Skip to content

I
iwl-live
Commit 8fad5972 authored by Antonio.Suerte's avatar Antonio.Suerte
Browse files
Options

Flat3 Webhook Security Enhancement

parent 68d36a59
Hide whitespace changes
Inline Side-by-side
Showing with 500 additions and 330 deletions
api/flat3/ConnectK2020.php 0 → 100644
View file @ 8fad5972
<?php
include_once "Flat3Webhook.php";
class ConnectK2020 extends Flat3Webhook{
public function __construct(){
/**
*
* setting flat3 webhook name
*
*/
parent::__construct("ConnectK2020");
}
public function listen(){
$this -> processTransactionData(VAL_STR_JPV_METHOD, "JP Voucher");
}
}
$connect = new ConnectK2020();
$connect -> listen();
\ No newline at end of file
api/flat3/Flat3Webhook.php 0 → 100644
View file @ 8fad5972
<?php
include_once "../../system/lib/config.php";
class Flat3Webhook extends System {
/**
*
* @var String
*/
private $ipAddress;
/**
*
* @var String
*/
private $requestData;
/**
*
* @var String
*/
private $depositData;
/**
*
* @var String
*/
private $accessLog;
/**
*
* @var String
*/
private $transLog;
/**
*
* @var String
*/
private $errorLog;
/**
*
* @var String
*/
private $webhookName;
/**
*
* @var object
*/
private $devSetting = NULL;
/**
*
* @var boolean
*/
private $devSettingEnabled = false;
public function __construct($webhookName = NO_STRING){
parent::__construct();
$this -> webhookName = $webhookName;
$this -> setParameter();
$this -> requestDetails();
$this -> validation();
}
private function setParameter(){
$this -> ipAddress = $this -> getColumnData($_SERVER, "REMOTE_ADDR");
$this -> requestData = $this -> getDataGet("data");
$this -> accessLog = "../Logs/SAPAY/Access";
$this -> transLog = "../Logs/SAPAY";
$this -> errorLog = "../Logs/SAPAY/Error";
$this -> devSetting = $this -> getRowData($this -> accessSelect("SELECT_DEV_SETTING", ["flat3_webhook"]));
if($this -> isLoopData($this -> devSetting)){
$this -> devSettingEnabled = $this -> getColumnData($this -> devSetting, "dev_setting_enabled");
if($this -> checkJSONString($this -> getColumnData($this -> devSetting, "dev_setting_value")))
$this -> devSetting = json_decode($this -> getColumnData($this -> devSetting, "dev_setting_value"));
}
}
private function requestDetails(){
$details = [
"ipAddress" => $this -> getColumnData($_SERVER, "REMOTE_ADDR"),
"method" => $this -> getColumnData($_SERVER, "REQUEST_METHOD"),
"headers" => apache_request_headers(),
"requestData" => [
"POST" => http_build_query($_POST),
"GET" => http_build_query($_GET)
]
];
if($this -> webhookName != NO_STRING)
$details["webhookName"] = $this -> webhookName;
$this -> logDetails(print_r($details, true), VAL_INT_1);
}
private function validation(){
$validationRemarks = [];
$directories = [
$this -> accessLog,
$this -> transLog,
$this -> errorLog
];
foreach($directories as $directory){
if(!@file_exists($directory))
mkdir($directory);
}
switch($this -> checkFlat3HookIpAddress()){
case NO_COUNT:
case VAL_INT_2:
$validationRemarks[] = [
"code" => "E01",
"message" => "Webhook IP Whitelister is missing"
];
break;
case VAL_INT_3:
$validationRemarks[] = [
"code" => "E02",
"message" => "Invalid IP Address: [{$this -> ipAddress}]"
];
break;
}
switch($this -> checkWebhookNameAvailability()){
case NO_COUNT:
case VAL_INT_2:
$validationRemarks[] = [
"code" => "E06",
"message" => "Webhook Availability checker not found"
];
break;
case VAL_INT_3:
$validationRemarks[] = [
"code" => "E07",
"message" => "Webhook ({$this -> webhookName}) is blocklisted."
];
break;
case VAL_INT_4:
$validationRemarks[] = [
"code" => "E08",
"message" => "No specified webhook name."
