데모코드 : warapay.php

warapay.php
<?php
require_once 'config.php';
class warapay{
public $currency,$qrpay;
private $appid,$warapay_public_key,$app_private_key,$gatewayUrl,$queryUrl;
public function __construct() {
global $config;
foreach($config as $k=>$v){
if(trim($v)==''){
die('config.php field:'.$k.' NO Setting.');
}
}
$this->appid = $config['appid'];
$this->warapay_public_key=$config['warapay_public_key'];
$this->app_private_key=$config['app_private_key'];
$this->gatewayUrl=$config['gatewayUrl'];
$this->queryUrl=$config['queryUrl'];
}
// certificate signing
public function qrpay($data){
$data['appid']=$this->appid;
$data['version']='2.0';
$data['ip']=self::_get_client_ip();
$data['time']=time();
$data['return_url']=urlencode(self::_get_url());
ksort($data);
$data['sign']=self::rsa_sign($data);
$result=$this->_post($this->gatewayUrl, 500000, http_build_query($data));
$arr=json_decode($result,320);
if($arr['code']===0){
$param=$arr['data'];
$sign=$param['sign'];
unset($param['sign']);
ksort($param);
$result=self::rsa_sign(http_build_query($param),$sign,"CHECK");
if($result){
return $param;
}else{
return false;
}
}else{
die("request was fail");
}
}
// Query for checking
public function queryTrade($data){
$data['appid']=$this->appid;
$data['version']='2.0';
$data['time']=time();
ksort($data);
$data['sign']=self::rsa_sign($data);
$result=$this->_post($this->queryUrl, 500000, http_build_query($data));
$arr=json_decode($result,320);
if($arr['code']===0){
$param=$arr['data'];
$sign=$param['sign'];
unset($param['sign']);
ksort($param);
$result=self::rsa_sign(http_build_query($param),$sign,"CHECK");
if($result){
return $param;
}else{
return false;
}
}else{
die("request was fail");
}
}
// Check Signing
public function checkSign($data){
$sign=$data['sign'];
if($sign){
unset($data['sign']);
ksort($data);
if(self::rsa_sign(http_build_query($data),$sign,"CHECK")){
return $data;
}
}
return false;
}
final private function rsa_sign($string,$sign="",$type=""){
if($type!=="CHECK"){
///////////////////////////////warapay private signing////////////////////////
//$private_content=file_get_contents(private key file);
$private_key=openssl_pkey_get_private($this->app_private_key);
if(!$private_key) die('warapay_private_key is empty or error.');
$original_str=is_array($string)?http_build_query($string):$string;//original value
openssl_sign($original_str,$sign,$private_key);
openssl_free_key($private_key);
return base64_encode($sign);//after signing
}elseif($type==="CHECK"){
$sign=trim($sign);
if(!$sign) die('The signature string is empty');
///////////////////////////////warapay public signing////////////////////////
//$public_content=file_get_contents(publick key file);
$public_key=openssl_pkey_get_public($this->warapay_public_key);
if(!$public_key) die('app_public_key is empty or error.');
$sign=base64_decode($sign);//signing
$original_str=is_array($string)?http_build_query($string):$string;//after signing
$result=(bool)openssl_verify($original_str,$sign,$public_key);
openssl_free_key($public_key);
return $result;
}
}
public function currency(){
return $array=array(
"KER"=>"Korean Won(₩)",
/*"CNY"=>"人民币(¥)",
"VND"=>"VIỆT NAM ĐỒNG(₫)",
"USD"=>"Dollar($)",
"GBP"=>"Pound(£)",
"EUR"=>"Euro(€)",
"HKD"=>"港幣(HK$)",
"TWD"=>"新臺幣(NT$)",
"JPY"=>"円(JPY¥)",*/
);
}
/**
* request post
* @param string $url post URL
* @param int $limit limited of return length
* @param string $post post variables ( ex> username='dalarge'&password='123456' )
* @param string $cookie cookie ( ex> username='dalarge'&password='123456' )
* @param string $ip ip address
* @param int $timeout connected time
* @param bool $block blocking mode
* @return string return values
*/
private function _post($url, $limit = 0, $post = '', $cookie = '', $ip = '', $timeout = 15, $block = true) {
$return = '';
$matches = parse_url($url);
$host = $matches['host'];
$path = $matches['path'] ? $matches['path'].($matches['query'] ? '?'.$matches['query'] : '') : '/';
$port = !empty($matches['port']) ? $matches['port'] : 80;
$siteurl = $this->_get_url();
if($post) {
$out = "POST $path HTTP/1.1\r\n";
$out .= "Accept: */*\r\n";
$out .= "Referer: ".$siteurl."\r\n";
$out .= "Accept-Language: zh-cn\r\n";
$out .= "Content-Type: application/x-www-form-urlencoded\r\n";
$out .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n";
$out .= "Host: $host\r\n" ;
$out .= 'Content-Length: '.strlen($post)."\r\n" ;
$out .= "Connection: Close\r\n" ;
$out .= "Cache-Control: no-cache\r\n" ;
$out .= "Cookie: $cookie\r\n\r\n" ;
$out .= $post ;
} else {
$out = "GET $path HTTP/1.1\r\n";
$out .= "Accept: */*\r\n";
$out .= "Referer: ".$siteurl."\r\n";
$out .= "Accept-Language: zh-cn\r\n";
$out .= "User-Agent: $_SERVER[HTTP_USER_AGENT]\r\n";
$out .= "Host: $host\r\n";
$out .= "Connection: Close\r\n";
$out .= "Cookie: $cookie\r\n\r\n";
}
$fp = @fsockopen(($ip ? $ip : $host), $port, $errno, $errstr, $timeout);
if(!$fp) return '';
stream_set_blocking($fp, $block);
stream_set_timeout($fp, $timeout);
@fwrite($fp, $out);
$status = stream_get_meta_data($fp);
if($status['timed_out']) return '';
while (!feof($fp)) {
if(($header = @fgets($fp)) && ($header == "\r\n" || $header == "\n")) break;
}
$stop = false;
while(!feof($fp) && !$stop) {
$data = fread($fp, ($limit == 0 || $limit > 8192 ? 8192 : $limit));
$return .= $data;
if($limit) {
$limit -= strlen($data);
$stop = $limit <= 0;
}
}
@fclose($fp);
$return_arr = explode("\n", $return);
if(isset($return_arr[1])) {
$return = trim($return_arr[1]);
}
unset($return_arr);
return $return;
}
/**
* get completed url
*/
private function _get_url() {
$sys_protocal = isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' ? 'https://' : 'http://';
$php_self = $_SERVER['PHP_SELF'] ? $this->_safe_replace($_SERVER['PHP_SELF']) : $this->_safe_replace($_SERVER['SCRIPT_NAME']);
$path_info = isset($_SERVER['PATH_INFO']) ? $this->_safe_replace($_SERVER['PATH_INFO']) : '';
$relate_url = isset($_SERVER['REQUEST_URI']) ? $this->_safe_replace($_SERVER['REQUEST_URI']) : $php_self.(isset($_SERVER['QUERY_STRING']) ? '?'.$this->_safe_replace($_SERVER['QUERY_STRING']) : $path_info);
return $sys_protocal.(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '').$relate_url;
}
/**
* replace strings for safety query
*
* @param $string
* @return string
*/
private function _safe_replace($string) {
$string = str_replace('%20','',$string);
$string = str_replace('%27','',$string);
$string = str_replace('%2527','',$string);
$string = str_replace('*','',$string);
$string = str_replace('"','&quot;',$string);
$string = str_replace("'",'',$string);
$string = str_replace('"','',$string);
$string = str_replace(';','',$string);
$string = str_replace('<','&lt;',$string);
$string = str_replace('>','&gt;',$string);
$string = str_replace("{",'',$string);
$string = str_replace('}','',$string);
$string = str_replace('\\','',$string);
return $string;
}
private function _get_client_ip(){
$cip="unknown";
if($_SERVER['REMOTE_ADDR']){
$cip=$_SERVER['REMOTE_ADDR'];
}elseif(getenv('REMOTE_ADDR')){
$cip=$getenv['REMOTE_ADDR'];
}
return $cip;
}
function EXITJSON($array){
exit(json_encode($array));
}
}