微信公众号支付使用的是JSAPI支付,后端调用微信支付demo中统一下单的接口获取支付参数返回给前端,在公众号中直接调起微信js,通过getParameters方法发起支付,显示输入密码的输入框,支付成功后根据返回信息跳转页面。微信支付还有许多配置需要在微信公众平台和微信支付平台进行配置
1.微信支付平台中把需要的支付功能开通
2.支付授权目录
3.JS接口安全域名配置
如果需要做退款功能,还需要下载证书,最好三种证书都下载下来。
后端语言使用的PHP开发,框架是CI框架。
用户进入到商品详情中点击购买时,拿到商品的信息去调用微信的统一下单接口,获取前端JS调用参数:
/**
* 统一下单 -- h5支付 和 jsapi支付
* @param $unifiedOrderParams
* @param $payParams
* @return array
*/
function unifiedOrder($unifiedOrderParams, &$payParams)
{
// 1.准备下单参数
$params = array(
'body' => $unifiedOrderParams['name'],
'out_trade_no' => $unifiedOrderParams['order_code'],
'total_fee' => $unifiedOrderParams['pay_amount'] * 100,
'spbill_create_ip'=> $this->get_client_ip(),
'notify_url'=> '你的支付回调地址', // 外网可以直接访问到的
'trade_type'=> 'JSAPI',
'openid' => $unifiedOrderParams['openid']
);
// 2.开始下单
$data = array();
$data['appid'] = $this->m_common->getWxParameter(WX_PUBLIC_APPID); // 公众账号ID
$data["mch_id"] = $this->m_common->getWxParameter(WX_PAY_MERCHANT_ID); // 商户号
$data["apikey"] = $this->m_common->getWxParameter(WX_PAY_SECRET); // 支付秘钥
$this->load->library("wechatpay", $data);
$result = $this->wechatpay->unifiedOrder($params); // 统一下单
// 3.返回前端调用jsapi的所需参数 (还需要处理)
if($result['return_code'] != 'SUCCESS' || $result['return_msg'] != 'OK' || $result['result_code'] != 'SUCCESS')
{
return ERROR_ORDER_PAY_FAIL;
}
$payParams = $this->wechatpay->get_package($result['prepay_id']);
return ERROR_OK;
}
/**
* 获取ip地址
* @return string
*/
function get_client_ip()
{
if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
$ip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
$ip = getenv('REMOTE_ADDR');
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
$ip = $_SERVER['REMOTE_ADDR'];
}
return preg_match ( '/[\d\.]{7,15}/', $ip, $matches ) ? $matches [0] : '';
}
当支付成功后微信回调到统一下单时填写的回调地址中,无论支付成功还是失败都要给微信返回XML,告诉微信已经接收到回调,防止重复回调
/**
* 微信回调验证
*/
function notify()
{
header("Content-type:text/html;charset=utf-8");
// 1.接收微信回调返回数据,转换成数组
$data = $this->wechatpay->get_back_data();
// 2.当支付通知返回支付成功时
if(empty($data))
{
$return_code = "FAIL";
$return_msg = "回调失败";
$this->wechatpay->response_back($return_code, $return_msg);
}
$return_msg = "OK";
if ($data['return_code'] == "SUCCESS" && $data['result_code'] == "SUCCESS")
{
//获取返回的所以参数
//这里是要把微信返给我们的所有值,先删除sign的值,其他值 按ASCII从小到大排序,md5加密+‘key’;
$status = $this->wechatpay->validate($data);
// 判断签名是否一致
if ($status)
{
// 校验返回的订单金额是否与商户侧的订单金额一致,防止数据泄漏导致出现“假通知”
$trade_no = $data['out_trade_no']; // 商户系统内部订单号
$total_fee = $data['total_fee'] / 100; // 订单总金额,单位为分
// $cash_fee = $data['cash_fee'] / 100; // 现金支付金额订单现金支付金额,单位为分
$retCode = $this->m_order->payQuery($trade_no, $total_fee);
if($retCode != ERROR_OK)
{
$return_code = "FAIL";
}
}
else
{
$return_code = "FAIL";
$return_msg = "签名错误";
}
}
else
{
$return_code = "FAIL";
}
if(!isset($return_code)) $return_code = "SUCCESS";
// 3.响应微信支付后台通知
$this->wechatpay->response_back($return_code, $return_msg);
/**
* 支付成功回调数据 -- 修改订单状态
* @param $trade_no
* @param $total_fee
* @return mixed
*/
function payQuery($trade_no, $total_fee)
{
// 1.根据订单号查找订单信息
$orderBaseInfo = $this->getOrderBaseObj($trade_no);
if(!$orderBaseInfo)
{
return ERROR_WX_PAY_FAIL;
}
if($orderBaseInfo['order_status'] >= ORDER_STATUS_SUCCESS)
{
return ERROR_OK; // 订单状态是大于 2,待核销或者已核销状态直接返回支付成功
}
if($orderBaseInfo['pay_amount'] != $total_fee)
{
return ERROR_WX_PAY_AMOUNT_INCORRECT; // 验证支付金额与回调数据中的金额是否一致
}
$campusInfo = array();
$this->m_campus->getCampusInfo($orderBaseInfo['campus_id'], $campusInfo);