];
break;
}
if($this -> requestData != NO_STRING){
$this -> gatherPotentialDepositData();
$this -> verifyTransactionExistence();
$takens = array_column($this -> depositData, "taken");
if($this -> isLoopData($takens)){
$takens = json_encode($takens);
$validationRemarks[] = [
"code" => "E04",
"message" => "Transaction crediting cannot be processed due to the occurence of Potential Duplicate Transaction. {$takens}"
];
}
$userIds = array_column($this -> depositData, "userId");
if($this -> isLoopData($userIds)){
$fetchedAccounts = array_column($this -> accessSelect("SELECT_ACCOUNT_NUMS",
[$this -> getWhere("userId", COLUMN_USER_ACCOUNT)]), COLUMN_USER_ACCOUNT);
$found = [];
foreach($userIds as $userId){
if(!in_array($userId, $fetchedAccounts))
$found[] = $userId;
}
if($this -> isLoopData($found)){
$found = json_encode($found);
$validationRemarks[] = [
"code" => "E05",
"message" => "Non-existential Account No(s). found: {$found}"
];
}
}
}else{
$validationRemarks[] = [
"code" => "E03",
"message" => "Request Data is Empty"
];
}
if($this -> isLoopData($validationRemarks)){
$this -> logDetails(print_r($validationRemarks, true), VAL_INT_2);
die("NG");
}
}
private function gatherPotentialDepositData(){
$this -> depositData = [];
$splitData = explode('__', $this -> requestData);
foreach($splitData as $val){
$arrExplodeTmp1 = explode('/', $val);
$arrExplodeTmp2 = explode('@', $arrExplodeTmp1[VAL_INT_1]);
$this -> depositData[] = [
"userId" => $arrExplodeTmp2[VAL_INT_1],
"depositAmount" => $arrExplodeTmp2[NO_COUNT],
"flat3TransId" => $arrExplodeTmp1[NO_COUNT]
];
}
}
/**
*
* @param unknown $arrayCol
* @param unknown $tableCol
* @return string
*/
private function getWhere($arrayCol, $tableCol){
$orConds = NO_STRING;
if($this -> isLoopData($this -> depositData)){
foreach($this -> depositData as $key => $arrVal){
$needle = $this -> getColumnData($arrVal, $arrayCol);
$operator = ($key === 0
? "AND"
: "OR");
$orConds .= "{$operator} {$tableCol} = ('){$needle}(') ";
}
}
return $orConds;
}
private function verifyTransactionExistence(){
$flat3Trans = $this -> accessSelect("SELECT_FLAT3_DEPOSIT_TRANSNUM",
[$this -> getWhere("flat3TransId", "flat3_transaction_id")]);
foreach($flat3Trans as $row){
$transaction = $this -> getColumnData($row, "flat3_transaction_id");
foreach($this -> depositData as &$arrValue){
if(strcasecmp($this -> getColumnData($arrValue, "flat3TransId"), $transaction) === 0)
$arrValue["taken"] = $this -> getColumnData($arrValue, "flat3TransId");
}
}
if($this -> isLoopData($this -> depositData)){
$readableTrans = print_r($this -> depositData, true);
$this -> logDetails("Deposit Transaction(s): {$readableTrans}", VAL_INT_1);
}
}
private function checkWebhookNameAvailability(){
if($this -> webhookName == NO_STRING)
return VAL_INT_4;
if($this -> devSetting != null && is_object($this -> devSetting)){
/**
*
* this condition can bypass the validation if returns false.
*
*/
if(!$this -> devSettingEnabled)
return VAL_INT_1;
if(isset($this -> devSetting -> blocked_webhooks)){
$blockedWebhookNames = explode(",", $this -> devSetting -> blocked_webhooks);
if(in_array($this -> webhookName, $blockedWebhookNames))
return VAL_INT_3;
}else
return VAL_INT_2;
return VAL_INT_1;
}
return NO_COUNT;
}
private function checkFlat3HookIpAddress(){
if($this -> devSetting != null && is_object($this -> devSetting)){
/**
*
* this condition can bypass the validation if returns false.
