From b8dc9ded3aafc542dd4333e89c53eb59b4fe1376 Mon Sep 17 00:00:00 2001
From: wangjinlei <751475802@qq.com>
Date: Wed, 26 Nov 2025 17:39:35 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E4=BB=98bug?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/api/controller/Order.php     | 80 ++++++++++++------------
 application/api/controller/Preaccept.php | 17 ++---
 application/common.php                   | 63 +++++++++++++------
 3 files changed, 94 insertions(+), 66 deletions(-)

diff --git a/application/api/controller/Order.php b/application/api/controller/Order.php
index f702004..61855b1 100644
--- a/application/api/controller/Order.php
+++ b/application/api/controller/Order.php
@@ -55,6 +55,7 @@ class Order extends base{
 
 
     public function completePaystation(){
+        Log::log("payStation:act ".date("Y-m-d H:i:s"));
         $data = $this->request->post();
         if(!isset($data['transaction_id'])|| !$data['result']['success']){
             return jsonError("Paystation responds with no results or result fail");
@@ -73,7 +74,39 @@ class Order extends base{
 
 
 
-    public function testPaystationLookup(){
+
+    public function PaystationLookup(){
+        $data = $this->request->post();
+        $rule = new Validate([
+            "article_id"=>"require"
+        ]);
+        if(!$rule->check($data)){
+            return jsonError($rule->getError());
+        }
+        $article_info = $this->article_obj->where("article_id",$data['article_id'])->find();
+        $order_info = $this->order_obj->where("article_id",$article_info['article_id'])->whereIn("state",[0,1])->find();
+        if($order_info==null){
+            return jsonError("no order");
+        }
+        sleep(2);
+        $paystation_info = $this->paystation_obj->where("ps_id",$order_info['ps_id'])->find();
+        $response = paystationLookup($paystation_info["merchant_session"]);
+        $res = xml_to_array($response);
+        if(isset($res['PaystationQuickLookup']['LookupResponse']['Authentication']['auth_Status'])&&$res['PaystationQuickLookup']['LookupResponse']['Authentication']['auth_Status']=="Y"){
+            $this->article_obj->where("article_id",$order_info['article_id'])->update(['is_buy'=>1]);
+            $this->order_obj->where("order_id",$order_info['order_id'])->update(['state'=>1]);
+            return jsonSuccess(["result"=>"success","paystation"=>$paystation_info]);
+        }else{
+            return jsonSuccess(['result'=>"fail"]);
+        }
+    }
+
+
+
+
+
+    public function testPaystationLookup1(){
+
         $data = $this->request->post();
         $rule = new Validate([
             "ms"=>"require"
@@ -81,43 +114,8 @@ class Order extends base{
         if(!$rule->check($data)){
             return jsonError($rule->getError());
         }
-        $param = "pi=616562&ms=".$data['ms'];
-        $url = "https://payments.paystation.co.nz/lookup?".$param;
-        $res = myGet($url);
-        return jsonSuccess($res);
-
-    }
-
-    public function testPaystationLookup1(){
-
-        $data = $this->request->post();
-        $rule = new Validate([
-            "transaction_id"=>"require"
-        ]);
-        if(!$rule->check($data)){
-            return jsonError($rule->getError());
-        }
-//        $accessToken = createPayStationToken();
-//        $curl = curl_init();
-//        curl_setopt_array($curl, array(
-//            CURLOPT_URL => 'https://api.paystation.co.nz/v1/transactions/'.$data['transaction_id'],
-//            CURLOPT_RETURNTRANSFER => true,
-//            CURLOPT_ENCODING => '',
-//            CURLOPT_MAXREDIRS => 10,
-//            CURLOPT_TIMEOUT => 0,
-//            CURLOPT_FOLLOWLOCATION => true,
-//            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
-//            CURLOPT_CUSTOMREQUEST => 'GET',
-//            CURLOPT_HTTPHEADER => array(
-//                'Content-Type: application/json',
-//                'Authorization: Bearer '.$accessToken
-//            )
-//        ));
-//        $response = curl_exec($curl);
-//        curl_close($curl);
-        $response = paystationLookup($data['transaction_id']);
-
-        $res = object_to_array(json_decode($response));
+        $response = paystationLookup($data['ms']);
+        $res = xml_to_array($response);
         return jsonSuccess($res);
     }
 
@@ -146,7 +144,7 @@ class Order extends base{
         $params["pstn_HMAC"] = $hmac_signature;
         $url_with_params = $url . '?' . http_build_query($params);
 
-        echo $url_with_params;
+//        echo $url_with_params;
 
         $ch = curl_init();
         curl_setopt($ch, CURLOPT_URL, $url_with_params);
@@ -180,8 +178,8 @@ class Order extends base{
         if($order_info['pay_type']==2){
             $paystation = $this->paystation_obj->where("ps_id",$order_info['ps_id'])->find();
             if($order_info['state']==0){
-                $res = object_to_array(json_decode(paystationLookup($paystation['transaction_id'])));
-                if(isset($res['result']['success'])&&$res['result']['success']){
+                $res = xml_to_array(paystationLookup($paystation['merchant_session']));
+                if(isset($res['PaystationQuickLookup']['LookupResponse']['PaystationErrorMessage'])&&$res['PaystationQuickLookup']['LookupResponse']['PaystationErrorMessage']=='Transaction successful'){
                     $this->article_obj->where("article_id",$order_info['article_id'])->update(['is_buy'=>1]);
                     $this->order_obj->where("order_id",$order_info['order_id'])->update(['state'=>1]);
                 }
diff --git a/application/api/controller/Preaccept.php b/application/api/controller/Preaccept.php
index ae646ed..07d9576 100644
--- a/application/api/controller/Preaccept.php
+++ b/application/api/controller/Preaccept.php
@@ -753,7 +753,16 @@ class Preaccept extends Base
         $article_info = $this->article_obj->where("article_id",$data['article_id'])->find();
         $journal_info = $this->journal_obj->where("journal_id",$article_info['journal_id'])->find();
         $order_info = $this->order_obj->where("article_id",$article_info['article_id'])->find();
-        $order_info['paystation'] = $this->paystation_obj->where("ps_id",$order_info['ps_id'])->find();
+        $paystation = $this->paystation_obj->where("ps_id",$order_info['ps_id'])->find();
+        $order_info['paystation'] = $paystation;
+        if($order_info['state']==0){
+            $res = xml_to_array(paystationLookup($paystation['merchant_session']));
+            if(isset($res['PaystationQuickLookup']['LookupResponse']['Authentication']['auth_Status'])&&$res['PaystationQuickLookup']['LookupResponse']['Authentication']['auth_Status']=="Y"){
+                $this->article_obj->where("article_id",$order_info['article_id'])->update(['is_buy'=>1]);
+                $this->order_obj->where("order_id",$order_info['order_id'])->update(['state'=>1]);
+                $article_info = $this->article_obj->where("article_id",$data['article_id'])->find();
+            }
+        }
         $re['state'] = $article_info['is_buy'];
         $re['order'] = $order_info;
         $re["fee"] = $article_info['fee'];
@@ -762,12 +771,6 @@ class Preaccept extends Base
         return jsonSuccess($re);
 
 
-
-
-
-
-
-
 //        if(intval($journal_info['fee'])==0||$article_info['ctime']<1735660800){//非收费期刊的文章直接返回
 //            $re['state'] = 1;
 //            $re['order'] = null;
diff --git a/application/common.php b/application/common.php
index b443d0b..92cfe64 100644
--- a/application/common.php
+++ b/application/common.php
@@ -998,27 +998,54 @@ function aliemail($email,$title,$content,$has_hb=1){
     return $res;
 }
 
-function paystationLookup($transactionId){
-    $curl = curl_init();
-    curl_setopt_array($curl, array(
-        CURLOPT_URL => 'https://api.paystation.co.nz/v1/transactions/'.$transactionId,
-        CURLOPT_RETURNTRANSFER => true,
-        CURLOPT_ENCODING => '',
-        CURLOPT_MAXREDIRS => 10,
-        CURLOPT_TIMEOUT => 0,
-        CURLOPT_FOLLOWLOCATION => true,
-        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
-        CURLOPT_CUSTOMREQUEST => 'GET',
-        CURLOPT_HTTPHEADER => array(
-            'Content-Type: application/json',
-            'Authorization: Bearer '.createPayStationToken()
-        )
-    ));
-    $response = curl_exec($curl);
-    curl_close($curl);
+//function paystationLookup($transactionId){
+//    $curl = curl_init();
+//    curl_setopt_array($curl, array(
+//        CURLOPT_URL => 'https://api.paystation.co.nz/v1/transactions/'.$transactionId,
+//        CURLOPT_RETURNTRANSFER => true,
+//        CURLOPT_ENCODING => '',
+//        CURLOPT_MAXREDIRS => 10,
+//        CURLOPT_TIMEOUT => 0,
+//        CURLOPT_FOLLOWLOCATION => true,
+//        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+//        CURLOPT_CUSTOMREQUEST => 'GET',
+//        CURLOPT_HTTPHEADER => array(
+//            'Content-Type: application/json',
+//            'Authorization: Bearer '.createPayStationToken()
+//        )
+//    ));
+//    $response = curl_exec($curl);
+//    curl_close($curl);
+//    return $response;
+//}
+
+
+function paystationLookup($ms){
+    $url = "https://payments.paystation.co.nz/lookup/";
+    $time = time();
+    $params = [
+        "pi" => "616562",
+        "ms" => $ms,
+        "pstn_HMACTimestamp" => $time
+    ];
+    $secret_key = Env::get("paystation.hmac");// 使用提供的HMAC认证密钥
+    $query_string = http_build_query($params);
+    $hmac_signature = hash_hmac('sha256', $time."paystation".$query_string,$secret_key);
+    $params["pstn_HMAC"] = $hmac_signature;
+    $url_with_params = $url . '?' . http_build_query($params);
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $url_with_params);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    $response = curl_exec($ch);
+    if(curl_errno($ch)) {
+        echo 'Error:' . curl_error($ch);
+    }
+    curl_close($ch);
+
     return $response;
 }
 
+
 function createPayStationToken(){
     $bodyParams = [
         'client_id' => Env::get("paystation.client_id"),