mojiahui/webman-buildadmin
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.配置新版支付模块-菜单和接口都已重构

Browse Source 
2.优化充值提现页面
3.菜单翻译问题
4.备份数据库
This commit is contained in:
zhenhui
2026-04-30 11:37:46 +08:00
parent e8c2b9d345
commit c7fc754573
23 changed files with 4042 additions and 400 deletions
Download Patch File Download Diff File Expand all files Collapse all files

735
app/api/controller/Finance.php
View File

@@ -4,8 +4,8 @@ declare(strict_types=1);
namespace app\api\controller;
use app\common\library\finance\DepositMockGateway;
use app\common\library\finance\DepositSettlement;
use app\common\library\finance\DDPayGateway;
use app\common\library\finance\WithdrawFlow;
use app\common\library\game\DepositChannel as DepositChannelLib;
use app\common\library\game\DepositTier as DepositTierLib;
@@ -14,23 +14,33 @@ use app\common\model\DepositOrder;
use app\common\model\GameConfig;
use app\common\model\WithdrawOrder;
use app\common\service\DepositOrderExpireService;
use support\Log;
use support\Response;
use support\think\Db;
use Throwable;
use RuntimeException;
use Webman\Http\Request;
use function response;
class Finance extends MobileBase
{
/**
* 模拟第三方收银台页与支付回调,无需 user-token仅 HMAC 防篡改
* DDPay Webhook / 重定向等无需用户登录态
*/
protected array $noNeedLogin = ['depositMockPayPage', 'depositMockNotify'];
protected array $noNeedLogin = [
'ddpayDepositNotify',
'ddpayPayoutNotify',
];
/**
* 允许浏览器直接打开 pay_url 而不带 auth-token。
* DDPay 回调与重定向允许浏览器直接访问(无 auth-token
*/
protected array $noNeedAuthToken = ['depositMockPayPage', 'depositMockNotify'];
protected array $noNeedAuthToken = [
'ddpayDepositNotify',
'ddpayDepositRedirect',
'ddpayPayoutNotify',
'ddpayPayoutRedirect',
];
/**
* 充值档位列表(仅启用档位,按 sort 升序)
@@ -67,7 +77,7 @@ class Finance extends MobileBase
'bonus_amount' => $this->amountNumber($bonus),
'total_amount' => $this->amountNumber($total),
'desc' => $localized['desc'],
'channels' => DepositChannelLib::channelsForTier($tierId, $effectiveChannels, $lang),
'channels' => DepositChannelLib::channelsForTier($tierId, $effectiveChannels, $lang, $currency),
];
}
return $this->mobileSuccess([
@@ -88,22 +98,16 @@ class Finance extends MobileBase
}
/**
* 创建充值订单
* 创建充值订单(仅 DDPay
*
* 当前为 mock 支付网关:本接口仅创建待支付订单并返回 pay_url。
* 未来接入真实第三方支付时,仅需替换 pay_url 生成与回调验签,入账仍在回调中调用 DepositSettlement::settle。
* `channel_code` 必须为 `ddpay`。服务端创建待支付订单后调用 DDPay「入金发起」返回三方 `payment_url` 作为 `pay_url`
* 入账由 `ddpayDepositNotify` Webhook 验签后调用 `DepositSettlement::settle`(或发起响应中 `transaction_status=completed` 时同步结算)
*
* 请求application/json 或 x-www-form-urlencoded
* - tier_id / tier_key: 必填,档位唯一标识(与 depositTierList 中 id、tier_key 一致)
* - channel_code: 必填,支付渠道代码(与 depositTierList 各档位 channels[].code 一致
* - idempotency_key: 必填,客户端幂等键,短时间内重复提交只生成一次订单
* - tier_id / tier_key、channel_code=ddpay、idempotency_key必填
* - payment_type、payer_name、payer_bank_nameDDPay 入金必填(见 DDPay 文档与移动端接口说明
*
* 流程:仅创建 `status=0` 的待支付订单,返回 `pay_url`(含签名的模拟「第三方收银台」页);玩家打开后点确认,
* 由服务端 `depositMockNotify` 模拟网关联调完成入账。未来接入真实三方时,将「打开 pay_url + 等回调」替换为
* 真网关,入账仍走 `DepositSettlement::settle`。
*
* 响应(统一结构,未来接入第三方也保持此形状):
* - order_no / amount / pay_channel / paid / pay_url / status / create_time / pay_time
* 响应:`order_no` / `amount` / `pay_channel` / `paid` / `pay_url` / `status` / `create_time` / `pay_time`
*/
public function depositCreate(Request $request): Response
{
@@ -124,6 +128,9 @@ class Finance extends MobileBase
if (mb_strlen($idempotencyKey) > 64) {
return $this->mobileError(1002, 'Idempotency key is too long');
}
if ($channelCode !== 'ddpay') {
return $this->mobileError(2004, 'Deposit only supports DDPay');
}
$tiers = $this->loadEnabledTiers();
$tier = DepositTierLib::findById($tiers, $tierId);
@@ -167,6 +174,9 @@ class Finance extends MobileBase
if ($curSnap === '') {
$curSnap = 'CNY';
}