*
*/
if(!$this -> devSettingEnabled)
return VAL_INT_1;
if(isset($this -> devSetting -> ip_address)){
$ipAddresses = explode(",", $this -> devSetting -> ip_address);
if(in_array($this -> ipAddress, $ipAddresses))
return VAL_INT_1;
}else
return VAL_INT_2;
return VAL_INT_3;
}
return NO_COUNT;
}
private function logDetails($content, $logType){
$logDate = date("Y-m-d");
$logTimestamp = date("[Y-m-d H:i:s]");
$logFile = NO_STRING;
switch($logType){
case VAL_INT_1:
$logFile = $this -> accessLog;
break;
case VAL_INT_2:
$logFile = $this -> errorLog;
break;
case VAL_INT_3:
$logFile = $this -> transLog;
break;
}
error_log(
"{$logTimestamp}\r\n{$content}\r\n", VAL_INT_3,
"{$logFile}/Log_{$logDate}.log");
}
private function sendCompleteMail(Array $deposit){
$userAccount = $this -> getColumnData($deposit, "userId");
$emailParams = [
$userAccount,
$this -> getNameCommon($userAccount),
$this -> getColumnData($deposit, "transaction_number"),
$this -> getColumnData($deposit, "date"),
JPY,
ltrim($this -> getColumnData($deposit, "depositAmount"), NO_COUNT),
JPY,
$this -> getColumnData($deposit, "toProcessAmount")
];
$this -> sendMailByTmp('deposit_jpv_complete.xml',
$emailParams,
$this -> getEMailCommon($userAccount),
VAR_CS_MAIL_ADDRESS);
}
private function readableTransactionData($transStack){
$readableCols = [
"Transaction Number",
"User Account",
"Amount Reflected",
"Currency",
"Method",
"Deposit Bank",
"Deposit Date",
"Fee",
"Comment",
"Create Time",
"Process User",
"Type",
"Error Flag",
"FLAT3 Transaction ID"
];
$readableReturn = [];
foreach($transStack as $key => $value)
$readableReturn[$readableCols[$key]] = $value;
return print_r($readableReturn, true);
}
public function processTransactionData($method, $depositBank){
$transactionDate = date("Y-m-d H:i:s");
foreach($this -> depositData as &$deposit){
$deposit["date"] = $transactionDate;
$deposit["transaction_number"] = $this -> getTransactionNumberCommon(VAR_TRANSACTION_DEPOSIT);
$deposit["toProcessAmount"] = floor($this -> getColumnData($deposit, "depositAmount") / 1.05);
$transStack = [
$this -> getColumnData($deposit, "transaction_number"),
$this -> getColumnData($deposit, "userId"),
$this -> getColumnData($deposit, "toProcessAmount"),
JPY,
$method,
$depositBank,
$this -> getColumnData($deposit, "date"),
NO_COUNT,
$this -> getColumnData($deposit, "flat3TransId").'/'
.$this -> getColumnData($deposit, "depositAmount").'@'
.$this -> getColumnData($deposit, "userId"),
$transactionDate,
"9999",
NO_COUNT,
NO_COUNT,
$this -> getColumnData($deposit, "flat3TransId")
];
$this -> accessModify("INSERT_DEPOSIT_FLAT3", $transStack, false);
$this -> sendCompleteMail($deposit);
$this -> logDetails("Completed: {$this -> readableTransactionData($transStack)}", VAL_INT_3);
}
echo "OK";
}
}
\ No newline at end of file
api/os_payment.php deleted 100644 → 0
View file @ 68d36a59
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
date_default_timezone_set('Asia/Tokyo');
include_once('../system/lib/config.php');
$_GET['IPAddress'] = $_SERVER['REMOTE_ADDR'];
error_log(date("[Y-m-d H:i:s]")." Flat3返回的数据变量为\r\n" . print_r($_GET,true)."\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'Flat3'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
$ipList = array(
'153.126.141.202',
'116.228.139.34',
'118.243.129.247',
'153.126.183.251',
'160.16.221.180',
'160.16.127.47',
'153.126.199.34',
'153.126.192.157',
'121.58.255.131',
'122.49.220.26',
'52.220.92.7'
);
if(@!isset($_SERVER['REMOTE_ADDR'])){
echo "IP not set";
