php处理苹果支付接口回调

最新推荐文章于 2024-08-29 08:10:22 发布

原创最新推荐文章于 2024-08-29 08:10:22 发布 · 3.4k 阅读

2 ·

CC 4.0 BY-SA版权

文章标签：

#支付 #苹果

PHP 同时被 2 个专栏收录

23 篇文章

订阅专栏

apple-pay

1 篇文章

订阅专栏

本文分享了使用PHP实现苹果AppStore内支付回调接口的过程，包括处理支付后的业务逻辑、验证思路及常见状态码说明。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

需求：公司开发了一个应用，接入了苹果支付（其实是AppStore内支付，因为是虚拟商品，所有不能直接接入app pay），客户端做好了，要PHP(我）对接支付回调接口，处理支付后的业务逻辑(修改订单状态，发送短信通知客户，修改用户购买的套餐)。

接入AppStore内支付，一波三折，因为之前没有做过这方面的开发。看文档也全部是英文的，看的很费劲，乘着这次我把用php的经历写出来，写的不好的地方，请大家多多指正批评。

下面是我的代码：

// 苹果支付验证 接口  
    //   
    // @param string $receipt 收到的数据  
    // @param boolean $isSandbox 是否是沙盒模式,true,false  
    function getreceiptdata(){  
        $receipt = $_REQUEST['strReceipt'];  
        $username = addslashes($_REQUEST['username']);//用户名  
        $tc = $_REQUEST['pid'];//套餐类型  
        $isSandbox = true;  
        //如果是沙盒模式，请求苹果测试服务器,反之，请求苹果正式的服务器  
        if ($isSandbox) {  
            $endpoint = 'https://sandbox.itunes.apple.com/verifyReceipt';  
        }  
        else {  
            $endpoint = 'https://buy.itunes.apple.com/verifyReceipt';  
        }  

        $postData = json_encode(  
                array('receipt-data' => $receipt)  
        );  

        $ch = curl_init($endpoint);  
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);  
        curl_setopt($ch, CURLOPT_POST, true);  
        curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);  
        curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);  //这两行一定要加，不加会报SSL 错误  
        curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);  


        $response = curl_exec($ch);  
        $errno    = curl_errno($ch);  
        $errmsg   = curl_error($ch);  
        curl_close($ch);  

        $data = json_decode($response);  

        //判断时候出错，抛出异常  
        if ($errno != 0) {  
            //throw new \Exception($errmsg, $errno);  
            //$arr = array('status'=>'fail','code'=>'-3','msg'=>'判断时候出错，抛出异常');  
            //echo json_encode($arr);exit;  
            $xml = '<?xml version="1.0" encoding="utf-8"?>';  
            $xml .= '';  
            $xml .= "fail";  
            $xml .= "<code>3</code>";  
            $xml .= "判断时候出错，抛出异常";  
            $xml .= '';  
            echo $xml;exit;  


        }  

        //判断返回的数据是否是对象  
        if (!is_object($data)) {  
            //E('Invalid response data');//无效的响应数据  
            //$arr = array('status'=>'fail','code'=>'-2','msg'=>'无效的响应数据');  
            //echo json_encode($arr);exit;  
            $xml = '<?xml version="1.0" encoding="utf-8"?>';  
            $xml .= '';  
            $xml .= "fail";  
            $xml .= "<code>-2</code>";  
            $xml .= "无效的响应数据";  
            $xml .= '';  
            echo $xml;exit;  
        }  
        //判断购买时候成功  
        if (!isset($data->status) || $data->status != 0) {  
            //E('Invalid receipt');//无效的收据  
            //$arr = array('status'=>'fail','code'=>'-1','msg'=>'无效的收据');  
            //echo json_encode($arr);exit;  
            $xml = '<?xml version="1.0" encoding="utf-8"?>';  
            $xml .= '';  
            $xml .= "fail";  
            $xml .= "<code>-1</code>";  
            $xml .= "无效的收据";  
            $xml .= '';  
            echo $xml;exit;  
        }  

        $order = $data->receipt->in_app;//所有的订单的信息  
        $k = count($order) -1;  
        $need = $order[$k];//需要的那个订单  


        //下面进行业务处理了，根据用户购买的套餐，给他开通相应的套餐、时间  
        //新建一个订单，已支付状态,  
        //把购买的套餐的时间加到该账号  


    }

我这里的是客户端(ios）调用我的接口，客户端传用户名，套餐类型，还有苹果发送的数据过来。返回的是xml格式的数据，其实最好是用json返回给客户端，我这里是客户端要求返回xml,代码写的很烂。没有做其他的任何验证，如果你们自己验证的话，一定要验证全面一些。我只是把验证思路贴出来。

Status codes

Status Code	Description
21000	The App Store could not read the JSON object you provided.
21002	The data in the receipt-data property was malformed or missing.
21003	The receipt could not be authenticated.
21004	The shared secret you provided does not match the shared secret on file for your account.
21005	The receipt server is not currently available.
21006	This receipt is valid but the subscription has expired. When this status code is returned to your server, the receipt data is also decoded and returned as part of the response.Only returned for iOS 6 style transaction receipts for auto-renewable subscriptions.
21007	This receipt is from the test environment, but it was sent to the production environment for verification. Send it to the test environment instead.
21008	This receipt is from the production environment, but it was sent to the test environment for verification. Send it to the production environment instead.
21010	This receipt could not be authorized. Treat this the same as if a purchase was never made.
21100-21199	Internal data access error.