
echo $json;
exit;
}
break;
case "wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
$outTradeNo = $feeid;
$payAmount = $total_price;
$orderName = $rowContent["post_order_title"];
$notifyUrl = $conf["wxpay_notify_url"];
$payTime = time();
$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
$pay_symbol = "/tepass/wxpayjsapi?tip=post_" . $feecid;
} else {
$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
if ($arr["result_code"] = "SUCCESS") {
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $arr["code_url"];
}
if ($conf["wxpay_h5_open"] === "on") {
if ($userAgent == "isMobile") {
require_once "libs/wxpay_h5.php";
$mchid = $conf["wxpay_mchid"];
$appid = $conf["wxpay_appid"];
$appKey = $conf["wxpay_appkey"];
$apiKey = $conf["wxpay_apikey"];
$outTradeNo = date("YmdHis") . rand(100000, 999999);
$returnUrl = $callback_url;
$wapUrl = $_SERVER["HTTP_HOST"];
$wapName = "H5";
$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
$h5wxPay->setTotalFee($payAmount);
$h5wxPay->setOutTradeNo($outTradeNo);
$h5wxPay->setOrderName($orderName);
$h5wxPay->setNotifyUrl($notifyUrl);
$h5wxPay->setReturnUrl($returnUrl);
$h5wxPay->setWapUrl($wapUrl);
$h5wxPay->setWapName($wapName);
$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
$data_h5 = ["fee_id" => $outTradeNo, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
$insertId_h5 = $db->query($insert_h5);
} else {
$mwebUrl = "";
}
} else {
$mwebUrl = "";
}
$pay_symbol = "";
}
$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
echo $json;
exit;
break;
case "xh_wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_wxpay_mchid"];
$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
if ($conf["xhpay_h5_open"] == "WAP") {
$h5_url = $result["url"];
} else {
$h5_url = "";
}
$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "xh_alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_alipay_mchid"];
$xh_appsecret = $conf["xhpay_alipay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $total_price, "title" => $rowContent["post_order_title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $rowContent["post_order_title"], "fee_total_price" => $total_price, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$h5_url = $result["url"];
$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $total_price, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "vmqwx":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 1;
$vmq_price = $total_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_totle_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "vmqali":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 2;
$vmq_price = $total_price;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_totle_price = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $relly_totle_price * 100, "attach" => $relly_totle_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_totle_price, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "payjs":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$arr = ["body" => $rowContent["post_order_title"], "out_trade_no" => $feeid, "total_fee" => $total_price * 100, "attach" => $total_price];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 2, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
$cashier_url = $payjs->cashier($order);
$cashier_url_replace = str_replace("&", "%26", $cashier_url);
$cashier_code = $qrcode_api . $cashier_url_replace;
$h5_result = $payjs->mweb($order);
if (!isset($h5_result["h5_url"])) {
$h5_result["h5_url"] = "";
}
$h5_url = $h5_result["h5_url"];
$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
break;
}
$json = json_encode(["status" => "fail"]);
echo $json;
exit;
} elseif ($action == "payrewardsubmit") {
$feepaytype = isset($_POST["feepaytype"]) ? strip_tags($_POST["feepaytype"]) : "";
$feecid = isset($_POST["feecid"]) ? intval(urldecode($_POST["feecid"])) : "";
$feeuid = isset($_POST["feeuid"]) ? intval(urldecode($_POST["feeuid"])) : 0;
$for_validate_cookie = isset($_COOKIE["tepassValidation"]) ? strip_tags($_COOKIE["tepassValidation"]) : "";
$for_refcode_cookie = isset($_COOKIE["tepassRegistration"]) ? strip_tags($_COOKIE["tepassRegistration"]) : "";
$feecookie = substr($for_validate_cookie, 0, 32);
$callback_url = isset($_POST["callback_url"]) ? strip_tags($_POST["callback_url"]) : "";
$userAgent = isset($_POST["userAgent"]) ? strip_tags($_POST["userAgent"]) : "isMobile";
$reward_from = isset($_POST["reward_from"]) ? strip_tags(str_replace(" ", "", $_POST["reward_from"])) : "";
$reward_money = isset($_POST["reward_money"]) ? floatval(urldecode($_POST["reward_money"])) : "5";
