yunzerwebsite/pay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
pay/admin/ajax_order.php
李志强 09a14bf0a3 first commit
2025-11-28 10:08:12 +08:00

379 lines
16 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
include("../includes/common.php");
if($islogin==1){}else exit("<script language='javascript'>window.location.href='./login.php';</script>");
$act=isset($_GET['act'])?daddslashes($_GET['act']):null;
if(!checkRefererHost())exit('{"code":403}');
@header('Content-Type: application/json; charset=UTF-8');
switch($act){
case 'orderList':
$paytype = [];
$paytypes = [];
$rs = $DB->getAll("SELECT * FROM pre_type");
foreach($rs as $row){
$paytype[$row['id']] = $row['showname'];
$paytypes[$row['id']] = $row['name'];
}
unset($rs);
$sql=" 1=1";
if(isset($_POST['uid']) && !empty($_POST['uid'])) {
$uid = intval($_POST['uid']);
$sql.=" AND A.`uid`='$uid'";
}
if(isset($_POST['type']) && !empty($_POST['type'])) {
$type = intval($_POST['type']);
$sql.=" AND A.`type`='$type'";
}elseif(isset($_POST['channel']) && !empty($_POST['channel'])) {
$channel = intval($_POST['channel']);
$sql.=" AND A.`channel`='$channel'";
}elseif(isset($_POST['subchannel']) && !empty($_POST['subchannel'])) {
$subchannel = trim($_POST['subchannel']);
$subchannel = explode('|', $subchannel);
$subchannel = array_map('intval', $subchannel);
$sql.=" AND A.`subchannel` IN (".implode(",", $subchannel).")";
}
if(isset($_POST['dstatus']) && $_POST['dstatus']>-1) {
$dstatus = intval($_POST['dstatus']);
$sql.=" AND A.status={$dstatus}";
}
if(!empty($_POST['starttime']) || !empty($_POST['endtime'])){
if(!empty($_POST['starttime'])){
$starttime = daddslashes($_POST['starttime']);
$sql.=" AND A.addtime>='{$starttime} 00:00:00'";
}
if(!empty($_POST['endtime'])){
$endtime = daddslashes($_POST['endtime']);
$sql.=" AND A.addtime<='{$endtime} 23:59:59'";
}
}
if(isset($_POST['value']) && !empty($_POST['value'])) {
if($_POST['column']=='name'){
$sql.=" AND A.`{$_POST['column']}` like '%{$_POST['value']}%'";
}else{
if(($_POST['column'] == 'money' || $_POST['column'] == 'realmoney' || $_POST['column'] == 'getmoney') && strpos($_POST['value'],'-')){
$money = explode('-', $_POST['value']);
$sql.=" AND A.`{$_POST['column']}`>='{$money[0]}' AND A.`{$_POST['column']}`<='{$money[1]}'";
}else{
$sql.=" AND A.`{$_POST['column']}`='{$_POST['value']}'";
}
}
}
$offset = intval($_POST['offset']);
$limit = intval($_POST['limit']);
$total = $DB->getColumn("SELECT count(*) from pre_order A WHERE{$sql}");
$list = $DB->getAll("SELECT A.*,B.plugin FROM pre_order A LEFT JOIN pre_channel B ON A.channel=B.id WHERE{$sql} order by trade_no desc limit $offset,$limit");
$list2 = [];
foreach($list as $row){
$row['typename'] = $paytypes[$row['type']];
$row['typeshowname'] = $paytype[$row['type']];
$list2[] = $row;
}
exit(json_encode(['total'=>$total, 'rows'=>$list2]));
break;
case 'statistics':
$sql=" 1=1";
if(isset($_POST['uid']) && !empty($_POST['uid'])) {
$uid = intval($_POST['uid']);
