<?php
|
include_once '/Common/CommFunc.php';
|
include_once '/Common/Logging.php';
|
include_once "/ProjComm/CfgReader.php";
|
|
header("Content-type: text/html; charset=utf-8");
|
|
// https://developer.shg.vn/article/view?id=87&lang=ch
|
|
\Logging\CreateLogging("sohagame.payment.php");
|
\Logging\LogInfo("_POST: " . print_r($_POST, true));
|
|
$result = array('status' => 'failed', 'message' => '', 'repeat' => 0, 'request' => $_REQUEST);
|
|
$signed_request = $_POST['signed_request'];
|
if ($signed_request == '') {
|
$result['message'] = "signed_request empty";
|
echo json_encode($result);
|
exit;
|
}
|
|
$spid = "sohagame";
|
if ($_POST["spid"]) {
|
// 可选参数,也可用于测试用
|
$spid = $_POST["spid"];
|
}
|
|
\CommFunc\GetKeyFromConfig(dirname(__FILE__) . '\\..\\..\\InterfaceConfig.php', "SP." . $spid, "app_secret", $app_secret);
|
$redata = parse_signed_request($signed_request, $app_secret);
|
if ($redata) { //verify ok
|
\Logging\LogInfo("redata: " . print_r($redata, true));
|
// detail $re:
|
|
//user_id: id of user platform
|
//app_id: app_id of user platform
|
//order_id: id of order (unix)(note : order_id is unix,game must check before add money in game for ensure one order_id add one time only)
|
//order_info: code of package
|
//role_id: code of character
|
//area_id: code of server
|
//time: time call
|
|
//handle add money game to account here
|
$returnArr = send_to_gameserver_exchange($spid, $redata);
|
\Logging\LogInfo("returnArr: " . print_r($returnArr, true));
|
|
//if order_id has added before then no add more and set $result = array('status' => 'settled','message'=>'success','repeat'=>1);
|
|
//if add money game success then
|
// $result = array('status' => 'settled', 'message' => 'success', 'repeat' => 0, 'request' => $_REQUEST);
|
|
//else add money game error then
|
//$result = array('status' => 'failed','message'=>'');
|
// message : reason fail
|
//if fail platform's server will try call again after if fail too then rollback money of platform and notice to user
|
|
switch ($returnArr["errorcode"]) {
|
case 1:
|
$result['status'] = "settled";
|
$result['message'] = "success";
|
$result['repeat'] = 0;
|
break;
|
case 2:
|
$result['status'] = "settled";
|
$result['message'] = "success";
|
$result['repeat'] = 1;
|
break;
|
default:
|
$result['status'] = "failed";
|
$result['message'] = $returnArr["errordesc"];
|
break;
|
}
|
} else {
|
$result['message'] = "verify incorrect";
|
}
|
\Logging\LogInfo("result: " . print_r($result, true));
|
echo json_encode($result);
|
exit;
|
|
function send_to_gameserver_exchange($spid, $redata)
|
{
|
$returnArr = array("errorcode" => 0, "errordesc" => "fail");
|
$area_id = $redata["area_id"];
|
$serverIDArray = array(intval($area_id));
|
$serverPageInfo = \CommFunc\GetGameServerPageInfo($spid, $serverIDArray);
|
if (count($serverPageInfo) <= 0) {
|
$returnArr["errordesc"] = "not serverPageInfo";
|
return $returnArr;
|
}
|
|
// 目标角色对应游戏服务器gmtool地址
|
$serverPageValues = array_values($serverPageInfo);
|
|
$pageUrl = $serverPageValues[0]["Page"];
|
if (!$pageUrl) {
|
$returnArr["errordesc"] = "not page url";
|
return $returnArr;
|
}
|
|
$appID = $redata["app_id"];
|
|
if (!\CfgReader\ReadConfig()) {
|
$returnArr["errordesc"] = "cfgreader error";
|
return $returnArr;
|
}
|
|
if (
|
!\CfgReader\GetConfigData("ExChange", "Key_" . $appID, $strKey) ||
|
!\CfgReader\GetConfigData("Config", "IsDecryptKey", $isDecryptKey)
|
) {
|
$returnArr["errordesc"] = "not exChange appid key";
|
return $returnArr;
|
}
|
|
//如果配置了需要解密,对登录key进行解密
|
if ($isDecryptKey == 1) {
|
$strKey = \CommFunc\GetDecodePsw($strKey);
|
}
|
|
\Logging\LogInfo("strKey: " . $strKey);
|
|
$postUrl = str_replace("Server/Tool.php", "api/exchange/index.php", $pageUrl);
|
\Logging\LogInfo("postUrl: " . $postUrl);
|
|
$payData = array(
|
"AccountID" => $redata["user_id"],
|
"RegionName" => "s" . $area_id,
|
"OrderAmount" => 0, // 越南版没有传订单金额
|
"BillNO" => $redata["order_id"],
|
"OrderInfo" => $redata["order_info"],
|
"OperatorID" => $appID,
|
);
|
|
$opqid = $payData['AccountID'];
|
$orderID = $payData["BillNO"];
|
$orderAmount = $payData['OrderAmount'];
|
$getServer_id = $payData['RegionName'];
|
$sign = md5($opqid . $orderAmount . $orderID . $getServer_id . $strKey);
|
$payData["Sign"] = $sign;
|
\Logging\LogInfo("payData: " . print_r($payData, true));
|
$payretStr = \CommFunc\DoPost($postUrl, $payData);
|
\Logging\LogInfo("payretStr: " . $payretStr);
|
return json_decode($payretStr, true);
|
}
|
|
function parse_signed_request($signed_request, $secret)
|
{
|
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
|
// decode the data
|
$sig = base64_decode(strtr($encoded_sig, '-_', '+/'));
|
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
|
|
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
|
// error_log('Unknown algorithm. Expected HMAC-SHA256');
|
return false;
|
}
|
// check sig
|
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
|
if ($sig !== $expected_sig) {
|
return false;
|
}
|
return $data;
|
}
|