if(empty($campusInfo))
{
return ERROR_WX_PAY_FAIL;
}
// 开启事务 -- 存储微信回调数据
$this->db->trans_begin();
// 更新基础表订单状态
$this->m_common->update("order_base", array('order_status' => ORDER_STATUS_NOT_VERIFICATION), array('order_code' => $trade_no));
// 其他逻辑代码
// 存储微信回调返回的其他字段 。。。 (可能用于退款)
// 判断,返回结果
if ($this->db->trans_status() === false)
{
$this->db->trans_rollback();
return ERROR_SYSTEM;
}
else
{
$this->db->trans_commit();
return ERROR_OK;
}
}
最后加上封装好的微信支付demo:
<?php
class wechatpay
{
const TRADETYPE_JSAPI = 'JSAPI',TRADETYPE_NATIVE = 'NATIVE',TRADETYPE_APP = 'APP';
const URL_UNIFIEDORDER = "https://api.mch.weixin.qq.com/pay/unifiedorder";
const URL_ORDERQUERY = "https://api.mch.weixin.qq.com/pay/orderquery";
const URL_CLOSEORDER = 'https://api.mch.weixin.qq.com/pay/closeorder';
const URL_REFUND = 'https://api.mch.weixin.qq.com/secapi/pay/refund';
const URL_REFUNDQUERY = 'https://api.mch.weixin.qq.com/pay/refundquery';
const URL_DOWNLOADBILL = 'https://api.mch.weixin.qq.com/pay/downloadbill';
const URL_REPORT = 'https://api.mch.weixin.qq.com/payitil/report';
const URL_SHORTURL = 'https://api.mch.weixin.qq.com/tools/shorturl';
const URL_MICROPAY = 'https://api.mch.weixin.qq.com/pay/micropay';
/**
* 错误信息
*/
public $error = null;
/**
* 错误信息XML
*/
public $errorXML = null;
/**
* 微信支付配置数组
* appid 公众账号appid
* mch_id 商户号
* apikey 加密key
* appsecret 公众号appsecret
* sslcertPath 证书路径(apiclient_cert.pem)
* sslkeyPath 密钥路径(apiclient_key.pem)
*/
private $_config;
/**
* @param $config 微信支付配置数组
*/
public function __construct($data) {
$this->_config["appid"] = $data["appid"]; // 公众账号ID
$this->_config["mch_id"] = $data["mch_id"]; // 商户号
$this->_config["apikey"] = $data["apikey"]; // 支付秘钥
}
/**
* JSAPI获取prepay_id
* @param $body
* @param $out_trade_no
* @param $total_fee
* @param $notify_url
* @param $openid
* @return null
*/
public function getPrepayId($body,$out_trade_no,$total_fee,$notify_url,$openid) {
$data = array();
$data["nonce_str"] = $this->get_nonce_string();
$data["body"] = $body;
$data["out_trade_no"] = $out_trade_no;
$data["total_fee"] = $total_fee;
$data["spbill_create_ip"] = $_SERVER["REMOTE_ADDR"];
$data["notify_url"] = $notify_url;
$data["trade_type"] = self::TRADETYPE_JSAPI;
$data["openid"] = $openid;
$result = $this->unifiedOrder($data);
if ($result["return_code"] == "SUCCESS" && $result["result_code"] == "SUCCESS") {
return $result["prepay_id"];
} else {
$this->error = $result["return_code"] == "SUCCESS" ? $result["err_code_des"] : $result["return_msg"];
$this->errorXML = $this->array2xml($result);
return null;
}
}
private function get_nonce_string() {
return substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"),0,32);
}
/**
* 统一下单接口
*/
public function unifiedOrder($params) {
$data = array();
$data["appid"] = $this->_config["appid"]; // 公众账号ID
$data["mch_id"] = $this->_config["mch_id"]; // 商户号
$data["device_info"] = (isset($params['device_info'])&&trim($params['device_info'])!='')?$params['device_info']:null; // device_info 设备号
$data["nonce_str"] = $this->get_nonce_string(); // 随机字符串
$data["body"] = $params['body']; // 商品描述
$data["detail"] = isset($params['detail'])?$params['detail']:null;//optional 商品详情
$data["attach"] = isset($params['attach'])?$params['attach']:null;//optional 附加数据
$data["out_trade_no"] = isset($params['out_trade_no'])?$params['out_trade_no']:null; // 商户订单号
$data["fee_type"] = isset($params['fee_type'])?$params['fee_type']:'CNY'; // 标价币种