$sql.=" AND A.`uid`='$uid'";
}
if(isset($_POST['type']) && !empty($_POST['type'])) {
$type = intval($_POST['type']);
$sql.=" AND A.`type`='$type'";
}elseif(isset($_POST['channel']) && !empty($_POST['channel'])) {
$channel = intval($_POST['channel']);
$sql.=" AND A.`channel`='$channel'";
}elseif(isset($_POST['subchannel']) && !empty($_POST['subchannel'])) {
$subchannel = intval($_POST['subchannel']);
$sql.=" AND A.`subchannel`='$subchannel'";
}
if(isset($_POST['dstatus']) && $_POST['dstatus']>-1) {
$dstatus = intval($_POST['dstatus']);
$sql.=" AND A.status={$dstatus}";
}
if(!empty($_POST['starttime']) || !empty($_POST['endtime'])){
if(!empty($_POST['starttime'])){
$starttime = daddslashes($_POST['starttime']);
$sql.=" AND A.addtime>='{$starttime} 00:00:00'";
}
if(!empty($_POST['endtime'])){
$endtime = daddslashes($_POST['endtime']);
$sql.=" AND A.addtime<='{$endtime} 23:59:59'";
}
}
if(isset($_POST['value']) && !empty($_POST['value'])) {
if($_POST['column']=='name'){
$sql.=" AND A.`{$_POST['column']}` like '%{$_POST['value']}%'";
}else{
if(($_POST['column'] == 'money' || $_POST['column'] == 'realmoney' || $_POST['column'] == 'getmoney') && strpos($_POST['value'],'-')){
$money = explode('-', $_POST['value']);
$sql.=" AND A.`{$_POST['column']}`>='{$money[0]}' AND A.`{$_POST['column']}`<='{$money[1]}'";
}else{
$sql.=" AND A.`{$_POST['column']}`='{$_POST['value']}'";
}
}
}
// 统计数据
$resultMoneyData = $DB->getRow("SELECT
SUM(money) AS totalMoney,
SUM(CASE WHEN A.status = 1 THEN money ELSE 0 END) AS successMoney,
SUM(CASE WHEN A.status = 0 THEN money ELSE 0 END) AS unpaidMoney,
SUM(CASE WHEN A.status = 2 THEN refundmoney ELSE 0 END) AS refundMoney
FROM pre_order A LEFT JOIN pre_channel B ON A.channel=B.id WHERE {$sql} order by trade_no desc");
$resultCount = $DB->getRow("SELECT
COUNT(*) AS totalCount,
SUM(CASE WHEN A.status = 1 THEN 1 ELSE 0 END) AS successCount,
SUM(CASE WHEN A.status = 0 THEN 1 ELSE 0 END) AS unpaidCount,
SUM(CASE WHEN A.status = 2 THEN 1 ELSE 0 END) AS refundCount
FROM pre_order A LEFT JOIN pre_channel B ON A.channel=B.id WHERE {$sql} order by trade_no desc");
// 获取平台总收入利润
$platformProfit = $DB->getColumn("SELECT SUM(A.profitmoney) FROM pre_order A LEFT JOIN pre_channel B ON A.channel=B.id WHERE {$sql} AND status = 1 order by trade_no desc");
$result = [
'totalMoney' => number_format($resultMoneyData['totalMoney'], 2, '.', '') ?? 0.00,
'successMoney' => number_format($resultMoneyData['successMoney'], 2, '.', '') ?? 0.00,
'unpaidMoney' => number_format($resultMoneyData['unpaidMoney'], 2, '.', '') ?? 0.00,
'refundMoney' => number_format($resultMoneyData['refundMoney'], 2, '.', '') ?? 0.00,
'totalCount' => $resultCount['totalCount'] ?? '0',
'successCount' => $resultCount['successCount'] ?? '0',
'unpaidCount' => $resultCount['unpaidCount'] ?? '0',
'refundCount' => $resultCount['refundCount'] ?? '0',
'platformProfit' => number_format($platformProfit, 2, '.', '') ?? 0.00
];