error_log(date("[Y-m-d H:i:s]")." Flat3返回的数据变量为\r\n" . print_r($_GET,true)."\r\n IP not set \r\n\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'Flat3'.DIRECTORY_SEPARATOR.'Error'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
exit();
}elseif(!in_array($_SERVER['REMOTE_ADDR'], $ipList)){
echo "Not in AllowList";
error_log(date("[Y-m-d H:i:s]")." Flat3返回的数据变量为\r\n" . print_r($_GET,true)."\r\n". $_SERVER['REMOTE_ADDR'] ."\r\nNot in AllowList\r\n\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'Flat3'.DIRECTORY_SEPARATOR.'Error'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
exit();
}
$system = new System();
$get = $_GET;
$sqlObject = new mysql($system->getConfigValue(SECTION_DB,HOST_NAME),$system->getConfigValue(SECTION_DB,USER_NAME),$system->getConfigValue(SECTION_DB,LOGIN_PASS),$system->getConfigValue(SECTION_DB,TARGET_DB_NAME),'','UTF8');
$currency = JPY;
$date = date("Y-m-d H:i:s");
//处理返回数据
$ReturnResponse = explode('__',$system -> getColumnData($get,'data'));
$arrDeposit = array();
foreach($ReturnResponse as $key=>$val){
$arrTmp = array();
$arrExplodeTmp1 = explode('/',$val);
$arrExplodeTmp2 = explode('@',$arrExplodeTmp1[1]);
$arrTmp['TransactionID'] = $arrExplodeTmp1[0];
$arrTmp['DepositAmount'] = $arrExplodeTmp2[0];
$arrTmp['UserID'] = $arrExplodeTmp2[1];
$arrDeposit[] = $arrTmp;
}
//数据处理完毕
//Deposit表与array数组对应模型
$DepositModel = array(
'transaction_number'=>'TransactionID',
'user_account'=>'UserID',
'amount'=>'Amount',
'currency'=>'Currency',
'method'=>'Method',
'deposit_bank'=>'Bank',
'deposit_date'=>'Date',
'fee'=>'Fee',
'message'=>'Message',
'comment'=>'Comment',
'create_time'=>'Date',
'process_user'=>'User',
'type'=>'Type',
'err_flg'=>'Err_flg',
'flat3_transaction_id'=>'F3ID',
);
//array数组默认数据
$arrDepositTmp = array(
'Currency' => $currency,
'deposit_date' => $date,
'create_time'=> $date,
'Bank'=> 'Overseas',
'Method' => 'Overseas',
'User' => '9999',
'Type' => '0',
'Err_flg' => '0',
);
foreach($arrDeposit as $key=>$val){
//需要先查询有没有相同ID号订单
$sqlFlat3 = 'select flat3_transaction_id from t_deposit where flat3_transaction_id = "'.$val['TransactionID'].'"';
$resultFlat3 = $sqlObject -> query($sqlFlat3);
$rowFlat3 = $sqlObject -> fetch_assoc($resultFlat3);
//$rowFlat3 = '';
if(empty($rowFlat3)){
//没有结果,说明不是重复添加,可以进数据库
$arrTmp = array();
//根据内置方法取番号
$arrDepositTmp['TransactionID'] = $system-> getTransactionNumberCommon(VAR_TRANSACTION_DEPOSIT);
//$arrDepositTmp['TransactionID'] = trim(trim(date('YmdHis',time())).mt_rand(10000,99999));
$arrDepositTmp['F3ID'] = $val['TransactionID'];
$arrDepositTmp['UserID'] = $val['UserID'];
$arrDepositTmp['Amount'] = floor($val['DepositAmount'] / 1.05);
$arrDepositTmp['Fee'] = '0';
$arrDepositTmp['Comment'] = $val['TransactionID'].'/'.$val['DepositAmount'].'@'.$val['UserID'];
$arrDepositTmp['Date'] = $date;
foreach($DepositModel as $key=>$value){
if(isset($arrDepositTmp[$value])){
$arrTmp[$key] = $arrDepositTmp[$value];
}
}
$sql = 'insert into t_deposit '.$sqlObject -> InsertSql($arrTmp);
$sqlObject->query($sql);
//数据插入结束,发送邮件
$Params = array(); //设置参数
$Params[] = $val['UserID'];
$Params[] = $system -> getNameCommon($val['UserID']);
$Params[] = $arrDepositTmp['TransactionID'];
$Params[] = $date;
$Params[] = JPY;
$Params[] = ltrim($val['DepositAmount'],'0');
$Params[] = JPY;
$Params[] = $arrDepositTmp['Amount'];
//发送邮件
sendFlat3CompleteMail($system,$val['UserID'],$Params);
}else{
error_log(date("[Y-m-d H:i:s]")." FLAT3\r\n" . print_r($_GET,true)."\r\n Duplicate Transaction: ".$val['TransactionID']." \r\n\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'FLAT3'.DIRECTORY_SEPARATOR.'Error'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
