人人商城

cash.ctrl.php 13KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363
  1. <?php
  2. /**
  3. * [WeEngine System] Copyright (c) 2014 WE7.CC
  4. * WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.
  5. */
  6. defined('IN_IA') or exit('Access Denied');
  7. load()->model('activity');
  8. load()->model('module');
  9. load()->model('payment');
  10. load()->func('communication');
  11. if ($do == 'check_password') {
  12. $password = safe_gpc_string($_GPC['password']);
  13. $user_info = mc_fetch($_W['member']['uid']);
  14. $password = md5($password . $user_info['salt']);
  15. if ($password == $user_info['pay_password']) {
  16. message(0, '', 'ajax');
  17. } else {
  18. message(1, '', 'ajax');
  19. }
  20. }
  21. $moduels = uni_modules();
  22. $params = @json_decode(base64_decode($_GPC['params']), true);
  23. if(empty($params) || !array_key_exists($params['module'], $moduels)) {
  24. message('访问错误.');
  25. }
  26. $setting = uni_setting($_W['uniacid'], 'payment');
  27. if (empty($setting['payment'])) {
  28. message('支付方式错误,请联系商家', '', 'error');
  29. }
  30. foreach ($setting['payment'] as &$value) {
  31. $value['switch'] = $params['module'] == 'recharge' ? $value['recharge_switch'] : $value['pay_switch'];
  32. }
  33. unset($value);
  34. $dos = array();
  35. if(!empty($setting['payment']['credit']['switch'])) {
  36. $dos[] = 'credit';
  37. }
  38. if(!empty($setting['payment']['alipay']['switch'])) {
  39. $dos[] = 'alipay';
  40. }
  41. if(!empty($setting['payment']['wechat']['switch'])) {
  42. $dos[] = 'wechat';
  43. }
  44. if(!empty($setting['payment']['delivery']['switch'])) {
  45. $dos[] = 'delivery';
  46. }
  47. if(!empty($setting['payment']['unionpay']['switch'])) {
  48. $dos[] = 'unionpay';
  49. }
  50. if(!empty($setting['payment']['baifubao']['switch'])) {
  51. $dos[] = 'baifubao';
  52. }
  53. if(!empty($setting['payment']['jueqiymf']['switch'])) {
  54. $dos[] = 'jueqiymf';
  55. }
  56. if(!empty($setting['payment']['mix']['switch'])) {
  57. $dos[] = 'mix';
  58. }
  59. $do = $_GPC['do'];
  60. $type = in_array($do, $dos) ? $do : '';
  61. if(empty($type)) {
  62. message('支付方式错误,请联系商家', '', 'error');
  63. }
  64. if(!empty($type)) {
  65. $log = pdo_get('core_paylog', array('uniacid' => $_W['uniacid'], 'module' => $params['module'], 'tid' => $params['tid']));
  66. if(!empty($log) && ($type != 'credit' && !empty($_GPC['notify'])) && $log['status'] != '0') {
  67. message('这个订单已经支付成功, 不需要重复支付.');
  68. }
  69. $update_card_log = array(
  70. 'is_usecard' => '0',
  71. 'card_type' => '0',
  72. 'card_id' => '0',
  73. 'card_fee' => $log['fee'],
  74. 'type' => $type,
  75. );
  76. pdo_update('core_paylog', $update_card_log, array('plid' => $log['plid']));
  77. $log['is_usecard'] = '0';
  78. $log['card_type'] = '0';
  79. $log['card_id'] = '0';
  80. $log['card_fee'] = $log['fee'];
  81. $moduleid = pdo_fetchcolumn("SELECT mid FROM ".tablename('modules')." WHERE name = :name", array(':name' => $params['module']));
  82. $moduleid = empty($moduleid) ? '000000' : sprintf("%06d", $moduleid);
  83. $record = array();
  84. $record['type'] = $type;
  85. if (empty($log['uniontid'])) {
  86. $record['uniontid'] = $log['uniontid'] = date('YmdHis').$moduleid.random(8,1);
  87. }
  88. if($type != 'delivery') {
  89. if ($_GPC['mix_pay']) {
  90. $setting = uni_setting($_W['uniacid'], array('creditbehaviors'));
  91. $credtis = mc_credit_fetch($_W['member']['uid']);
  92. if ($credtis[$setting['creditbehaviors']['currency']] > 0 && in_array('mix', $dos) && $credtis[$setting['creditbehaviors']['currency']] < $log['card_fee']) {
  93. $mix_credit_log = $log;
  94. unset($mix_credit_log['plid']);
  95. $mix_credit_log['uniontid'] = date('YmdHis') . $moduleid . random(8,1);
  96. $mix_credit_log['type'] = 'credit';
  97. $mix_credit_log['fee'] = $credtis[$setting['creditbehaviors']['currency']];
  98. $mix_credit_log['card_fee'] = $credtis[$setting['creditbehaviors']['currency']];
  99. pdo_update('core_paylog', array('fee' => $log['card_fee'] - $credtis[$setting['creditbehaviors']['currency']], 'card_fee' => $log['card_fee'] - $credtis[$setting['creditbehaviors']['currency']]), array('plid' => $log['plid']));
  100. pdo_insert('core_paylog', $mix_credit_log);
  101. }
  102. }
  103. $we7_coupon_info = module_fetch('we7_coupon');
  104. if (!empty($we7_coupon_info)) {
  105. $coupon_id = intval($_GPC['coupon_id']);
  106. $coupon_info = pdo_get('coupon', array('uniacid' => $_W['uniacid'], 'id' => $coupon_id));
  107. $coupon_info['fee'] = $log['card_fee'];
  108. if (!empty($coupon_info)) {
  109. $extra = iunserializer($coupon_info['extra']);
  110. if($coupon_info['type'] == COUPON_TYPE_DISCOUNT) {
  111. $coupon_info['fee'] = sprintf("%.2f", ($log['fee'] * ($extra['discount'] / 100)));
  112. } elseif ($coupon_info['type'] == COUPON_TYPE_CASH) {
  113. if($log['fee'] >= $extra['least_cost'] * 0.01) {
  114. $coupon_info['fee'] = sprintf("%.2f", ($log['fee'] - $extra['reduce_cost'] / 100));
  115. }
  116. }
  117. if (!empty($_GPC['code']) && !empty($_GPC['coupon_id'])) {
  118. $record['is_usecard'] = 1;
  119. $record['card_fee'] = $coupon_info['fee'];
  120. $record['encrypt_code'] = trim($_GPC['code']);
  121. activity_coupon_type_init();
  122. if (COUPON_TYPE == WECHAT_COUPON) {
  123. $record['card_type'] = 1;
  124. $record['card_id'] = $coupon_info['id'];
  125. } else {
  126. $record['card_type'] = 2;
  127. $record['card_id'] = $coupon_info['id'];
  128. }
  129. }
  130. }
  131. }
  132. }
  133. if (empty($log)) {
  134. message('系统支付错误, 请稍后重试.');
  135. } else {
  136. pdo_update('core_paylog', $record, array('plid' => $log['plid']));
  137. if (!empty($log['uniontid']) && $record['card_fee']) {
  138. $log['card_fee'] = $record['card_fee'];
  139. $log['card_id'] = $record['card_id'];
  140. $log['card_type'] = $record['card_type'];
  141. $log['is_usecard'] = $record['is_usecard'];
  142. }
  143. }
  144. $ps = array(
  145. 'tid' => $log['plid'],
  146. 'uniontid' => $log['uniontid'],
  147. 'user' => $_W['openid'],
  148. 'fee' => $log['card_fee'],
  149. 'title' => $params['title'],
  150. );
  151. if ($type == 'alipay') {
  152. if (!empty($log['plid'])) {
  153. pdo_update('core_paylog', array('openid' => $_W['member']['uid']), array('plid' => $log['plid']));
  154. }
  155. $ret = alipay_build($ps, $setting['payment']['alipay']);
  156. if($ret['url']) {
  157. echo '<script type="text/javascript" src="../payment/alipay/ap.js"></script><script type="text/javascript">_AP.pay("'.$ret['url'].'")</script>';
  158. exit();
  159. }
  160. }
  161. if ($type == 'wechat') {
  162. if(!empty($log['plid'])) {
  163. $tag = array();
  164. $tag['acid'] = $_W['acid'];
  165. $tag['uid'] = $_W['member']['uid'];
  166. pdo_update('core_paylog', array('openid' => $_W['openid'], 'tag' => iserializer($tag)), array('plid' => $log['plid']));
  167. }
  168. $ps['title'] = urlencode($params['title']);
  169. $sl = base64_encode(json_encode($ps));
  170. $auth = sha1($sl . $_W['uniacid'] . $_W['config']['setting']['authkey']);
  171. $oauth_url = uni_account_oauth_host();
  172. if (!empty($oauth_url)) {
  173. $callback = $oauth_url . "payment/wechat/pay.php?i={$_W['uniacid']}&auth={$auth}&ps={$sl}";
  174. }
  175. $proxy_pay_account = payment_proxy_pay_account();
  176. if (!is_error($proxy_pay_account)) {
  177. $forward = $proxy_pay_account->getOauthCodeUrl(urlencode($callback), 'we7sid-'.$_W['session_id']);
  178. header('Location: ' . $forward);
  179. exit;
  180. }
  181. header("Location: $callback");
  182. exit();
  183. }
  184. if ($type == 'jueqiymf') {
  185. $sl = base64_encode(json_encode($ps));
  186. $auth = sha1($sl . $_W['uniacid'] . $_W['config']['setting']['authkey']);
  187. header("location: ../payment/jueqiymf/pay.php?i={$_W['uniacid']}&auth={$auth}&ps={$sl}");
  188. exit();
  189. }
  190. if($type == 'credit') {
  191. $we7_coupon_info = module_fetch('we7_coupon');
  192. $setting = uni_setting($_W['uniacid'], array('creditbehaviors'));
  193. $credtis = mc_credit_fetch($_W['member']['uid']);
  194. $sql = 'SELECT * FROM ' . tablename('core_paylog') . ' WHERE `plid`=:plid';
  195. $pars = array();
  196. $pars[':plid'] = $ps['tid'];
  197. $log = pdo_fetch($sql, $pars);
  198. if($log['module'] == 'recharge') {
  199. message('不能使用余额支付', referer(), 'error');
  200. }
  201. if (!is_numeric($log['openid'])) {
  202. $uid = mc_openid2uid($log['openid']);
  203. if (empty($uid)) {
  204. $fans_info = mc_init_fans_info($log['openid']);
  205. $uid = $fans_info['uid'];
  206. }
  207. $log['openid'] = $uid;
  208. }
  209. if(empty($_GPC['notify'])) {
  210. if(!empty($log) && $log['status'] == '0') {
  211. if($credtis[$setting['creditbehaviors']['currency']] < $ps['fee']) {
  212. message("余额不足以支付, 需要 {$ps['fee']}, 当前 {$credtis[$setting['creditbehaviors']['currency']]}");
  213. }
  214. if (!empty($we7_coupon_info) && $log['is_usecard'] == 1 && !empty($log['encrypt_code'])) {
  215. $coupon_info = pdo_get('coupon', array('id' => $log['card_id']), array('id'));
  216. $coupon_record = pdo_get('coupon_record', array('couponid' => $log['card_id'], 'openid' => $_W['openid'], 'code' => $log['encrypt_code'], 'status' => '1'));
  217. $status = activity_coupon_use($coupon_info['id'], $coupon_record['id'], $params['module']);
  218. }
  219. $fee = floatval($ps['fee']);
  220. if (!empty($we7_coupon_info)) {
  221. load()->model('mc');
  222. $store_id = 0;
  223. if ($log['module'] == 'we7_coupon') {
  224. $paycenter_order = pdo_get('paycenter_order', array('id' => $log['tid']), array('store_id'));
  225. $store_id = $paycenter_order['store_id'];
  226. }
  227. $is_grant_credit = mc_card_grant_credit($log['openid'], $fee, $store_id, $log['module']);
  228. $result = mc_credit_update($log['openid'], 'credit2', -$fee, array(0, $tip, $log['module'], 0, $store_id, 3));
  229. } else {
  230. $result = mc_credit_update($_W['member']['uid'], $setting['creditbehaviors']['currency'], -$fee, array($_W['member']['uid'], '消费' . $setting['creditbehaviors']['currency'] . ':' . $fee));
  231. }
  232. if (is_error($result)) {
  233. message($result['message'], '', 'error');
  234. }
  235. pdo_update('core_paylog', array('status' => '1'), array('plid' => $log['plid']));
  236. if (!empty($_W['openid'])) {
  237. if (is_error($is_grant_credit)) {
  238. $grant_credit_nums = 0;
  239. } else {
  240. $grant_credit_nums = $is_grant_credit['message'];
  241. }
  242. mc_notice_credit2($_W['openid'], $_W['member']['uid'], $fee, $grant_credit_nums, '线上消费');
  243. }
  244. $site = WeUtility::createModuleSite($log['module']);
  245. if(!is_error($site)) {
  246. $site->weid = $_W['weid'];
  247. $site->uniacid = $_W['uniacid'];
  248. $site->inMobile = true;
  249. $method = 'payResult';
  250. if (method_exists($site, $method)) {
  251. $ret = array();
  252. $ret['result'] = 'success';
  253. $ret['type'] = $log['type'];
  254. $ret['from'] = 'return';
  255. $ret['tid'] = $log['tid'];
  256. $ret['user'] = $log['openid'];
  257. $ret['fee'] = $log['fee'];
  258. $ret['weid'] = $log['weid'];
  259. $ret['uniacid'] = $log['uniacid'];
  260. $ret['acid'] = $log['acid'];
  261. $ret['is_usecard'] = $log['is_usecard'];
  262. $ret['card_type'] = $log['card_type']; $ret['card_fee'] = $log['card_fee'];
  263. $ret['card_id'] = $log['card_id'];
  264. echo '<iframe style="display:none;" src="'.murl('mc/cash/credit', array('notify' => 'yes', 'params' => $_GPC['params'], 'code' => $_GPC['code'], 'coupon_id' => $_GPC['coupon_id']), true, true).'"></iframe>';
  265. $site->$method($ret);
  266. }
  267. }
  268. }
  269. } else {
  270. $site = WeUtility::createModuleSite($log['module']);
  271. if(!is_error($site)) {
  272. $site->weid = $_W['weid'];
  273. $site->uniacid = $_W['uniacid'];
  274. $site->inMobile = true;
  275. $method = 'payResult';
  276. if (method_exists($site, $method)) {
  277. $ret = array();
  278. $ret['result'] = 'success';
  279. $ret['type'] = $log['type'];
  280. $ret['from'] = 'notify';
  281. $ret['tid'] = $log['tid'];
  282. $ret['user'] = $log['openid'];
  283. $ret['fee'] = $log['fee'];
  284. $ret['weid'] = $log['weid'];
  285. $ret['uniacid'] = $log['uniacid'];
  286. $ret['acid'] = $log['acid'];
  287. $ret['is_usecard'] = $log['is_usecard'];
  288. $ret['card_type'] = $log['card_type']; $ret['card_fee'] = $log['card_fee'];
  289. $ret['card_id'] = $log['card_id'];
  290. $site->$method($ret);
  291. }
  292. }
  293. }
  294. }
  295. if ($type == 'delivery') {
  296. $we7_coupon_info = module_fetch('we7_coupon');
  297. $sql = 'SELECT * FROM ' . tablename('core_paylog') . ' WHERE `plid`=:plid';
  298. $pars = array();
  299. $pars[':plid'] = $ps['tid'];
  300. $log = pdo_fetch($sql, $pars);
  301. if(!empty($log) && $log['status'] == '0') {
  302. if (!empty($we7_coupon_info) && $log['is_usecard'] == 1) {
  303. $coupon_info = pdo_get('coupon', array('id' => $log['card_id']), array('id'));
  304. $coupon_record = pdo_get('coupon_record', array('couponid' => $log['card_id'], 'openid' => $_W['openid'], 'code' => $log['encrypt_code'], 'status' => '1'));
  305. $status = activity_coupon_use($coupon_info['id'], $coupon_record['id'], $params['module']);
  306. if (is_error($status)) {
  307. message($status['message']);
  308. }
  309. }
  310. $site = WeUtility::createModuleSite($log['module']);
  311. if(!is_error($site)) {
  312. $site->weid = $_W['weid'];
  313. $site->uniacid = $_W['uniacid'];
  314. $site->inMobile = true;
  315. $method = 'payResult';
  316. if (method_exists($site, $method)) {
  317. $ret = array();
  318. $ret['result'] = 'failed';
  319. $ret['type'] = $log['type'];
  320. $ret['from'] = 'return';
  321. $ret['tid'] = $log['tid'];
  322. $ret['user'] = $log['openid'];
  323. $ret['fee'] = $log['fee']; $ret['weid'] = $log['weid'];
  324. $ret['uniacid'] = $log['uniacid'];
  325. $ret['is_usecard'] = $log['is_usecard'];
  326. $ret['card_type'] = $log['card_type']; $ret['card_fee'] = $log['card_fee'];
  327. $ret['card_id'] = $log['card_id'];
  328. exit($site->$method($ret));
  329. }
  330. }
  331. }
  332. }
  333. if ($type == 'unionpay') {
  334. $sl = base64_encode(json_encode($ps));
  335. $auth = sha1($sl . $_W['uniacid'] . $_W['config']['setting']['authkey']);
  336. header("location: ../payment/unionpay/pay.php?i={$_W['uniacid']}&auth={$auth}&ps={$sl}");
  337. exit();
  338. }
  339. if ($type == 'baifubao') {
  340. $sl = base64_encode(json_encode($ps));
  341. $auth = sha1($sl . $_W['uniacid'] . $_W['config']['setting']['authkey']);
  342. header("location: ../payment/baifubao/pay.php?i={$_W['uniacid']}&auth={$auth}&ps={$sl}");
  343. exit();
  344. }
  345. }