$result['successRate'] = $result['totalCount'] > 0 ? round(($result['totalCount']-$result['unpaidCount']) / $result['totalCount'] * 100, 2) : 0;
exit(json_encode(['code'=>0, 'data'=>$result]));
break;
case 'riskList':
$sql=" 1=1";
if(isset($_POST['value']) && !empty($_POST['value'])) {
$sql.=" AND `{$_POST['column']}`='{$_POST['value']}'";
}
if(isset($_POST['type']) && $_POST['type']>-1) {
$type = intval($_POST['type']);
$sql.=" AND `type`={$type}";
}
$offset = intval($_POST['offset']);
$limit = intval($_POST['limit']);
$total = $DB->getColumn("SELECT count(*) from pre_risk WHERE{$sql}");
$list = $DB->getAll("SELECT * FROM pre_risk WHERE{$sql} order by id desc limit $offset,$limit");
exit(json_encode(['total'=>$total, 'rows'=>$list]));
break;
case 'setStatus': //改变订单状态
$trade_no=trim($_GET['trade_no']);
$status=is_numeric($_GET['status'])?intval($_GET['status']):exit('{"code":200}');
if($status==5){
if($DB->exec("DELETE FROM pre_order WHERE trade_no='$trade_no'"))
exit('{"code":200}');
else
exit('{"code":400,"msg":"删除订单失败!['.$DB->error().']"}');
}else{
if($DB->exec("update pre_order set status='$status' where trade_no='$trade_no'")!==false)
exit('{"code":200}');
else
exit('{"code":400,"msg":"修改订单失败!['.$DB->error().']"}');
}
break;
case 'order': //订单详情
$trade_no=trim($_GET['trade_no']);
$row=$DB->getRow("select A.*,B.showname typename,C.name channelname from pre_order A,pre_type B,pre_channel C where trade_no='$trade_no' and A.type=B.id and A.channel=C.id limit 1");
if(!$row)
exit('{"code":-1,"msg":"当前订单不存在或未成功选择支付通道!"}');
$row['subchannelname'] = $row['subchannel'] > 0 ? $DB->findColumn('subchannel', 'name', ['id'=>$row['subchannel']]) : '';
if($row['status']==2){
$row['refundtime'] = $DB->findColumn('refundorder', 'addtime', ['trade_no'=>$trade_no], 'refund_no DESC');
}
$result=array("code"=>0,"msg"=>"succ","data"=>$row);
exit(json_encode($result));
break;
case 'subOrders':
$trade_no=trim($_GET['trade_no']);
$list = \lib\Payment::getSubOrders($trade_no);
exit(json_encode(['code'=>0, 'data'=>$list, 'settle'=>$DB->findColumn('order', 'settle', ['trade_no'=>$trade_no])]));
break;
case 'operation': //批量操作订单
$status=is_numeric($_POST['status'])?intval($_POST['status']):exit('{"code":-1,"msg":"请选择操作"}');
$checkbox=$_POST['checkbox'];
$i=0;
foreach($checkbox as $trade_no){
if($status==4)$DB->exec("DELETE FROM pre_order WHERE trade_no='$trade_no'");
elseif($status==3){
\lib\Order::unfreeze($trade_no);
}
elseif($status==2){
\lib\Order::freeze($trade_no);
}
else $DB->exec("update pre_order set status='$status' where trade_no='$trade_no' limit 1");
$i++;
}
exit('{"code":0,"msg":"成功改变'.$i.'条订单状态"}');
break;
case 'getmoney': //退款查询
if(!$conf['admin_paypwd'])exit('{"code":-1,"msg":"你还未设置支付密码"}');
$trade_no=trim($_POST['trade_no']);
$api=isset($_POST['api'])?intval($_POST['api']):0;
$result = \lib\Order::refund_info($trade_no, $api);
exit(json_encode($result));
break;
case 'refund': //退款操作
$trade_no=trim($_POST['trade_no']);
$money = trim($_POST['money']);
if(!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money))exit('{"code":-1,"msg":"金额输入错误"}');
$refund_no = date("YmdHis").rand(11111,99999);
$result = \lib\Order::refund($refund_no, $trade_no, $money);
if($result['code'] == 0){
$result['msg'] = '已成功从UID:'.$result['uid'].'扣除'.$result['reducemoney'].'元余额';
}
exit(json_encode($result));
break;
case 'apirefund': //API退款操作
$trade_no=trim($_POST['trade_no']);
$paypwd=trim($_POST['paypwd']);
$money = trim($_POST['money']);
if(!is_numeric($money) || !preg_match('/^[0-9.]+$/', $money))exit('{"code":-1,"msg":"金额输入错误"}');
if($paypwd!=$conf['admin_paypwd'])
exit('{"code":-1,"msg":"支付密码输入错误!"}');
$refund_no = date("YmdHis").rand(11111,99999);
$result = \lib\Order::refund($refund_no, $trade_no, $money, 1);
if($result['code'] == 0){
$result['msg'] = '退款成功!退款金额¥'.$result['money'];
if($result['reducemoney']>0){
$result['msg'] .= '并成功从UID:'.$result['uid'].'扣除'.$result['reducemoney'].'元余额';
}
}
exit(json_encode($result));
break;
case 'freeze': //冻结订单
$trade_no=trim($_POST['trade_no']);
$result = \lib\Order::freeze($trade_no);
exit(json_encode($result));
break;
case 'unfreeze': //解冻订单
$trade_no=trim($_POST['trade_no']);
$result = \lib\Order::unfreeze($trade_no);
exit(json_encode($result));
break;
case 'notify': //获取回调地址
$trade_no=trim($_POST['trade_no']);
$row=$DB->getRow("select * from pre_order where trade_no='$trade_no' limit 1");
if(!$row)
exit('{"code":-1,"msg":"当前订单不存在!"}');
$url=creat_callback($row);
if($row['notify']>0)
$DB->exec("update pre_order set notify=0,notifytime=NULL where trade_no='$trade_no'");
exit('{"code":0,"url":"'.($_POST['isreturn']==1?$url['return']:$url['notify']).'"}');
break;
case 'fillorder': //手动补单
$trade_no=trim($_POST['trade_no']);
$row=$DB->getRow("SELECT A.*,B.name typename,B.showname typeshowname FROM pre_order A left join pre_type B on A.type=B.id WHERE trade_no=:trade_no limit 1", [':trade_no'=>$trade_no]);
if(!$row)
exit('{"code":-1,"msg":"当前订单不存在!"}');
if($row['status']>0)exit('{"code":-1,"msg":"当前订单不是未完成状态!"}');
if($DB->exec("update `pre_order` set `status` ='1' where `trade_no`='$trade_no'")){
$DB->exec("update `pre_order` set `endtime` ='$date',`date` =NOW() where `trade_no`='$trade_no'");
$channel=\lib\Channel::get($row['channel']);
processOrder($row);
}
exit('{"code":0,"msg":"补单成功"}');
break;
case 'alipaydSettle': //支付宝直付通确认结算
$trade_no=trim($_POST['trade_no']);
$row=$DB->getRow("select * from pre_order where trade_no='$trade_no' limit 1");
if(!$row)
exit('{"code":-1,"msg":"当前订单不存在!"}');
if($row['status']==0)exit('{"code":-1,"msg":"当前订单状态是未支付"}');
$channel = $row['subchannel'] > 0 ? \lib\Channel::getSub($row['subchannel']) : \lib\Channel::get($row['channel'], $DB->findColumn('user', 'channelinfo', ['uid'=>$row['uid']]));
if(!$channel){
exit('{"code":-1,"msg":"当前支付通道信息不存在"}');
}
try{
if($channel['plugin'] == 'alipayd'){
\lib\Payment::alipaydSettle($channel, $row);
}elseif($channel['plugin'] == 'wxpaynp'){
\lib\Payment::wxpaynpSettle($channel, $row);
}else{