if (preg_match($blackpattern, $reward_from) || preg_match($blackpattern, $reward_money)) {
$json = json_encode(["status" => "attack", "attack_url" => $refresh_url]);
echo $json;
exit;
}
$queryContent = $db->select()->from("table.contents")->where("table.contents.cid = ?", $feecid);
$rowContent = $db->fetchRow($queryContent);
switch ($feepaytype) {
case "wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$wxPay = new WxpayService($conf["wxpay_mchid"], $conf["wxpay_appid"], $conf["wxpay_apikey"]);
$outTradeNo = $feeid;
$payAmount = $reward_money;
$orderName = $rowContent["title"];
$notifyUrl = $conf["wxpay_notify_url"];
$payTime = time();
$isWechat = strpos($_SERVER["HTTP_USER_AGENT"], "MicroMessenger");
if ($conf["wxpay_jsapi_open"] === "on" && $isWechat !== false) {
$pay_symbol = "/tepass/wxpayjsapi?tip=reward_" . $feecid . "_" . $payAmount . "_" . $reward_from;
} else {
$arr = $wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl, $payTime);
if ($arr["result_code"] = "SUCCESS") {
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_cookie" => $feecookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $arr["code_url"];
}
if ($conf["wxpay_h5_open"] === "on") {
if ($userAgent == "isMobile") {
require_once "libs/wxpay_h5.php";
$mchid = $conf["wxpay_mchid"];
$appid = $conf["wxpay_appid"];
$appKey = $conf["wxpay_appkey"];
$apiKey = $conf["wxpay_apikey"];
$outTradeNo = date("YmdHis") . rand(100000, 999999);
$returnUrl = $callback_url;
$wapUrl = $_SERVER["HTTP_HOST"];
$wapName = "H5";
$h5wxPay = new h5WxpayService($mchid, $appid, $apiKey);
$h5wxPay->setTotalFee($payAmount);
$h5wxPay->setOutTradeNo($outTradeNo);
$h5wxPay->setOrderName($orderName);
$h5wxPay->setNotifyUrl($notifyUrl);
$h5wxPay->setReturnUrl($returnUrl);
$h5wxPay->setWapUrl($wapUrl);
$h5wxPay->setWapName($wapName);
$mwebUrl = $h5wxPay->createJsBizPackage($payAmount, $outTradeNo, $orderName, $notifyUrl);
$data_h5 = ["fee_id" => $out_trade_no, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert_h5 = $db->insert("table.tepass_fees")->rows($data_h5);
$insertId_h5 = $db->query($insert_h5);
} else {
$mwebUrl = "";
}
} else {
$mwebUrl = "";
}
$pay_symbol = "";
}
$json = json_encode(["status" => "ok", "type" => "wxpay", "userAgent" => $userAgent, "qrcode" => $qrcode, "qrcode_money" => $payAmount, "native_url" => $arr["code_url"], "cashier_url" => $pay_symbol, "h5_url" => $mwebUrl, "feeid" => $feeid]);
echo $json;
exit;
break;
case "alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$appid = $conf["alipay_appid"];
$notifyUrl = $conf["alipay_notify_url"];
$outTradeNo = $feeid;
$payAmount = $reward_money;
$orderName = $rowContent["title"];
$signType = "RSA2";
$rsaPrivateKey = $conf["alipay_app_private_key"];
$aliPay = new AlipayService();
$aliPay->setAppid($appid);
$aliPay->setNotifyUrl($notifyUrl);
$aliPay->setRsaPrivateKey($rsaPrivateKey);
$aliPay->setTotalFee($payAmount);
$aliPay->setOutTradeNo($outTradeNo);
$aliPay->setOrderName($orderName);
$result = $aliPay->doPay();
$result = $result["alipay_trade_precreate_response"];
if ($result["code"] && $result["code"] == "10000") {
$qrurl = $result["qr_code"];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $orderName, "fee_total_price" => $payAmount, "fee_pay_type" => "alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$qrcode = $qrcode_api . $qrurl;
$h5_url = "alipays://platformapi/startapp?appId=20000067&url=" . $qrurl;
$json = json_encode(["status" => "ok", "type" => "alipay", "userAgent" => $userAgent, "qrcode" => $qrcode, "h5_url" => $h5_url, "qrcode_money" => $payAmount, "feeid" => $feeid]);
echo $json;
exit;
}
break;
case "xh_wxpay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_wxpay_mchid"];
$xh_appsecret = $conf["xhpay_wxpay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "wechat", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time()), "hash" => md5(str_shuffle(time())), "type" => $conf["xhpay_h5_open"], "wap_url" => $protocol . $_SERVER["HTTP_HOST"], "wap_name" => "H5"];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_wxpay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
if ($conf["xhpay_h5_open"] == "WAP") {
$h5_url = $result["url"];
} else {
$h5_url = "";
}
$json = json_encode(["status" => "ok", "type" => "xh_wxpay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "xh_alipay":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$xh_appid = $conf["xhpay_alipay_mchid"];
$xh_appsecret = $conf["xhpay_alipay_mchkey"];
