Pre-development configuration

Before code access, you need to fill in the authorization callback domain name in wechat background, which must be put on record by ICP

Main development process

  • Users choose wechat Pay when placing an order
  • The merchant conducts business logic processing and invokes wechat unified ordering interface. The transaction type of wechat H5 is trade_type=MWEB
  • When the order interface is successfully invoked, wechat will return relevant parameters including the payment jump URL, and merchants will use the parameter Mweb_URL to pull up the payment middle page
  • Wechat will verify H5 permissions on the middle page
  • If the payment is successful, wechat will send an asynchronous notification of the result to the merchant

Official development

  • Adjust wechat pay, only state the necessary parameters
  • Request WeChat unified interface, the interface address: api.mch.weixin.qq.com/pay/unified…

Interface request parameters

  • Appid: wechat official iD
  • McH_id: indicates the account id
  • Nonce_str: a random string of less than 32 characters
  • Signature sign:
  • Body: Product description
  • Out_trade_no: merchant order number, no longer than 32 digits
  • Total_fee: Total amount, divided into units
  • Spbill_create_ip: INDICATES the IP address when the client requests payment
  • Notify_url: address for asynchronous notification callback. It must be a directly accessible address and cannot carry parameters
  • Trade_type: trade type, such as H5, MWEB

These are the parameters required for H5 to pay the order

Signature is generated

  • The parameters involved in generating the signature must be non-null
  • Parameters are sorted in alphabetical order based on the ASCII code, and parameter names are case-sensitive
  • According to the above rules, the parameters are spliced into k1=v1&k2=v2…. The string
  • Add key to the string obtained in the previous step, for example, k1=v1& K2 =v2&key= 192006250b4c09247EC02E
  • Then, MD5 encryption is performed on the final obtained string, and then uppercase, which is the final sign value

Code:

/** * @param array$paramsRequest argument * @param string$keyThe secret key * / publicfunction genSign($params.$key)
{
    foreach ($params as $k= >$v) {
        if (!$v) {
            unset($params[$k]);
        }
    }
    ksort($params);
    $paramStr = ' ';
    foreach ($params as $k= >$v) {
        $paramStr = $paramStr . $k . '=' . $v . '&';
    }
    $paramStr = $paramStr . 'key='.$key;
    $sign = strtoupper(md5($paramStr));
    return $sign;
}
Copy the code

The initiating

Convert the parameters to XML data to initiate a request to convert the array to XML:

/** * Convert an array to XML * @param array$paramsThe payment request argument */ publicfunction array_to_xml($params)
{
    if(! is_array($params)|| count($params) < = 0) {return false;
    }
    $xml = "<xml>";
    foreach ($params as $key= >$val) {
        if (is_numeric($val)) {
            $xml. ="<".$key.">".$val."< /".$key.">";
        } else {
            $xml. ="<".$key."> 
       .$val."]] > "/".$key.">"; }}$xml. ="</xml>";
    return $xml;
}
Copy the code

Request code:

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$return = curl_exec($ch);
curl_close($ch);
return $return;
Copy the code

Wechat returns XML data:

<xml><return_code><! [CDATA[SUCCESS]]></return_code> <return_msg><! [CDATA[OK]]></return_msg> <appid><! [CDATA[wxdded766660f9b840]]></appid> <mch_id><! [CDATA[1516216351]]></mch_id> <device_info><! [CDATA[100]]></device_info> <nonce_str><! [CDATA[2DUN2i2pGnlC6vDi]]></nonce_str> <sign><! [CDATA[95CEA831D598299097A32D8FEEC6BDEF]]></sign> <result_code><! [CDATA[SUCCESS]]></result_code> <prepay_id><! [CDATA[wx22194530678545eb3713f2f10724143329]]></prepay_id> <trade_type><! [CDATA[MWEB]]></trade_type> <mweb_url><! [CDATA[https://wx.tenpay.com/cgi-bin/mmpayweb-bin/checkmweb?prepay_id=wx22194530678545eb3713f2f10724143329&package=87106 983]]></mweb_url>Copy the code

Return_code for SUCCESS indicates that the payment request was successful; Mweb_url is the payment jump page. At this time, the client can already adjust wechat Pay through mweb_URL

Middle page processing

After receiving the mweb_URL parameter returned by wechat, you can further obtain the deepLink code on the server side:

/** * Get deepLink parameter from wechat Pay middle page * @param string$urlWechat returns mweb_URL * @param string$ipClient IP address */ publicfunction getDeeplink(string $url, string $ip)
{
    $headers = array("X-FORWARDED-FOR:$ip"."CLIENT-IP:$ip");
    ob_start();
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_HTTPHEADER , $headers );
    curl_setopt ($ch, CURLOPT_REFERER, "pay.o9di.cn");
    curl_setopt( $ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_USERAGENT, 'the Mozilla / 5.0 (Linux; Android 6.0.1; OPPO R11s Build/MMB29M; Wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/55.0.2883.91 Mobile Safari/537.36');
    curl_exec($ch);
    curl_close ($ch);
    $out = ob_get_contents();
    ob_clean();
    $a = preg_match('/weixin:\/\/wap.*/'.$out.$str);
    if ($a) {
        return substr($str[0], 0, strlen($str[0]) - 1); }else {
        return ' '; }}Copy the code

weixin://wap/pay? prepayid%3Dwx22201221074146ac747121890095299503&package=2656135616&noncestr=1542888966&sign=e31dbc2d1231708ff8a982b15a6c 7646Copy the code

Even the resulting deepLink value can be used by the client to initiate payment directly