exit('{"code":-1,"msg":"支付插件不支持该操作"}');
}
$DB->exec("update `pre_order` set `settle`=2 where `trade_no`='$trade_no'");
exit('{"code":0,"msg":"结算成功!"}');
}catch(Exception $e){
$DB->exec("update `pre_order` set `settle`=3 where `trade_no`='$trade_no'");
exit('{"code":-1,"msg":"结算失败,'.$e->getMessage().'"}');
}
break;
case 'alipayPreAuthPay': //支付宝授权资金支付
$trade_no=trim($_POST['trade_no']);
$order=$DB->getRow("select * from pre_order where trade_no='$trade_no' limit 1");
if(!$order)
exit('{"code":-1,"msg":"当前订单不存在!"}');
$channel = $order['subchannel'] > 0 ? \lib\Channel::getSub($order['subchannel']) : \lib\Channel::get($order['channel'], $DB->findColumn('user', 'channelinfo', ['uid'=>$row['uid']]));
if(!$channel){
exit('{"code":-1,"msg":"当前支付通道信息不存在"}');
}
try{
$result = \lib\Payment::alipayPreAuthPay($channel, $order);
$api_trade_no = $result['trade_no'];
$buyer_id = $result['buyer_user_id'];
$total_amount = $result['total_amount'];
processNotify($order, $api_trade_no, $buyer_id);
exit('{"code":0,"msg":"授权资金支付成功!"}');
}catch(Exception $e){
$errmsg = $e->getMessage();
exit('{"code":-1,"msg":"授权资金支付失败,'.$errmsg.'"}');
}
break;
case 'alipayUnfreeze': //支付宝授权资金解冻
$trade_no=trim($_POST['trade_no']);
$order=$DB->getRow("select * from pre_order where trade_no='$trade_no' limit 1");
if(!$order)
exit('{"code":-1,"msg":"当前订单不存在!"}');
$channel = $order['subchannel'] > 0 ? \lib\Channel::getSub($order['subchannel']) : \lib\Channel::get($order['channel'], $DB->findColumn('user', 'channelinfo', ['uid'=>$row['uid']]));
if(!$channel){
exit('{"code":-1,"msg":"当前支付通道信息不存在"}');
}
try{
\lib\Payment::alipayUnfreeze($channel, $order);
$DB->exec("update `pre_order` set `status`=0 where `trade_no`='$trade_no'");
exit('{"code":0,"msg":"授权资金解冻成功!"}');
}catch(Exception $e){
$errmsg = $e->getMessage();
exit('{"code":-1,"msg":"授权资金解冻失败,'.$errmsg.'"}');
}
break;
case 'alipayRedPacketTansfer': //支付宝红包转账重试
$trade_no=trim($_POST['trade_no']);
$order=$DB->getRow("select * from pre_order where trade_no='$trade_no' limit 1");
if(!$order)
exit('{"code":-1,"msg":"当前订单不存在!"}');
$channel = $order['subchannel'] > 0 ? \lib\Channel::getSub($order['subchannel']) : \lib\Channel::get($order['channel'], $DB->findColumn('user', 'channelinfo', ['uid'=>$row['uid']]));
if(!$channel){
exit('{"code":-1,"msg":"当前支付通道信息不存在"}');
}
if(!empty($channel['appmchid'])) $payee_user_id = $channel['appmchid'];
else $payee_user_id = $DB->findColumn('user', 'alipay_uid', ['uid'=>$order['uid']]);
if(!$payee_user_id) exit('{"code":-1,"msg":"当前商户未绑定支付宝账号"}');
try{
\lib\Payment::alipayRedPacketTransfer($channel, $payee_user_id, $order['money'], $order['api_trade_no']);
$DB->exec("update `pre_order` set `settle`=2 where `trade_no`='$trade_no'");
exit('{"code":0,"msg":"红包打款成功!"}');
}catch(Exception $e){
$errmsg = $e->getMessage();
exit('{"code":-1,"msg":"红包打款失败,'.$errmsg.'"}');
}
break;
default:
exit('{"code":-4,"msg":"No Act"}');
break;
}
Reference in New Issue View Git Blame Copy Permalink