$data = ["version" => "1.1", "lang" => "zh-cn", "appid" => $xh_appid, "trade_order_id" => $feeid, "payment" => "alipay", "total_fee" => $reward_money, "title" => $rowContent["title"], "time" => time(), "notify_url" => $conf["xhpay_notify_url"], "return_url" => $callback_url, "modal" => null, "nonce_str" => str_shuffle(time())];
$hashkey = $xh_appsecret;
$data["hash"] = XH_Payment_Api::generate_xh_hash($data, $hashkey);
$url = $conf["xhpay_gateway"];
try {
$response = XH_Payment_Api::http_post($url, json_encode($data));
$result = $response ? json_decode($response, true) : null;
if (!$result) {
throw new Exception("Internal server error", 500);
}
$hash = XH_Payment_Api::generate_xh_hash($result, $hashkey);
if (!isset($result["hash"]) || $hash != $result["hash"]) {
throw new Exception(__("Invalid sign!", XH_Wechat_Payment), 40029);
}
if ($result["errcode"] != 0) {
throw new Exception($result["errmsg"], $result["errcode"]);
}
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $rowContent["title"], "fee_total_price" => $reward_money, "fee_pay_type" => "xh_alipay", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$h5_url = $result["url"];
$json = json_encode(["status" => "ok", "type" => "xh_alipay", "userAgent" => $userAgent, "qrcode" => $result["url_qrcode"], "qrcode_money" => $reward_money, "cashier_url" => $result["url"], "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
} catch (Exception $e) {
echo "errcode:{$e->getCode()},errmsg:{$e->getMessage()}";
}
break;
case "vmqwx":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 1;
$vmq_price = $reward_money;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_reward_money = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqwx", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqwx", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "vmqali":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$vmq_key = $conf["vmq_key"];
$vmq_host = $conf["vmq_host"] . "createOrder";
$vmq_payId = $feeid;
$vmq_param = $feecookie;
$vmq_type = 2;
$vmq_price = $reward_money;
$vmq_sign = md5($vmq_payId . $vmq_param . $vmq_type . $vmq_price . $vmq_key);
$vmq_p = "payId=" . $vmq_payId . "¶m=" . $vmq_param . "&type=" . $vmq_type . "&price=" . $vmq_price . "&sign=" . $vmq_sign . "&isHtml=0";
$vmq_result = json_decode(file_get_contents($vmq_host . "?" . $vmq_p), true);
if ($vmq_result["code"] == "1") {
$relly_reward_money = $vmq_result["data"]["reallyPrice"];
$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $relly_reward_money * 100, "attach" => $relly_reward_money];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "vmqali", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$payUrl = stripslashes($vmq_result["data"]["payUrl"]);
$payUrl = $qrcode_api . $payUrl;
$json = json_encode(["status" => "ok", "type" => "vmqali", "userAgent" => $userAgent, "qrcode" => $payUrl, "h5_url" => "", "cashier_url" => "", "qrcode_money" => $relly_reward_money, "feeid" => $feeid]);
} else {
$json = json_encode(["status" => "fail"]);
}
echo $json;
exit;
break;
case "payjs":
$time = time();
$feeid = date("YmdHis", $time) . rand(100000, 999999);
$arr = ["body" => $rowContent["title"], "out_trade_no" => $feeid, "total_fee" => $reward_money * 100, "attach" => $reward_money];
$data = ["fee_id" => $feeid, "fee_uid" => $feeuid, "fee_cid" => $feecid, "fee_type" => 3, "fee_title" => $arr["body"], "fee_total_price" => $arr["attach"], "fee_pay_type" => "payjs", "fee_check" => "pending", "fee_total_days" => 0, "fee_status" => 0, "fee_remark" => $reward_from, "fee_intime" => date("Y-m-d H:i:s", $time), "fee_cookie" => $feecookie, "fee_ip" => $ip, "fee_refcode" => $for_refcode_cookie, "fee_user_agent" => $userAgent];
$insert = $db->insert("table.tepass_fees")->rows($data);
$insertId = $db->query($insert);
$order = ["mchid" => $conf["payjs_mchid"], "body" => $arr["body"], "out_trade_no" => $arr["out_trade_no"], "total_fee" => $arr["total_fee"], "attach" => $arr["attach"], "callback_url" => $callback_url, "notify_url" => $conf["payjs_notify_url"], "auto" => 1, "hide" => 1];
$payjs = new Payjs($conf["payjs_mchid"], $conf["payjs_mchkey"]);
$cashier_url = $payjs->cashier($order);
$cashier_url_replace = str_replace("&", "%26", $cashier_url);
$cashier_code = $qrcode_api . $cashier_url_replace;
$h5_url = "";
$json = json_encode(["status" => "ok", "type" => "payjs", "userAgent" => $userAgent, "qrcode" => $cashier_code, "qrcode_money" => $arr["attach"], "cashier_url" => $cashier_url, "h5_url" => $h5_url, "feeid" => $feeid]);
echo $json;
exit;
break;
}
$json = json_encode(["status" => "fail"]);
echo $json;
exit;
} else {
echo "pay.php";
}
Function Calls
None |
Stats
MD5 | 5e75081e9990d453ec530b6f5e1256af |
Eval Count | 0 |
Decode Time | 116 ms |