if (!DepositChannelLib::assertChannelAllowsCurrency($channelCode, $curSnap, $effectiveChannels)) {
return $this->mobileError(2004, 'Pay channel not available for this currency');
}
$tierSnapshot = [
'id' => $tier['id'],
'title' => is_string($tier['title'] ?? null) ? $tier['title'] : '',
@@ -213,8 +223,138 @@ class Finance extends MobileBase
return $this->mobileError(2000, $msg);
}
// 仅落待支付单;真实入账在模拟网关联调 depositMockNotify 中完成
return $this->mobileSuccess($this->buildDepositResponse($order, $this->publicOriginFromRequest($request)));
$orderId = is_numeric($order->id ?? null) ? intval(strval($order->id)) : 0;
$publicOrigin = $this->publicOriginFromRequest($request);
// DDPay 入金:创建订单后,调用三方「入金发起」拿到 payment_url并在回调里验签结算。
$toString = static function (mixed $v): string {
if (is_string($v)) {
return trim($v);
}
if (is_numeric($v)) {
return trim(strval($v));
}
return '';
};
$paymentType = $toString($request->input('payment_type'));
if ($paymentType === '') {
$paymentType = $toString($request->input('paymentType'));
}
$payerName = $toString($request->input('payer_name'));
if ($payerName === '') {
$payerName = $toString($request->input('payerName'));
}
$payerBankName = $toString($request->input('payer_bank_name'));
if ($payerBankName === '') {
$payerBankName = $toString($request->input('payer_bank[name]'));
}
if ($payerBankName === '') {
$payerBankName = $toString($request->input('payerBankName'));
}
if ($paymentType === '' || $payerName === '' || $payerBankName === '') {
return $this->mobileError(1001, 'Missing DDPay parameters');
}
$callbackUrl = rtrim($publicOrigin, '/') . '/api/finance/ddpayDepositNotify';
$redirectUrl = rtrim($publicOrigin, '/') . '/api/finance/ddpayDepositRedirect?order_no=' . rawurlencode($orderNo);
$ddReq = [
'client_id' => config('app.ddpay_client_id', ''),
'identifier' => config('app.ddpay_identifier', ''),
'order_id' => $orderNo,
'payment_type' => $paymentType,
'transaction_amount' => $tierSnapshot['pay_amount'],
'payer_name' => $payerName,
'payer_bank[name]' => $payerBankName,
'callback_url' => $callbackUrl,
'redirect_url' => $redirectUrl,
];
try {
$ddResp = DDPayGateway::depositInitiation($ddReq);
} catch (Throwable $e) {
Log::error('[depositCreate] ddpay initiation failed: ' . json_encode([
'order_no' => $orderNo,
'user_id' => $userId,
'exception' => get_class($e),
'reason' => $e->getMessage(),
], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
if ($orderId > 0) {
$remark = '[ddpay] ' . $e->getMessage();
$remark = mb_substr($remark, 0, 255);
Db::name('deposit_order')
->where('id', $orderId)
->where('status', 0)
->update([
'status' => 2,
'remark' => $remark,
'update_time' => time(),
]);
}
return $this->mobileError(2000, 'DDPay deposit initiation failed');
}
$ts = '';
if (isset($ddResp['transaction_status']) && is_string($ddResp['transaction_status'])) {
$ts = strtolower(trim($ddResp['transaction_status']));
}
$paymentUrl = '';
if (isset($ddResp['payment_url']) && is_string($ddResp['payment_url'])) {
$paymentUrl = trim($ddResp['payment_url']);
}
if ($orderId > 0) {
$snapUpdate = $tierSnapshot;
if ($paymentUrl !== '') {
$snapUpdate['payment_url'] = $paymentUrl;
}
$snapUpdate['ddpay'] = $ddResp;
Db::name('deposit_order')
->where('id', $orderId)
->update([
'pay_account_snapshot' => json_encode($snapUpdate, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES),
]);
}
if ($ts === 'completed' && $orderId > 0) {
try {
DepositSettlement::settle(
$orderId,
DepositSettlement::SOURCE_THIRD_PARTY,
'ddpay deposit initiation completed',
null,
'transaction_status=' . $ts
);
} catch (Throwable $e) {
// 已有状态不允许 settlement 时忽略,返回当前订单状态即可
}
}
if ($ts === 'failed' && $orderId > 0) {
$statusMsg = is_string($ddResp['status_message'] ?? null) ? trim($ddResp['status_message']) : 'DDPay transaction failed';
$remark = '[ddpay] ' . $statusMsg;
$remark = mb_substr($remark, 0, 255);
Db::name('deposit_order')
->where('id', $orderId)
->where('status', 0)
->update([
'status' => 2,
'remark' => $remark,
'update_time' => time(),
]);
}
$fresh = DepositOrder::where('id', $orderId)->find();
if ($fresh) {
return $this->mobileSuccess($this->buildDepositResponse($fresh, $publicOrigin));
}
return $this->mobileSuccess($this->buildDepositResponse($order, $publicOrigin));
}
/**
@@ -231,8 +371,23 @@ class Finance extends MobileBase
$total = bcadd($amount, $bonus, 2);
$on = is_string($order->order_no) ? $order->order_no : strval($order->order_no);
$payUrl = '';
$payChannel = is_string($order->pay_channel) ? $order->pay_channel : strval($order->pay_channel);
if ($this->intValue($order->status) === 0 && $on !== '') {
$payUrl = DepositMockGateway::payPageUrl($on, $publicOrigin);
if ($payChannel === 'ddpay') {
$snapRaw = $order->pay_account_snapshot ?? null;
$snap = null;
if (is_array($snapRaw)) {
$snap = $snapRaw;
} elseif (is_string($snapRaw) && trim($snapRaw) !== '') {
$decoded = json_decode($snapRaw, true);
if (is_array($decoded)) {
$snap = $decoded;
}
}
if (is_array($snap) && isset($snap['payment_url']) && is_string($snap['payment_url'])) {
$payUrl = trim($snap['payment_url']);
}
}
}
return [
'order_no' => $on,
@@ -241,7 +396,7 @@ class Finance extends MobileBase
'total_amount' => $this->amountNumber($total),
'status' => $status,
'paid' => $paid,
'pay_channel' => is_string($order->pay_channel) ? $order->pay_channel : strval($order->pay_channel),
'pay_channel' => $payChannel,
'pay_url' => $payUrl,
'create_time' => is_numeric(strval($order->create_time)) ? intval(strval($order->create_time)) : 0,
'pay_time' => is_numeric(strval($order->pay_time)) ? intval(strval($order->pay_time)) : 0,
@@ -249,93 +404,154 @@ class Finance extends MobileBase
}
/**
* 根据请求拼出公网 origin用于给客户端直接可用的完整 pay_url
* 公网根 URL优先环境变量 DDPAY_PUBLIC_BASE_URL否则按请求推导见 DDPayGateway::publicBaseUrlForCallbacks
*/
private function publicOriginFromRequest(Request $request): string
{
$proto = strtolower((string) $request->header('x-forwarded-proto', ''));
$https = $proto === 'https' || strtolower((string) $request->header('x-forwarded-ssl', '')) === 'on';
$scheme = $https ? 'https' : 'http';
$host = trim((string) $request->header('host', ''));
if ($host === '') {
$host = trim((string) ($request->header('x-forwarded-host', '')));
}
if ($host === '') {
$host = '127.0.0.1:8787';
}
return $scheme . '://' . $host;
return DDPayGateway::publicBaseUrlForCallbacks($request);
}
/**
* 模拟第三方支付收银台HTML。玩家浏览器打开点击按钮即向 depositMockNotify 发起回调
* DDPay Webhook 回调:验签后把 deposit_order 更新为 paid/failed
*
* 文档要求:返回纯文本 + HTTP 200避免三方重复推送
*/
public function depositMockPayPage(Request $request): Response
public function ddpayDepositNotify(Request $request): Response
{
// Webman Request::input() 需要传 keyWebhook 签名计算只依赖文档列出的固定字段。
$payload = [
'client_id' => $request->input('client_id'),
'order_id' => $request->input('order_id'),
'transaction_status' => $request->input('transaction_status'),
'timestamp' => $request->input('timestamp'),
'transaction_amount' => $request->input('transaction_amount'),
'signature' => $request->input('signature'),
];
$verified = false;
try {
$verified = DDPayGateway::verifyWebhookSignature($payload);
} catch (Throwable $e) {
$verified = false;
}
if (!$verified) {
return response('Invalid signature', 403, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$orderNoRaw = $payload['order_id'] ?? '';
$orderNo = is_string($orderNoRaw) ? trim($orderNoRaw) : (is_numeric($orderNoRaw) ? strval($orderNoRaw) : '');
if ($orderNo === '') {
return response('Missing order_id', 400, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$statusRaw = $payload['transaction_status'] ?? '';
$status = is_string($statusRaw) ? strtolower(trim($statusRaw)) : '';
$order = DepositOrder::where('order_no', $orderNo)->find();
if (!$order) {
// 订单不存在通常是传参错误:直接 ack 以避免重复重试轰炸。
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
// 快照写入(不影响主流程)
try {
$snapRaw = $order->pay_account_snapshot ?? null;
$snap = null;
if (is_array($snapRaw)) {
$snap = $snapRaw;
} elseif (is_string($snapRaw) && trim($snapRaw) !== '') {
$decoded = json_decode($snapRaw, true);
if (is_array($decoded)) {
$snap = $decoded;
}
}
if (!is_array($snap)) {
$snap = [];
}
$snap['ddpay_webhook'] = $payload;
Db::name('deposit_order')
->where('id', intval(strval($order->id)))
->update([
'pay_account_snapshot' => json_encode($snap, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES),
]);
} catch (Throwable $e) {
// ignore
}
if ($this->intValue($order->status) === 0) {
if ($status === 'completed') {
try {
DepositSettlement::settle(
intval(strval($order->id)),
DepositSettlement::SOURCE_THIRD_PARTY,
'ddpay webhook completed',
null,
'transaction_status=' . $status
);
} catch (Throwable $e) {
// settlement 不允许非待支付状态时忽略
}
} elseif ($status === 'failed') {
$amtRaw = $payload['transaction_amount'] ?? null;
$amt = is_string($amtRaw) ? trim($amtRaw) : (is_numeric($amtRaw) ? strval($amtRaw) : '');
$remark = '[ddpay] transaction failed' . ($amt !== '' ? ' amount=' . $amt : '');
$remark = mb_substr($remark, 0, 255);
Db::name('deposit_order')
->where('id', intval(strval($order->id)))
->where('status', 0)
->update([
'status' => 2,
'remark' => $remark,
'update_time' => time(),
]);
}
}
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
/**
* DDPay redirect_url展示“请返回 APP 查看余额”提示。
*/
public function ddpayDepositRedirect(Request $request): Response
{
$response = $this->initializeMobile($request);
if ($response !== null) {
return $response;
}
$orderNo = $this->stringParam($request->input('order_no'));
$sign = $this->stringParam($request->input('sign'));
if ($orderNo === '' || $sign === '' || !DepositMockGateway::verifyOrderNo($orderNo, $sign)) {
return response('Invalid or expired payment link', 403, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$order = DepositOrder::where('order_no', $orderNo)->find();
if (!$order) {
return response('Order not found', 404, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
DepositOrderExpireService::expirePendingOrders(null, $orderNo);
$order = DepositOrder::where('order_no', $orderNo)->find();
if (!$order) {
return response('Order not found', 404, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
if ($this->intValue($order->status) !== 0) {
$st = $this->mapDepositStatus($order->status);
$msg = 'Order status: ' . $st;
if ($st === 'paid') {
$msg = 'This order is already paid. You can return to the app.';
}
$msgEsc = htmlspecialchars($msg, ENT_QUOTES, 'UTF-8');
$statusRaw = $request->input('transaction_status');
$status = is_string($statusRaw) ? strtolower(trim($statusRaw)) : '';
$title = htmlspecialchars((string) __('Deposit'), ENT_QUOTES, 'UTF-8');
return response('<!doctype html><html><head><meta charset="utf-8"><title>' . $title . '</title></head><body><p>' . $msgEsc . '</p></body></html>', 200, [
'Content-Type' => 'text/html; charset=utf-8',
]);
$lang = $this->currentLang();
$isZh = str_starts_with($lang, 'zh');
$msg = $isZh ? '已收到支付,请返回 App 查看余额。' : 'Payment received. You can return to the app to check your balance.';
if ($status === 'completed') {
$msg = $isZh ? '支付已完成,建议返回 App 查看结果。' : 'Payment completed. Returning to the app is recommended.';
} elseif ($status === 'failed') {
$msg = $isZh ? '支付失败,请稍后重试。' : 'Payment failed. Please try again.';
}
$amount = $this->amountString($order->amount);
$bonus = $this->amountString($order->bonus_amount);
$noEsc = htmlspecialchars($orderNo, ENT_QUOTES, 'UTF-8');
$signEsc = htmlspecialchars($sign, ENT_QUOTES, 'UTF-8');
$payChannel = is_string($order->pay_channel) ? htmlspecialchars($order->pay_channel, ENT_QUOTES, 'UTF-8') : '';
$tMockPay = htmlspecialchars((string) __('Mock payment'), ENT_QUOTES, 'UTF-8');
$tCashier = htmlspecialchars((string) __('Mock third-party cashier'), ENT_QUOTES, 'UTF-8');
$tOrderNo = htmlspecialchars((string) __('Order No'), ENT_QUOTES, 'UTF-8');
$tPayChannel = htmlspecialchars((string) __('Pay channel'), ENT_QUOTES, 'UTF-8');
$tAmountLabel = htmlspecialchars((string) __('Amount (fiat/pricing)'), ENT_QUOTES, 'UTF-8');
$tBonus = htmlspecialchars((string) __('Bonus'), ENT_QUOTES, 'UTF-8');
$tCoin = htmlspecialchars((string) __('coin'), ENT_QUOTES, 'UTF-8');
$tHint = (string) __('Click the button below to simulate successful third-party payment; the server will callback and settle the deposit.');
$tHintEsc = htmlspecialchars($tHint, ENT_QUOTES, 'UTF-8');
$tConfirm = htmlspecialchars((string) __('Confirm payment (simulate success)'), ENT_QUOTES, 'UTF-8');
$html = '<!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>' . $tMockPay . '</title></head><body style="font-family:system-ui;padding:1rem">';
$html .= '<h2>' . $tCashier . '</h2>';
$html .= '<p>' . $tOrderNo . ': ' . $noEsc . '</p>';
$html .= '<p>' . $tPayChannel . ': ' . $payChannel . '</p>';
$html .= '<p>' . $tAmountLabel . ': ' . htmlspecialchars($amount, ENT_QUOTES, 'UTF-8') . ' + ' . $tBonus . ' ' . htmlspecialchars($bonus, ENT_QUOTES, 'UTF-8') . ' (' . $tCoin . ')</p>';
$html .= '<p>' . $tHintEsc . '</p>';
$html .= '<form method="post" action="/api/finance/depositMockNotify" style="margin-top:1rem">';
$html .= '<input type="hidden" name="order_no" value="' . $noEsc . '">';
$html .= '<input type="hidden" name="sign" value="' . $signEsc . '">';
$html .= '<button type="submit" style="padding:0.5rem 1rem">' . $tConfirm . '</button>';
$html .= '</form></body></html>';
$orderNoEsc = htmlspecialchars($orderNo, ENT_QUOTES, 'UTF-8');
$msgEsc = htmlspecialchars($msg, ENT_QUOTES, 'UTF-8');
$html = '<!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>DDPay</title></head><body style="font-family:system-ui;padding:1rem">';
$html .= '<h2>DDPay</h2>';
if ($orderNoEsc !== '') {
$html .= '<p>Order: ' . $orderNoEsc . '</p>';
}
$html .= '<p>' . $msgEsc . '</p>';
$html .= '</body></html>';
return response($html, 200, [
'Content-Type' => 'text/html; charset=utf-8',
@@ -343,56 +559,177 @@ class Finance extends MobileBase
}
/**
* 模拟第三方异步通知:验签后调用 DepositSettlement::settle 入账
* DDPay 出金 Webhook 回调:验签后更新 withdraw_order.status并在 failed 时进行返还余额
*
* DDPAY 文档要求:返回纯文本 + HTTP 200。
*/
public function depositMockNotify(Request $request): Response
public function ddpayPayoutNotify(Request $request): Response
{
$response = $this->initializeMobile($request);
if ($response !== null) {
return $response;
}
$orderNo = $this->stringParam($request->input('order_no'));
$sign = $this->stringParam($request->input('sign'));
if ($orderNo === '' || $sign === '') {
return $this->mobileError(1001, 'Missing parameters');
}
if (!DepositMockGateway::verifyOrderNo($orderNo, $sign)) {
return $this->mobileError(1003, 'Invalid parameter value');
}
$order = DepositOrder::where('order_no', $orderNo)->find();
if (!$order) {
return $this->mobileError(2003, 'Order does not exist');
}
DepositOrderExpireService::expirePendingOrders(null, $orderNo);
$order = DepositOrder::where('order_no', $orderNo)->find();
if (!$order) {
return $this->mobileError(2003, 'Order does not exist');
}
if ($this->intValue($order->status) !== 0) {
return $this->mobileSuccess($this->buildDepositResponse($order, null));
}
$orderId = intval(strval($order->id));
if ($orderId <= 0) {
return $this->mobileError(2000, 'Order id invalid');
}
$pc = is_string($order->pay_channel) ? $order->pay_channel : strval($order->pay_channel);
// Webhook 签名计算只依赖文档列出的固定字段
$payload = [
'client_id' => $request->input('client_id'),
'order_id' => $request->input('order_id'),
'transaction_status' => $request->input('transaction_status'),
'timestamp' => $request->input('timestamp'),
'transaction_amount' => $request->input('transaction_amount'),
'signature' => $request->input('signature'),
];
try {
$result = DepositSettlement::settle(
$orderId,
DepositSettlement::SOURCE_THIRD_PARTY,
'mock third party notify',
null,
'channel_code=' . $pc
);
$verified = DDPayGateway::verifyWebhookSignature($payload);
} catch (Throwable $e) {
return $this->mobileError(2000, (string) __($e->getMessage()));
}
$fresh = DepositOrder::where('order_no', $orderNo)->find();
if (!$fresh) {
return $this->mobileError(2000, 'Order not found after settle');
$verified = false;
}
return $this->mobileSuccess($this->buildDepositResponse($fresh, null));
if (!$verified) {
return response('Invalid signature', 403, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$orderNoRaw = $payload['order_id'] ?? '';
$orderNo = is_string($orderNoRaw) ? trim($orderNoRaw) : (is_numeric($orderNoRaw) ? strval($orderNoRaw) : '');
if ($orderNo === '') {
return response('Missing order_id', 400, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$statusStr = is_string($payload['transaction_status'] ?? '') ? strtolower(trim((string) $payload['transaction_status'])) : '';
$order = WithdrawOrder::where('order_no', $orderNo)->find();
if (!$order) {
// 避免无效重试轰炸:订单不存在则 ack 200
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$now = time();
$currentStatus = $this->intValue($order->status);
if ($currentStatus !== 1) {
// 只处理“已通过待打款”状态,避免重复返还
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
if ($statusStr === 'completed') {
Db::name('withdraw_order')
->where('id', intval(strval($order->id)))
->where('status', 1)
->update([
'status' => 3,
'remark' => '[ddpay] payout completed',
'update_time' => $now,
]);
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
if ($statusStr === 'failed') {
$amount = bcadd(strval($order->amount ?? '0'), '0', 2);
if (bccomp($amount, '0', 2) <= 0) {
// 金额异常直接置失败,不做返还
Db::name('withdraw_order')
->where('id', intval(strval($order->id)))
->where('status', 1)
->update([
'status' => 2,
'remark' => '[ddpay] payout failed',
'update_time' => $now,
]);
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$userId = intval(strval($order->user_id ?? 0));
$channelId = null;
if (isset($order->channel_id) && is_numeric(strval($order->channel_id))) {
$channelId = intval(strval($order->channel_id));
}
$idempotencyKey = 'wd_ddpay_failed_' . strval($order->order_no);
Db::startTrans();
try {
$walletExists = Db::name('user_wallet_record')
->where('idempotency_key', $idempotencyKey)
->find();
if ($walletExists) {
// 已返还过,只需更新状态
Db::name('withdraw_order')
->where('id', intval(strval($order->id)))
->where('status', 1)
->update([
'status' => 2,
'remark' => '[ddpay] payout failed (already refunded)',
'update_time' => time(),
]);
Db::commit();
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
$userRow = Db::name('user')->where('id', $userId)->find();
if (!is_array($userRow)) {
throw new RuntimeException('User not found for refund');
}
$beforeCoin = bcadd(strval($userRow['coin'] ?? '0'), '0', 2);
$afterCoin = bcadd($beforeCoin, $amount, 2);
Db::name('user')->where('id', $userId)->update([
'coin' => $afterCoin,
'total_withdraw_coin' => Db::raw('total_withdraw_coin - ' . $amount),
'update_time' => $now,
]);
Db::name('user_wallet_record')->insert([
'user_id' => $userId,
'channel_id' => $channelId,
'biz_type' => 'withdraw_refund',
'direction' => 1,
'amount' => $amount,
'balance_before' => $beforeCoin,
'balance_after' => $afterCoin,
'ref_type' => 'withdraw_order',
'ref_id' => intval(strval($order->id)),
'idempotency_key' => $idempotencyKey,
'operator_admin_id' => null,