echo "NG";
exit();
}
}
echo "OK";
/*-------------------------------------------------------------------------
* @function_name: CUP支付成功時邮件送信
* @parameter : 无
* @return : 无
-------------------------------------------------------------------------*/
function sendFlat3CompleteMail($system,$account,$params){
// 変数宣言部
$row = $system -> getRowData($system -> getAccountCommon($account));
$system -> sendMailByTmp('deposit_float3_complete.xml'
, $params
, $system -> getColumnData($row, COLUMN_MAIL)
, VAR_CS_MAIL_ADDRESS);
}
?>
\ No newline at end of file
api/sapay_webhook.php deleted 100644 → 0
View file @ 68d36a59
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
date_default_timezone_set('Asia/Tokyo');
include_once('../system/lib/config.php');
$_GET['IPAddress'] = $_SERVER['REMOTE_ADDR'];
error_log(date("[Y-m-d H:i:s]")." SAPAY\r\n" . print_r($_GET,true)."\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'SAPAY'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
$ipList = array(
'153.126.141.202',
'116.228.139.34',
'118.243.129.247',
'153.126.183.251',
'160.16.221.180',
'160.16.127.47',
'153.126.199.34',
'153.126.192.157',
'121.58.255.131',
'122.49.220.26',
'121.58.194.162',
'52.220.92.7'
);
if(@!isset($_SERVER['REMOTE_ADDR'])){
echo "IP not set";
error_log(date("[Y-m-d H:i:s]")." SAPAY\r\n" . print_r($_GET,true)."\r\n IP not set \r\n\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'SAPAY'.DIRECTORY_SEPARATOR.'Error'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
exit();
}elseif(!in_array($_SERVER['REMOTE_ADDR'], $ipList)){
echo "Not in AllowList";
error_log(date("[Y-m-d H:i:s]")." SAPAY\r\n" . print_r($_GET,true)."\r\n". $_SERVER['REMOTE_ADDR'] ."\r\nNot in AllowList\r\n\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'SAPAY'.DIRECTORY_SEPARATOR.'Error'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
exit();
}
$system = new System();
$get = $_GET;
$sqlObject = new mysql($system->getConfigValue(SECTION_DB,HOST_NAME),$system->getConfigValue(SECTION_DB,USER_NAME),$system->getConfigValue(SECTION_DB,LOGIN_PASS),$system->getConfigValue(SECTION_DB,TARGET_DB_NAME),'','UTF8');
$currency = JPY;
$date = date("Y-m-d H:i:s");
//处理返回数据
$ReturnResponse = explode('__',$system -> getColumnData($get,'data'));
$arrDeposit = array();
foreach($ReturnResponse as $key=>$val){
$arrTmp = array();
$arrExplodeTmp1 = explode('/',$val);
$arrExplodeTmp2 = explode('@',$arrExplodeTmp1[1]);
$arrTmp['TransactionID'] = $arrExplodeTmp1[0];
$arrTmp['DepositAmount'] = $arrExplodeTmp2[0];
$arrTmp['UserID'] = $arrExplodeTmp2[1];
$arrDeposit[] = $arrTmp;
}
//数据处理完毕
//Deposit表与array数组对应模型
$DepositModel = array(
'transaction_number'=>'TransactionID',
'user_account'=>'UserID',
'amount'=>'Amount',
'currency'=>'Currency',
'method'=>'Method',
'deposit_bank'=>'Bank',
'deposit_date'=>'Date',
'fee'=>'Fee',
'message'=>'Message',
'comment'=>'Comment',
'create_time'=>'Date',
'process_user'=>'User',
'type'=>'Type',
'err_flg'=>'Err_flg',
'flat3_transaction_id'=>'F3ID',
);
//array数组默认数据
$arrDepositTmp = array(
'Currency' => $currency,
'deposit_date' => $date,
'create_time'=> $date,
'Bank'=> 'JP Voucher',
'Method' => 'JPV',
'User' => '9999',
'Type' => '0',
'Err_flg' => '0',
);
foreach($arrDeposit as $key=>$val){
if(strpos($val['UserID'],'G')!==FALSE){
$ch = curl_init(VAL_STR_GAPI_FLAT3.$val['TransactionID'].'/'.$val['DepositAmount'].'@'.$val['UserID']);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