$data["total_fee"] = $params['total_fee']; // 标价金额
$data["spbill_create_ip"] = $params['spbill_create_ip']; // 终端IP
$data["time_start"] = isset($params['time_start'])?$params['time_start']:null;//optional 交易起始时间
$data["time_expire"] = isset($params['time_expire'])?$params['time_expire']:null;//optional 交易结束时间
$data["goods_tag"] = isset($params['goods_tag'])?$params['goods_tag']:null; // 订单优惠标记
$data["notify_url"] = $params['notify_url']; // 通知地址
$data["trade_type"] = $params['trade_type']; // 交易类型
$data["product_id"] = isset($params['product_id'])?$params['product_id']:null;//required when trade_type = NATIVE 商品ID
$data["openid"] = isset($params['openid'])?$params['openid']:null; // 用户标识
$data["scene_info"] = isset($params['scene_info'])?$params['scene_info']:null;// scene_info 场景信息 (h5支付必填)
$result = $this->post(self::URL_UNIFIEDORDER, $data);
return $result;
}
private function post($url, $data,$cert = false) {
$data["sign"] = $this->sign($data);
$xml = $this->array2xml($data);
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
if($cert == true){
//使用证书:cert 与 key 分别属于两个.pem文件
curl_setopt($ch,CURLOPT_SSLCERTTYPE,'PEM');
curl_setopt($ch,CURLOPT_SSLCERT, $this->_config['sslcertPath']);
curl_setopt($ch,CURLOPT_SSLKEYTYPE,'PEM');
curl_setopt($ch,CURLOPT_SSLKEY, $this->_config['sslkeyPath']);
}
$content = curl_exec($ch);
$array = $this->xml2array($content);
return $array;
}
/**
* 数据签名
* @param $data
* @return string
*/
private function sign($data) {
ksort($data);
$string1 = "";
foreach ($data as $k => $v) {
if ($v && trim($v)!='') {
$string1 .= "$k=$v&";
}
}
$stringSignTemp = $string1 . "key=" . $this->_config["apikey"];
$sign = strtoupper(md5($stringSignTemp));
return $sign;
}
private function array2xml($array) {
$xml = "<xml>" . PHP_EOL;
foreach ($array as $k => $v) {
if($v && trim($v)!='')
$xml .= "<$k><![CDATA[$v]]></$k>" . PHP_EOL;
}
$xml .= "</xml>";
return $xml;
}
private function xml2array($xml) {
$array = array();
$tmp = null;
try{
$tmp = (array) simplexml_load_string($xml);
}catch(Exception $e){}
if($tmp && is_array($tmp)){
foreach ( $tmp as $k => $v) {
$array[$k] = (string) $v;
}
}
return $array;
}
/**
* 扫码支付(模式二)获取支付二维码
* @param $body
* @param $out_trade_no
* @param $total_fee
* @param $notify_url
* @param $product_id
* @return null
*/
public function getCodeUrl($body,$out_trade_no,$total_fee,$notify_url,$product_id){
$data = array();
$data["nonce_str"] = $this->get_nonce_string();
$data["body"] = $body;
$data["out_trade_no"] = $out_trade_no;
$data["total_fee"] = $total_fee;
$data["spbill_create_ip"] = $_SERVER["SERVER_ADDR"];
$data["notify_url"] = $notify_url;
$data["trade_type"] = self::TRADETYPE_NATIVE;
$data["product_id"] = $product_id;
$result = $this->unifiedOrder($data);
if ($result["return_code"] == "SUCCESS" && $result["result_code"] == "SUCCESS") {
return $result["code_url"];
} else {
$this->error = $result["return_code"] == "SUCCESS" ? $result["err_code_des"] : $result["return_msg"];
return null;
}
}
/**
* 查询订单
* @param $transaction_id
* @param $out_trade_no
* @return array
*/
public function orderQuery($transaction_id,$out_trade_no){
$data = array();
$data["appid"] = $this->_config["appid"];
$data["mch_id"] = $this->_config["mch_id"];
$data["transaction_id"] = $transaction_id;
$data["out_trade_no"] = $out_trade_no;
$data["nonce_str"] = $this->get_nonce_string();
$result = $this->post(self::URL_ORDERQUERY, $data);
return $result;
}
/**
* 关闭订单
* @param $out_trade_no
* @return array
