function respond() { $result = false; $originData = $_POST["MSG"]; $xmlData = base64_decode($originData); $retCodStartStr = "<ReturnCode>"; $retCodEndStr = "</ReturnCode>"; $retCodStartPos = strpos($xmlData,$retCodStartStr); $retCodEndPos = strpos($xmlData,$retCodEndStr); $retCode = substr($xmlData,$retCodStartPos+strlen("<ReturnCode>"),$retCodEndPos-$retCodStartPos-strlen("<ReturnCode>"));//注意不可使用$ReturnCode,否则会什么都不显示,可能是保留字 $errMesStartStr = "<ErrorMessage>"; $errMesEndStr = "</ErrorMessage>"; $errMesStartPos = strpos($xmlData,$errMesStartStr); $errMesEndPos = strpos($xmlData,$errMesEndStr); $ErrorMessage = substr($xmlData,$errMesStartPos+strlen("<ErrorMessage>"),$errMesEndPos-$errMesStartPos-strlen("<ErrorMessage>")); $sigStartStr = "<Signature>"; $sigEndStr = "</Signature>"; $sigStartPos = strpos($xmlData,$sigStartStr); $sigEndPos = strpos($xmlData,$sigEndStr); $signature = substr($xmlData,$sigStartPos+strlen("<Signature>"),$sigEndPos-$sigStartPos-strlen("<Signature>")); $mesStartStr = "<Message>"; $mesEndStr = "</Message>"; $mesStartPos = strpos($xmlData,$mesStartStr); $mesEndPos = strpos($xmlData,$mesEndStr); $message = substr($xmlData,$mesStartPos+strlen("<Message>"),$mesEndPos-$mesStartPos-strlen("<Message>")); //验证签名有效性 $data = $message; $fp = fopen(ROOT_PATH."MainServer.0001.pem", "r"); $pub_key = fread($fp, 8192); $pubkeyid = openssl_get_publickey($pub_key); $sig=base64_decode($signature); if(openssl_verify($data,$sig,$pubkeyid)==1) { if($retCode=="0000") { //订单号 $OrderNoStartStr = "<OrderNo>"; $OrderNoEndStr = "</OrderNo>"; $OrderNoStartPos = strpos($xmlData,$OrderNoStartStr); $OrderNoEndPos = strpos($xmlData,$OrderNoEndStr); $OrderNo = substr($xmlData,$OrderNoStartPos+strlen("<OrderNo>"),$OrderNoEndPos-$OrderNoStartPos-strlen("<OrderNo>")); //订单金额 $AmountStartStr = "<Amount>"; $AmountEndStr = "</Amount>"; $AmountStartPos = strpos($xmlData,$AmountStartStr); $AmountEndPos = strpos($xmlData,$AmountEndStr); $Amount = substr($xmlData,$AmountStartPos+strlen("<Amount>"),$AmountEndPos-$AmountStartPos-strlen("<Amount>")); //批次号 $BatchNoStartStr = "<BatchNo>"; $BatchNoEndStr = "</BatchNo>"; $BatchNoStartPos = strpos($xmlData,$BatchNoStartStr); $BatchNoEndPos = strpos($xmlData,$BatchNoEndStr); $BatchNo = substr($xmlData,$BatchNoStartPos+strlen("<BatchNo>"),$BatchNoEndPos-$BatchNoStartPos-strlen("<BatchNo>")); //传票号 $VoucherNoStartStr = "<VoucherNo>"; $VoucherNoEndStr = "</VoucherNo>"; $VoucherNoStartPos = strpos($xmlData,$VoucherNoStartStr); $VoucherNoEndPos = strpos($xmlData,$VoucherNoEndStr); $VoucherNo = substr($xmlData,$VoucherNoStartPos+strlen("<VoucherNo>"),$VoucherNoEndPos-$VoucherNoStartPos-strlen("<VoucherNo>")); //会计日期 $HostDateStartStr = "<HostDate>"; $HostDateEndStr = "</HostDate>"; $HostDateStartPos = strpos($xmlData,$HostDateStartStr); $HostDateEndPos = strpos($xmlData,$HostDateEndStr); $HostDate = substr($xmlData,$HostDateStartPos+strlen("<HostDate>"),$HostDateEndPos-$HostDateStartPos-strlen("<HostDate>")); //会计时间 $HostTimeStartStr = "<HostTime>"; $HostTimeEndStr = "</HostTime>"; $HostTimeStartPos = strpos($xmlData,$HostTimeStartStr); $HostTimeEndPos = strpos($xmlData,$HostTimeEndStr); $HostTime = substr($xmlData,$HostTimeStartPos+strlen("<HostTime>"),$HostTimeEndPos-$HostTimeStartPos-strlen("<HostTime>")); //备注 $MerchantRemarksStartStr = "<MerchantRemarks>"; $MerchantRemarksEndStr = "</MerchantRemarks>"; $MerchantRemarksStartPos = strpos($xmlData,$MerchantRemarksStartStr); $MerchantRemarksEndPos = strpos($xmlData,$MerchantRemarksEndStr); $MerchantRemarks = substr($xmlData,$MerchantRemarksStartPos+strlen("<MerchantRemarks>"),$MerchantRemarksEndPos-$MerchantRemarksStartPos-strlen("<MerchantRemarks>")); //支付方式 $PayTypeStartStr = "<PayType>"; $PayTypeEndStr = "</PayType>"; $PayTypeStartPos = strpos($xmlData,$PayTypeStartStr); $PayTypeEndPos = strpos($xmlData,$PayTypeEndStr); $PayType = substr($xmlData,$PayTypeStartPos+strlen("<PayType>"),$PayTypeEndPos-$PayTypeStartPos-strlen("<PayType>")); //通知方式 $NotifyTypeStartStr = "<NotifyType>"; $NotifyTypeEndStr = "</NotifyType>"; $NotifyTypeStartPos = strpos($xmlData,$NotifyTypeStartStr); $NotifyTypeEndPos = strpos($xmlData,$NotifyTypeEndStr); $NotifyType = substr($xmlData,$NotifyTypeStartPos+strlen("<NotifyType>"),$NotifyTypeEndPos-$NotifyTypeStartPos-strlen("<NotifyType>")); //todo:商户更新相关数据库操作 $order_sn = $OrderNo; if(substr($order_sn,0,4)=="0000"){ $order_id = get_order_id_by_sn($order_sn,true); order_paid($order_id); } else{ $order_id = get_order_id_by_sn($order_sn); order_paid($order_id); } $result = true; file_put_contents("abcbank.txt","支付成功1",FILE_APPEND); } else { file_put_contents("abcbank.txt","错误码:".$retCode."错误信息:".$ErrorMessage,FILE_APPEND); } } else { file_put_contents("abcbank.txt","签名验证失败,该通知内容不可信",FILE_APPEND); } // free the key from memory openssl_free_key($pubkeyid); return $result; }