$error = 'No error';
if(curl_errno($ch)) {
$error = curl_error($ch);
}
curl_close($ch);
error_log(date("[Y-m-d H:i:s]")." FLAT3-GAPI\r\n" . print_r($_GET,true)."\r\n GAPI Response: ".$data."\r\n Error:".$error."\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'SAPAY'.DIRECTORY_SEPARATOR.'GAPI'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
if($data != 'OK'){
echo 'NG';
exit();
}
}else{
//需要先查询有没有相同ID号订单
$sqlFlat3 = 'select flat3_transaction_id from t_deposit where flat3_transaction_id = "'.$val['TransactionID'].'"';
$resultFlat3 = $sqlObject -> query($sqlFlat3);
$rowFlat3 = $sqlObject -> fetch_assoc($resultFlat3);
//$rowFlat3 = '';
if(empty($rowFlat3)){
//没有结果,说明不是重复添加,可以进数据库
$arrTmp = array();
//根据内置方法取番号
$arrDepositTmp['TransactionID'] = $system-> getTransactionNumberCommon(VAR_TRANSACTION_DEPOSIT);
//$arrDepositTmp['TransactionID'] = trim(trim(date('YmdHis',time())).mt_rand(10000,99999));
$arrDepositTmp['F3ID'] = $val['TransactionID'];
$arrDepositTmp['UserID'] = $val['UserID'];
$arrDepositTmp['Amount'] = floor($val['DepositAmount'] / 1.05);
$arrDepositTmp['Fee'] = '0';
$arrDepositTmp['Comment'] = $val['TransactionID'].'/'.$val['DepositAmount'].'@'.$val['UserID'];
$arrDepositTmp['Date'] = $date;
foreach($DepositModel as $key=>$value){
if(isset($arrDepositTmp[$value])){
$arrTmp[$key] = $arrDepositTmp[$value];
}
}
$sql = 'insert into t_deposit '.$sqlObject -> InsertSql($arrTmp);
$sqlObject->query($sql);
//数据插入结束,发送邮件
$Params = array(); //设置参数
$Params[] = $val['UserID'];
$Params[] = $system -> getNameCommon($val['UserID']);
$Params[] = $arrDepositTmp['TransactionID'];
$Params[] = $date;
$Params[] = JPY;
$Params[] = ltrim($val['DepositAmount'],'0');
$Params[] = JPY;
$Params[] = $arrDepositTmp['Amount'];
//发送邮件
sendFlat3CompleteMail($system,$val['UserID'],$Params);
}else{
error_log(date("[Y-m-d H:i:s]")." SAPAY\r\n" . print_r($_GET,true)."\r\n Duplicate Transaction: ".$val['TransactionID']." \r\n\r\n\r\n\r\n", 3, 'Logs'.DIRECTORY_SEPARATOR.'SAPAY'.DIRECTORY_SEPARATOR.'Error'.DIRECTORY_SEPARATOR.'Log_'.date("Y-m-d").'.log');
echo "NG";
exit();
}
}
}
echo "OK";
/*-------------------------------------------------------------------------
* @function_name: CUP支付成功時邮件送信
* @parameter : 无
* @return : 无
-------------------------------------------------------------------------*/
function sendFlat3CompleteMail($system,$account,$params){
// 変数宣言部
$row = $system -> getRowData($system -> getAccountCommon($account));
$system -> sendMailByTmp('deposit_jpv_complete.xml'
, $params
, $system -> getColumnData($row, COLUMN_MAIL)
, VAR_CS_MAIL_ADDRESS);
}
?>
system/lib/sql.xml
View file @ 8fad5972
......@@ -1685,6 +1685,62 @@
メッセージ
コメント
-->
<SELECT_FLAT3_DEPOSIT_TRANSNUM>
SELECT
flat3_transaction_id
FROM
t_deposit
WHERE 1
__ELEMENT01__
</SELECT_FLAT3_DEPOSIT_TRANSNUM>
<SELECT_ACCOUNT_NUMS>
SELECT
user_account
FROM
t_user
WHERE 1
__ELEMENT01__
</SELECT_ACCOUNT_NUMS>
<INSERT_DEPOSIT_FLAT3>
INSERT INTO t_deposit
(
transaction_number,
user_account,
amount,
currency,
method,
deposit_bank,
deposit_date,
fee,
comment,
create_time,
process_user,
type,
err_flg,
flat3_transaction_id
)
VALUES
(
'__ELEMENT01__',
'__ELEMENT02__',
'__ELEMENT03__',
'__ELEMENT04__',
'__ELEMENT05__',
'__ELEMENT06__',
'__ELEMENT07__',
'__ELEMENT08__',
'__ELEMENT09__',
'__ELEMENT10__',
'__ELEMENT11__',
'__ELEMENT12__',
'__ELEMENT13__',
'__ELEMENT14__'
)
</INSERT_DEPOSIT_FLAT3>
<INSERT_DEPOSIT>
INSERT INTO t_deposit (
user_account
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment