
需求:公司开发了一个应用,接入了苹果支付(其实是AppStore内支付,因为是虚拟商品,所有不能直接接入app pay),客户端做好了,要PHP(我)对接支付回调接口,处理支付后的业务逻辑(修改订单状态,发送短信通知客户,修改用户购买的套餐)。



// 苹果支付验证 接口  
    // @param string $receipt 收到的数据  
    // @param boolean $isSandbox 是否是沙盒模式,true,false  
    function getreceiptdata(){  
        $receipt = $_REQUEST['strReceipt'];  
        $username = addslashes($_REQUEST['username']);//用户名  
        $tc = $_REQUEST['pid'];//套餐类型  
        $isSandbox = true;  
        if ($isSandbox) {  
            $endpoint = '';  
        else {  
            $endpoint = '';  

        $postData = json_encode(  
                array('receipt-data' => $receipt)  

        $ch = curl_init($endpoint);  
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);  
        curl_setopt($ch, CURLOPT_POST, true);  
        curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);  
        curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);  //这两行一定要加,不加会报SSL 错误  
        curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);  

        $response = curl_exec($ch);  
        $errno    = curl_errno($ch);  
        $errmsg   = curl_error($ch);  

        $data = json_decode($response);  

        if ($errno != 0) {  
            //throw new \Exception($errmsg, $errno);  
            //$arr = array('status'=>'fail','code'=>'-3','msg'=>'判断时候出错,抛出异常');  
            //echo json_encode($arr);exit;  
            $xml = '';  
            $xml .= '';  
            $xml .= "fail";  
            $xml .= "3";  
            $xml .= "判断时候出错,抛出异常";  
            $xml .= '';  
            echo $xml;exit;  


        if (!is_object($data)) {  
            //E('Invalid response data');//无效的响应数据  
            //$arr = array('status'=>'fail','code'=>'-2','msg'=>'无效的响应数据');  
            //echo json_encode($arr);exit;  
            $xml = '';  
            $xml .= '';  
            $xml .= "fail";  
            $xml .= "-2";  
            $xml .= "无效的响应数据";  
            $xml .= '';  
            echo $xml;exit;  
        if (!isset($data->status) || $data->status != 0) {  
            //E('Invalid receipt');//无效的收据  
            //$arr = array('status'=>'fail','code'=>'-1','msg'=>'无效的收据');  
            //echo json_encode($arr);exit;  
            $xml = '';  
            $xml .= '';  
            $xml .= "fail";  
            $xml .= "-1";  
            $xml .= "无效的收据";  
            $xml .= '';  
            echo $xml;exit;  

        $order = $data->receipt->in_app;//所有的订单的信息  
        $k = count($order) -1;  
        $need = $order[$k];//需要的那个订单  




Status codes

Status Code Description
21000 The App Store could not read the JSON object you provided.
21002 The data in the receipt-data property was malformed or missing.
21003 The receipt could not be authenticated.
21004 The shared secret you provided does not match the shared secret on file for your account.
21005 The receipt server is not currently available.
21006 This receipt is valid but the subscription has expired. When this status code is returned to your server, the receipt data is also decoded and returned as part of the response.Only returned for iOS 6 style transaction receipts for auto-renewable subscriptions.
21007 This receipt is from the test environment, but it was sent to the production environment for verification. Send it to the test environment instead.
21008 This receipt is from the production environment, but it was sent to the test environment for verification. Send it to the production environment instead.
21010 This receipt could not be authorized. Treat this the same as if a purchase was never made.
21100-21199 Internal data access error.
