[转载]农行 | PHPSIR.COM 技术博客.
function respond()
{
$result = false;
$originData = $_POST["MSG"];
$xmlData = base64_decode($originData);
$retCodStartStr = "<ReturnCode>";
$retCodEndStr = "</ReturnCode>";
$retCodStartPos = strpos($xmlData,$retCodStartStr);
$retCodEndPos = strpos($xmlData,$retCodEndStr);
$retCode = substr($xmlData,$retCodStartPos+strlen("<ReturnCode>"),$retCodEndPos-$retCodStartPos-strlen("<ReturnCode>"));//注意不可使用$ReturnCode,否则会什么都不显示,可能是保留字
$errMesStartStr = "<ErrorMessage>";
$errMesEndStr = "</ErrorMessage>";
$errMesStartPos = strpos($xmlData,$errMesStartStr);
$errMesEndPos = strpos($xmlData,$errMesEndStr);
$ErrorMessage = substr($xmlData,$errMesStartPos+strlen("<ErrorMessage>"),$errMesEndPos-$errMesStartPos-strlen("<ErrorMessage>"));
$sigStartStr = "<Signature>";
$sigEndStr = "</Signature>";
$sigStartPos = strpos($xmlData,$sigStartStr);
$sigEndPos = strpos($xmlData,$sigEndStr);
$signature = substr($xmlData,$sigStartPos+strlen("<Signature>"),$sigEndPos-$sigStartPos-strlen("<Signature>"));
$mesStartStr = "<Message>";
$mesEndStr = "</Message>";
$mesStartPos = strpos($xmlData,$mesStartStr);
$mesEndPos = strpos($xmlData,$mesEndStr);
$message = substr($xmlData,$mesStartPos+strlen("<Message>"),$mesEndPos-$mesStartPos-strlen("<Message>"));
//验证签名有效性
$data = $message;
$fp = fopen(ROOT_PATH."MainServer.0001.pem", "r");
$pub_key = fread($fp, 8192);
$pubkeyid = openssl_get_publickey($pub_key);
$sig=base64_decode($signature);
if(openssl_verify($data,$sig,$pubkeyid)==1)
{
if($retCode=="0000")
{
//订单号
$OrderNoStartStr = "<OrderNo>";
$OrderNoEndStr = "</OrderNo>";
$OrderNoStartPos = strpos($xmlData,$OrderNoStartStr);
$OrderNoEndPos = strpos($xmlData,$OrderNoEndStr);
$OrderNo = substr($xmlData,$OrderNoStartPos+strlen("<OrderNo>"),$OrderNoEndPos-$OrderNoStartPos-strlen("<OrderNo>"));
//订单金额
$AmountStartStr = "<Amount>";
$AmountEndStr = "</Amount>";
$AmountStartPos = strpos($xmlData,$AmountStartStr);
$AmountEndPos = strpos($xmlData,$AmountEndStr);
$Amount = substr($xmlData,$AmountStartPos+strlen("<Amount>"),$AmountEndPos-$AmountStartPos-strlen("<Amount>"));
//批次号
$BatchNoStartStr = "<BatchNo>";
$BatchNoEndStr = "</BatchNo>";
$BatchNoStartPos = strpos($xmlData,$BatchNoStartStr);
$BatchNoEndPos = strpos($xmlData,$BatchNoEndStr);
$BatchNo = substr($xmlData,$BatchNoStartPos+strlen("<BatchNo>"),$BatchNoEndPos-$BatchNoStartPos-strlen("<BatchNo>"));
//传票号
$VoucherNoStartStr = "<VoucherNo>";
$VoucherNoEndStr = "</VoucherNo>";
$VoucherNoStartPos = strpos($xmlData,$VoucherNoStartStr);
$VoucherNoEndPos = strpos($xmlData,$VoucherNoEndStr);
$VoucherNo = substr($xmlData,$VoucherNoStartPos+strlen("<VoucherNo>"),$VoucherNoEndPos-$VoucherNoStartPos-strlen("<VoucherNo>"));
//会计日期
$HostDateStartStr = "<HostDate>";
$HostDateEndStr = "</HostDate>";
$HostDateStartPos = strpos($xmlData,$HostDateStartStr);
$HostDateEndPos = strpos($xmlData,$HostDateEndStr);
$HostDate = substr($xmlData,$HostDateStartPos+strlen("<HostDate>"),$HostDateEndPos-$HostDateStartPos-strlen("<HostDate>"));
//会计时间
$HostTimeStartStr = "<HostTime>";
$HostTimeEndStr = "</HostTime>";
$HostTimeStartPos = strpos($xmlData,$HostTimeStartStr);
$HostTimeEndPos = strpos($xmlData,$HostTimeEndStr);
$HostTime = substr($xmlData,$HostTimeStartPos+strlen("<HostTime>"),$HostTimeEndPos-$HostTimeStartPos-strlen("<HostTime>"));
//备注
$MerchantRemarksStartStr = "<MerchantRemarks>";
$MerchantRemarksEndStr = "</MerchantRemarks>";
$MerchantRemarksStartPos = strpos($xmlData,$MerchantRemarksStartStr);
$MerchantRemarksEndPos = strpos($xmlData,$MerchantRemarksEndStr);
$MerchantRemarks = substr($xmlData,$MerchantRemarksStartPos+strlen("<MerchantRemarks>"),$MerchantRemarksEndPos-$MerchantRemarksStartPos-strlen("<MerchantRemarks>"));
//支付方式
$PayTypeStartStr = "<PayType>";
$PayTypeEndStr = "</PayType>";
$PayTypeStartPos = strpos($xmlData,$PayTypeStartStr);
$PayTypeEndPos = strpos($xmlData,$PayTypeEndStr);
$PayType = substr($xmlData,$PayTypeStartPos+strlen("<PayType>"),$PayTypeEndPos-$PayTypeStartPos-strlen("<PayType>"));
//通知方式
$NotifyTypeStartStr = "<NotifyType>";
$NotifyTypeEndStr = "</NotifyType>";
$NotifyTypeStartPos = strpos($xmlData,$NotifyTypeStartStr);
$NotifyTypeEndPos = strpos($xmlData,$NotifyTypeEndStr);
$NotifyType = substr($xmlData,$NotifyTypeStartPos+strlen("<NotifyType>"),$NotifyTypeEndPos-$NotifyTypeStartPos-strlen("<NotifyType>"));
//todo:商户更新相关数据库操作
$order_sn = $OrderNo;
if(substr($order_sn,0,4)=="0000"){
$order_id = get_order_id_by_sn($order_sn,true);
order_paid($order_id);
}
else{
$order_id = get_order_id_by_sn($order_sn);
order_paid($order_id);
}
$result = true;
file_put_contents("abcbank.txt","支付成功1",FILE_APPEND);
}
else
{
file_put_contents("abcbank.txt","错误码:".$retCode."错误信息:".$ErrorMessage,FILE_APPEND);
}
}
else
{
file_put_contents("abcbank.txt","签名验证失败,该通知内容不可信",FILE_APPEND);
}
// free the key from memory
openssl_free_key($pubkeyid);
return $result;
}