*/
public function closeOrder($out_trade_no){
$data = array();
$data["appid"] = $this->_config["appid"];
$data["mch_id"] = $this->_config["mch_id"];
$data["out_trade_no"] = $out_trade_no;
$data["nonce_str"] = $this->get_nonce_string();
$result = $this->post(self::URL_CLOSEORDER, $data);
return $result;
}
/**
* 申请退款 - 使用商户订单号
* @param $out_trade_no 商户订单号
* @param $out_refund_no 退款单号
* @param $total_fee 总金额(单位:分)
* @param $refund_fee 退款金额(单位:分)
* @param $op_user_id 操作员账号
* @return array
*/
public function refund($out_trade_no,$out_refund_no,$total_fee,$refund_fee,$op_user_id){
$data = array();
$data["appid"] = $this->_config["appid"];
$data["mch_id"] = $this->_config["mch_id"];
$data["nonce_str"] = $this->get_nonce_string();
$data["out_trade_no"] = $out_trade_no;
$data["out_refund_no"] = $out_refund_no;
$data["total_fee"] = $total_fee;
$data["refund_fee"] = $refund_fee;
$data["op_user_id"] = $op_user_id;
$result = $this->post(self::URL_REFUND, $data,true);
return $result;
}
/**
* 申请退款 - 使用微信订单号
* @param $out_trade_no 商户订单号
* @param $out_refund_no 退款单号
* @param $total_fee 总金额(单位:分)
* @param $refund_fee 退款金额(单位:分)
* @param $op_user_id 操作员账号
* @return array
*/
public function refundByTransId($transaction_id,$out_refund_no,$total_fee,$refund_fee,$op_user_id){
$data = array();
$data["appid"] = $this->_config["appid"];
$data["mch_id"] = $this->_config["mch_id"];
$data["nonce_str"] = $this->get_nonce_string();
$data["transaction_id"] = $transaction_id;
$data["out_refund_no"] = $out_refund_no;
$data["total_fee"] = $total_fee;
$data["refund_fee"] = $refund_fee;
$data["op_user_id"] = $op_user_id;
$result = $this->post(self::URL_REFUND, $data,true);
return $result;
}
/**
* 下载对账单
* @param $bill_date 下载对账单的日期,格式:20140603
* @param $bill_type 类型
* @return array
*/
public function downloadBill($bill_date,$bill_type = 'ALL'){
$data = array();
$data["appid"] = $this->_config["appid"];
$data["mch_id"] = $this->_config["mch_id"];
$data["bill_date"] = $bill_date;
$data["bill_type"] = $bill_type;
$data["nonce_str"] = $this->get_nonce_string();
$result = $this->post(self::URL_DOWNLOADBILL, $data);
return $result;
}
/**
* 获取js支付使用的第二个参数
*/
public function get_package($prepay_id) {
$data = array();
$data["appId"] = $this->_config["appid"];
$data["timeStamp"] = time();
$data["nonceStr"] = $this->get_nonce_string();
$data["package"] = "prepay_id=$prepay_id";
$data["signType"] = "MD5";
$data["paySign"] = $this->sign($data);
return $data;
}
/**
* 获取发送到通知地址的数据(在通知地址内使用)
* @return 结果数组,如果不是微信服务器发送的数据返回null
* appid
* bank_type
* cash_fee
* fee_type
* is_subscribe
* mch_id
* nonce_str
* openid
* out_trade_no 商户订单号
* result_code
* return_code
* sign
* time_end
* total_fee 总金额
* trade_type
* transaction_id 微信支付订单号
*/
public function get_back_data() {
$xml = file_get_contents("php://input");
$data = $this->xml2array($xml);
if ($this->validate($data)) {
return $data;
} else {
return null;
}
}
/**
* 验证数据签名
* @param $data 数据数组
* @return 数据校验结果
*/
public function validate($data) {
if (!isset($data["sign"])) {
return false;
}
$sign = $data["sign"];
unset($data["sign"]);
return $this->sign($data) == $sign;
}
/**
* 响应微信支付后台通知
* @param $return_code 返回状态码 SUCCESS/FAIL
* @param $return_msg 返回信息
*/
public function response_back($return_code="SUCCESS", $return_msg=null) {
$data = array();
$data["return_code"] = $return_code;
if ($return_msg) {
$data["return_msg"] = $return_msg;
}
$xml = $this->array2xml($data);
print $xml;
}
}