'remark' => '[ddpay] payout failed refund',
'create_time' => $now,
]);
Db::name('withdraw_order')
->where('id', intval(strval($order->id)))
->where('status', 1)
->update([
'status' => 2,
'remark' => '[ddpay] payout failed',
'update_time' => $now,
]);
Db::commit();
} catch (Throwable $e) {
Db::rollback();
// 失败不 ack 以便三方重试;但仍需要避免无限循环
return response('Refund failed: ' . (string) $e->getMessage(), 500, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
// pending / other 状态:直接 ack
return response('{"status":"ok"}', 200, [
'Content-Type' => 'text/plain; charset=utf-8',
]);
}
/**
@@ -491,6 +828,12 @@ class Finance extends MobileBase
$withdrawCoin = is_string($withdrawCoinRaw) ? trim($withdrawCoinRaw) : (is_numeric($withdrawCoinRaw) ? strval($withdrawCoinRaw) : '');
$receiveAccount = trim(is_string($request->post('receive_account', '')) ? $request->post('receive_account', '') : '');
$receiveType = trim(is_string($request->post('receive_type', '')) ? $request->post('receive_type', '') : '');
$receiveType = strtolower($receiveType);
// DDPAY 出金Payout所需扩展字段当前仅支持 receive_type=bank
$receiverName = trim(is_string($request->post('receiver_name', '')) ? $request->post('receiver_name', '') : '');
$bankCode = trim(is_string($request->post('bank_code', '')) ? $request->post('bank_code', '') : '');
$bankBranch = trim(is_string($request->post('bank_branch', '')) ? $request->post('bank_branch', '') : '');
$idempotencyKey = trim(is_string($request->post('idempotency_key', '')) ? $request->post('idempotency_key', '') : '');
if ($withdrawCoin === '' || $receiveAccount === '' || $receiveType === '' || $idempotencyKey === '') {
return $this->mobileError(1001, 'Missing parameters');
@@ -503,6 +846,40 @@ class Finance extends MobileBase
}
$withdrawCoin = bcadd($withdrawCoin, '0', 2);
// 按 DDPAY 文档接入:当前仅支持 bank 类型出金
if ($receiveType !== 'bank') {
return $this->mobileError(2000, 'DDPay payout integration supports receive_type=bank only');
}
if ($receiverName === '' || $bankCode === '') {
return $this->mobileError(1001, 'Missing DDPay bank payout parameters');
}
if ($bankBranch === '') {
$bankBranch = 'N/A';
}
// 映射 bank_code -> DDPAY 所需的完整银行名称(来自 financeCashier.withdraw_banks 配置)
$row = GameConfig::where('config_key', FinanceCashierConfigLib::CONFIG_KEY)->find();
$cfg = FinanceCashierConfigLib::parseFromConfigValue($row?->config_value ?? null);
$banks = is_array($cfg['withdraw_banks'] ?? null) ? $cfg['withdraw_banks'] : [];
$bankCodeNorm = strtolower(trim($bankCode));
$ddpayBankName = '';
foreach ($banks as $b) {
if (!is_array($b)) {
continue;
}
$c = isset($b['code']) && is_string($b['code']) ? strtolower(trim($b['code'])) : '';
if ($c === '' || $c !== $bankCodeNorm) {
continue;
}
$nameEn = isset($b['name_en']) && is_string($b['name_en']) ? trim($b['name_en']) : '';
$nameZh = isset($b['name_zh']) && is_string($b['name_zh']) ? trim($b['name_zh']) : '';
$ddpayBankName = $nameEn !== '' ? $nameEn : $nameZh;
break;
}
if ($ddpayBankName === '') {
return $this->mobileError(1001, 'Bank code not configured for withdrawal');
}
$user = $this->auth->getUser();
$userId = intval(strval($user->id));
@@ -598,6 +975,9 @@ class Finance extends MobileBase
'actual_amount' => $actualArrivalCoin,
'receive_type' => $receiveType,
'receive_account' => $receiveAccount,
'ddpay_receiver_name' => $receiverName,
'ddpay_bank_name' => $ddpayBankName,
'ddpay_bank_branch' => $bankBranch,
'status' => 0,
'review_admin_id' => null,
'review_time' => null,
@@ -788,30 +1168,74 @@ class Finance extends MobileBase
];
}
$banks = [];
$withdrawBanks = [];
if (isset($cfg['withdraw_banks']) && is_array($cfg['withdraw_banks'])) {
$list = $cfg['withdraw_banks'];
usort($list, function (array $a, array $b): int {
$ca = isset($a['currency_code']) && is_string($a['currency_code']) ? $a['currency_code'] : '';
$cb = isset($b['currency_code']) && is_string($b['currency_code']) ? $b['currency_code'] : '';
if ($ca !== $cb) {
return strcmp($ca, $cb);
}
$cmp = $this->sortBySortKeyOnly($a, $b);
if ($cmp !== 0) {
return $cmp;
}
$ca = isset($a['code']) && is_string($a['code']) ? $a['code'] : '';
$cb = isset($b['code']) && is_string($b['code']) ? $b['code'] : '';
$ka = isset($a['code']) && is_string($a['code']) ? $a['code'] : '';
$kb = isset($b['code']) && is_string($b['code']) ? $b['code'] : '';
return strcmp($ca, $cb);
return strcmp($ka, $kb);
});
foreach ($list as $b) {
if (!is_array($b)) {
continue;
}
$currencyCode = isset($b['currency_code']) && is_string($b['currency_code']) ? strtoupper(trim($b['currency_code'])) : '';
$code = isset($b['code']) && is_string($b['code']) ? $b['code'] : '';
if ($code === '') {
if ($currencyCode === '' || $code === '') {
continue;
}
$banks[] = [
'code' => $code,
'name' => $isZh
$withdrawBanks[] = [
'currency_code' => $currencyCode,
'code' => $code,
'name' => $isZh
? (is_string($b['name_zh'] ?? null) ? $b['name_zh'] : '')
: (is_string($b['name_en'] ?? null) ? $b['name_en'] : ''),
];
}
}
$depositBanks = [];
if (isset($cfg['deposit_banks']) && is_array($cfg['deposit_banks'])) {
$list = $cfg['deposit_banks'];
usort($list, function (array $a, array $b): int {
$ca = isset($a['currency_code']) && is_string($a['currency_code']) ? $a['currency_code'] : '';
$cb = isset($b['currency_code']) && is_string($b['currency_code']) ? $b['currency_code'] : '';
if ($ca !== $cb) {
return strcmp($ca, $cb);
}
$cmp = $this->sortBySortKeyOnly($a, $b);
if ($cmp !== 0) {
return $cmp;
}
$ka = isset($a['code']) && is_string($a['code']) ? $a['code'] : '';
$kb = isset($b['code']) && is_string($b['code']) ? $b['code'] : '';
return strcmp($ka, $kb);
});
foreach ($list as $b) {
if (!is_array($b)) {
continue;
}
$currencyCode = isset($b['currency_code']) && is_string($b['currency_code']) ? strtoupper(trim($b['currency_code'])) : '';
$code = isset($b['code']) && is_string($b['code']) ? $b['code'] : '';
if ($currencyCode === '' || $code === '') {
continue;
}
$depositBanks[] = [
'currency_code' => $currencyCode,
'code' => $code,
'name' => $isZh
? (is_string($b['name_zh'] ?? null) ? $b['name_zh'] : '')
: (is_string($b['name_en'] ?? null) ? $b['name_en'] : ''),
];
@@ -825,12 +1249,6 @@ class Finance extends MobileBase
$wc = $cfg['withdraw_copy'] ?? [];
$rateMode = is_array($wc) && isset($wc['rate_mode']) && is_string($wc['rate_mode']) ? $wc['rate_mode'] : 'fixed';
$wf = $cfg['withdraw_fields'] ?? [];
$reqCard = is_array($wf) && !empty($wf['require_cardholder']);
$reqAcct = is_array($wf) && !empty($wf['require_bank_account']);
$reqMail = is_array($wf) && !empty($wf['require_email']);
$reqMob = is_array($wf) && !empty($wf['require_mobile']);
$payChannels = [];
$effectiveCh = DepositChannelLib::effectiveRowsFromDb();
$regCh = DepositChannelLib::codeRegistry();
@@ -874,8 +1292,11 @@ class Finance extends MobileBase
'currencies' => $currencies,
'rates' => $rates,
'pay_channels' => $payChannels,
'deposit' => [
'banks' => $depositBanks,
],
'withdraw' => [
'banks' => $banks,
'banks' => $withdrawBanks,
'min_ewallet' => $minEw,
'min_bank' => $minBk,
'rate_hint' => $isZh
@@ -888,11 +1309,13 @@ class Finance extends MobileBase
? (is_array($wc) && is_string($wc['fee_note_zh'] ?? null) ? $wc['fee_note_zh'] : '')
: (is_array($wc) && is_string($wc['fee_note_en'] ?? null) ? $wc['fee_note_en'] : ''),
'rate_mode' => $rateMode,
// 与 DDPay 出金及 withdrawCreate 一致,不由后台开关配置
'fields' => [
'require_cardholder' => $reqCard,
'require_bank_account' => $reqAcct,
'require_email' => $reqMail,
'require_mobile' => $reqMob,
'receive_type_bank_only' => true,
'require_receiver_name' => true,
'require_receive_account' => true,
'require_bank_code' => true,
'require_bank_branch' => false,
],
],
]);