1.微信开放平台创建移动应用,获取appid和商户号,并申请微信支付,商户平台中设置key
2.生成订单信息,调用wxTradePay
$wxpay = new model\Wxpay();
$wxpay_info = $wxpay->wxTradePay($order);
生成微信预支付订单
public function wxTradePay($order)
{
$order['order_amount'] = $order['order_amount'] * 100;//接口中参数支付金额单位为【分】,参数值不能带小数。对账单中的交易金额单位为【元】。
$nonce_str = $this->rand_code(); //调用随机字符串生成方法获取随机字符串
$data['appid'] ='appid';
$data['attach'] = $order['log_id'].'-'.$order['order_amount']; //自定义数据
$data['mch_id'] = '商户号' ;
$data['body'] = $order['order_sn']; //商品描述
$data['spbill_create_ip'] = $_SERVER['REMOTE_ADDR']; //ip地址
$data['total_fee'] = $order['order_amount']; //总金额,单位为【分】
$data['out_trade_no'] = $out_trade_no; //商户订单号,不能重复
$data['nonce_str'] = $this->rand_code(); //随机字符串
$data['notify_url'] = '回调地址'; //回调地址,用户接收支付后的通知,必须为能直接访问的网址,不能跟参数
$data['trade_type'] = 'APP'; //支付方式
//将参与签名的数据保存到数组 注意:以上几个参数是追加到$data中的,$data中应该同时包含开发文档中要求必填的剔除sign以外的所有数据
$data['sign'] = $this->getSign($data); //获取签名
$xml = $this->ToXml($data); //数组转xml
//curl 传递给微信方
$url = "https://api.mch.weixin.qq.com/pay/unifiedorder";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, $url);
if(stripos($url,"https://")!==FALSE){
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
} else {
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,TRUE);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,2);//严格校验
}
//设置header
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
//要求结果为字符串且输出到屏幕上
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
//设置超时
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, TRUE);
//传输文件
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
//运行curl
$data = curl_exec($ch);
$ssr = array();
//返回结果
if($data){
curl_close($ch);
//返回成功,将xml数据转换为数组.
$re = $this->FromXml($data);
//print_r($re);die;
if($re['return_code'] != 'SUCCESS'){
$ssr['code'] = 201;
$ssr['msg'] = '签名失败';
return $ssr;
}
else{
//接收微信返回的数据,传给APP!
$arr =array(
'prepayid' =>$re['prepay_id'],
'appid' => 'appud',
'partnerid' => '商户号',
'package' => 'Sign=WXPay',
'noncestr' => $nonce_str,
'timestamp' =>time(),
);
//第二次生成签名
$sign = $this->getSign($arr);
$arr['sign'] = $sign;
$arr['code'] = 200;
$arr['msg'] = '签名成功';
return $arr;
}
} else {
$error = curl_errno($ch);
curl_close($ch);
$ssr['code'] = 201;
$ssr['msg'] = 'curl出错,错误码:$error';
return $ssr;
}
}
随机字符串
public function rand_code()
{
$str = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';//62个字符
$str = str_shuffle($str);
$str = substr($str,0,32);
return $str;
}
生成签名
public function getSign($params)
{
ksort($params); //将参数数组按照参数名ASCII码从小到大排序
foreach ($params as $key => $item) {
if (!empty($item)) { //剔除参数值为空的参数
$newArr[] = $key.'='.$item; // 整合新的参数数组
}
}
$stringA = implode("&", $newArr); //使用 & 符号连接参数
$stringSignTemp = $stringA."&key="."key"; // key是在商户平台API安全里自己设置的
$stringSignTemp = MD5($stringSignTemp); //将字符串进行MD5加密
$sign = strtoupper($stringSignTemp); //将所有字符转换为大写
return $sign;
}
xml处理
public function ToXml($data=array())
{
if(!is_array($data) || count($data) <= 0)
{
return '数组异常';
}
$xml = "<xml>";
foreach ($data as $key=>$val)
{
if (is_numeric($val)){
$xml.="<".$key.">".$val."</".$key.">";
}else{
$xml.="<".$key."><![CDATA[".$val."]]></".$key.">";
}
}
$xml.="</xml>";
return $xml;
}
public function FromXml($xml)
{
if(!$xml){
echo "xml数据异常!";
}
//将XML转为array
//禁止引用外部xml实体
libxml_disable_entity_loader(true);
$data = json_decode(json_encode(simplexml_load_string($xml, 'SimpleXMLElement', LIBXML_NOCDATA)), true);
return $data;
}
这样就生成了微信预支付信息,正确的信息应该是这样,data里的pay_info就是客户端调起微信app支付需要的信息
{
"code": 200,
"msg": "待支付",
"data": {
"order_id": 1432,
"pay_info": {
"prepayid": "x'x'x'x'x",
"appid": "x'x'x'x'x",
"partnerid": "x'x'x'x",
"package": "Sign=WXPay",
"noncestr": "jdNypx'x'x'x1Q3tSWXGEq7PnDKo",
"timestamp": 1539689298,
"sign": "937FEB782F2F43126",
"code": 200,
"msg": "签名成功"
}
}
}
3.回调
public function wxNotify()
{
$wx = new model\Wxpay();
//接收微信返回的数据数据,返回的xml格式
$xmlData = file_get_contents('php://input');
//将xml格式转换为数组
$data = $wx->FromXml($xmlData);
$arr = array();
//为了防止假数据,验证签名是否和返回的一样。
//记录一下,返回回来的签名,生成签名的时候,必须剔除sign字段。
$sign = $data['sign'];
unset($data['sign']);
if($sign == $wx->getSign($data))
{
//签名验证成功后,判断返回微信返回的
if ($data['result_code'] == 'SUCCESS' && && $data['return_code']=="SUCCESS")
{
//根据返回的订单号做业务逻辑
$flow = new model\Flow();
$flow->order_paid($data['out_trade_no'],$data['transaction_id']);
//处理完成之后,告诉微信成功结果!
echo '<xml>
<return_code><![CDATA[SUCCESS]]></return_code>
<return_msg><![CDATA[OK]]></return_msg>
</xml>';
exit();
}
else
{
$file = fopen('./log.txt', 'a+');
fwrite($file,"错误信息:".$data['return_msg'].date("Y-m-d H:i:s"),time()."\r\n");
}
}
else
{
$file = fopen('./log.txt', 'a+');
fwrite($file,"错误信息:签名验证失败".date("Y-m-d H:i:s"),time()."\r\n");
}
}
到这里,微信APP支付结束,大致流程就是这样,可根据自己业务流程编写。
参考文档
微信支付统一下单 https://pay.weixin.qq.com/wiki/doc/api/app/app.php?chapter=9_1