From 29ef8b8827c818bedf0b6a94f3c0f87616d9e53e Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 11:53:48 +0800 Subject: [PATCH 01/10] Update EpusdtController.php --- app/Http/Controllers/Pay/EpusdtController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/EpusdtController.php b/app/Http/Controllers/Pay/EpusdtController.php index 37a7d147..8dba0475 100644 --- a/app/Http/Controllers/Pay/EpusdtController.php +++ b/app/Http/Controllers/Pay/EpusdtController.php @@ -79,6 +79,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'fail'; } + if($payGateway->pay_handleroute != 'pay/epusdt'){ + return 'fail'; + } $signature = $this->epusdtSign($data, $payGateway->merchant_id); if ($data['signature'] != $signature) { //不合法的数据 return 'fail'; //返回失败 继续补单 From 6e4f335cce70e6168846e4c75a3a6521d6ca8dec Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:00:23 +0800 Subject: [PATCH 02/10] Update CoinbaseController.php --- app/Http/Controllers/Pay/CoinbaseController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/CoinbaseController.php b/app/Http/Controllers/Pay/CoinbaseController.php index 9cbf5c04..30487b80 100644 --- a/app/Http/Controllers/Pay/CoinbaseController.php +++ b/app/Http/Controllers/Pay/CoinbaseController.php @@ -92,6 +92,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'fail'; } + if($payGateway->pay_handleroute != 'pay/coinbase'){ + return 'fail'; + } $secret = $payGateway->merchant_pem;//共享密钥 $sig2 = hash_hmac( 'sha256', $payload, $secret ); $result_str=array("confirmed","resolved");//返回的结果字符串数组 From 0c300edd13ebb44830828f2d232ab23fce364c41 Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:02:49 +0800 Subject: [PATCH 03/10] Update AlipayController.php --- app/Http/Controllers/Pay/AlipayController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/AlipayController.php b/app/Http/Controllers/Pay/AlipayController.php index b64072f0..e8ae966d 100644 --- a/app/Http/Controllers/Pay/AlipayController.php +++ b/app/Http/Controllers/Pay/AlipayController.php @@ -78,6 +78,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'error'; } + if($payGateway->pay_handleroute != '/pay/alipay'){ + return 'fail'; + } $config = [ 'app_id' => $payGateway->merchant_id, 'ali_public_key' => $payGateway->merchant_key, From 910b0c0dba91d0e4c2fc53af05ce367fefc466ac Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:03:55 +0800 Subject: [PATCH 04/10] Update MapayController.php --- app/Http/Controllers/Pay/MapayController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/MapayController.php b/app/Http/Controllers/Pay/MapayController.php index a6e0e485..9b99840f 100644 --- a/app/Http/Controllers/Pay/MapayController.php +++ b/app/Http/Controllers/Pay/MapayController.php @@ -62,6 +62,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'fail'; } + if($payGateway->pay_handleroute != '/pay/mapay'){ + return 'fail'; + } $query = signquery_string($data); if (!$data['pay_no'] || md5($query . $payGateway->merchant_pem ) != $data['sign']) { //不合法的数据 return 'fail'; //返回失败 继续补单 From 8eeaedd35f54563fd987c7b0a58d3dcd44871d84 Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:07:43 +0800 Subject: [PATCH 05/10] Update PayjsController.php --- app/Http/Controllers/Pay/PayjsController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/PayjsController.php b/app/Http/Controllers/Pay/PayjsController.php index 956a3ff5..62e2de65 100644 --- a/app/Http/Controllers/Pay/PayjsController.php +++ b/app/Http/Controllers/Pay/PayjsController.php @@ -57,6 +57,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'error'; } + if($payGateway->pay_handleroute != '/pay/payjs'){ + return 'fail'; + } config(['payjs.mchid' => $payGateway->merchant_id, 'payjs.key' => $payGateway->merchant_pem]); $notify_info = Payjs::notify(); $totalFee = bcdiv($notify_info['total_fee'], 100, 2); From b967d11003237f114e17d099cb3c4fb3cd6ea0dc Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:10:29 +0800 Subject: [PATCH 06/10] Update PaypalPayController.php --- app/Http/Controllers/Pay/PaypalPayController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/PaypalPayController.php b/app/Http/Controllers/Pay/PaypalPayController.php index b5eb4e44..70451d50 100644 --- a/app/Http/Controllers/Pay/PaypalPayController.php +++ b/app/Http/Controllers/Pay/PaypalPayController.php @@ -95,6 +95,9 @@ public function returnUrl(Request $request) if (!$payGateway) { return 'error'; } + if($payGateway->pay_handleroute != '/pay/paypal'){ + return 'error'; + } $paypal = new ApiContext( new OAuthTokenCredential( $payGateway->merchant_key, From 01b0d308f5e5076e0e3160392890463c2fb93522 Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:11:33 +0800 Subject: [PATCH 07/10] Update PaysapiController.php --- app/Http/Controllers/Pay/PaysapiController.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/Http/Controllers/Pay/PaysapiController.php b/app/Http/Controllers/Pay/PaysapiController.php index 5c4b51d9..f45f42e3 100644 --- a/app/Http/Controllers/Pay/PaysapiController.php +++ b/app/Http/Controllers/Pay/PaysapiController.php @@ -89,7 +89,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'error'; } - + if($payGateway->pay_handleroute != '/pay/paysapi'){ + return 'error'; + } $temps = md5($data['orderid'] . $data['orderuid'] . $data['paysapi_id'] . $data['price'] . $data['realprice'] . $payGateway->merchant_pem); if ($temps != $data['key']){ return 'fail'; From 8a27aad72612d81313872259967dc47cbe714c90 Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:18:14 +0800 Subject: [PATCH 08/10] Update WepayController.php --- app/Http/Controllers/Pay/WepayController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/WepayController.php b/app/Http/Controllers/Pay/WepayController.php index 124e8c3d..c17a521a 100644 --- a/app/Http/Controllers/Pay/WepayController.php +++ b/app/Http/Controllers/Pay/WepayController.php @@ -66,6 +66,9 @@ public function notifyUrl() if (!$payGateway) { return 'error'; } + if($payGateway->pay_handleroute != '/pay/wepay'){ + return 'fail'; + } $config = [ 'app_id' => $payGateway->merchant_id, 'mch_id' => $payGateway->merchant_key, From 31d9888eb23e7b8b0993b103c33d715d97023f48 Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:19:00 +0800 Subject: [PATCH 09/10] Update YipayController.php --- app/Http/Controllers/Pay/YipayController.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/Http/Controllers/Pay/YipayController.php b/app/Http/Controllers/Pay/YipayController.php index 0e1a5795..d2f8e7e3 100644 --- a/app/Http/Controllers/Pay/YipayController.php +++ b/app/Http/Controllers/Pay/YipayController.php @@ -67,6 +67,9 @@ public function notifyUrl(Request $request) if (!$payGateway) { return 'fail'; } + if($payGateway->pay_handleroute != '/pay/yipay'){ + return 'fail'; + } ksort($data); //重新排序$data数组 reset($data); //内部指针指向数组中的第一个元素 $sign = ''; From 640d1fc9cc71b9f6dc2338926c6a16fe5d506485 Mon Sep 17 00:00:00 2001 From: Chenxi-Chris <96986436+Chenxi-Chris@users.noreply.github.com> Date: Sun, 25 Dec 2022 12:23:23 +0800 Subject: [PATCH 10/10] Update WepayController.php --- app/Http/Controllers/Pay/WepayController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Http/Controllers/Pay/WepayController.php b/app/Http/Controllers/Pay/WepayController.php index c17a521a..1797053d 100644 --- a/app/Http/Controllers/Pay/WepayController.php +++ b/app/Http/Controllers/Pay/WepayController.php @@ -67,7 +67,7 @@ public function notifyUrl() return 'error'; } if($payGateway->pay_handleroute != '/pay/wepay'){ - return 'fail'; + return 'error'; } $config = [ 'app_id' => $payGateway->merchant_id,