如果还不了解支付宝payto原理的可以在这里下文档和演示
http://dev.alipay.com/download/alipay_docs.rar
集成演示指南:
http://dev.alipay.com/download/yanshi.zip
它现在这种支付方式比较多象网银在线等使用的方法都是url验证,就是通过url参数和一个这些url参数的md5编码来确认这个连接的正确性,支付宝在你购买成功后跳转自定义连接的时候会传2次过来,第一次是数据底层请求,第二次是web请求,而只有第一次有验证码,这个只能通过记录下来才看的到,因为两次请求间隔很小,如果光显示的话最后的结果是被第二次覆盖了的。所以在接收的时候就要设定接收条件,一种是没有notify_type参数的,一种是有的。
我们先来看一下创建一个连接地址
t1
=
ConfigurationSettings.AppSettings[
"
interface
"
];
//
支付接口,就是给的一个连接地址
t2
=
ConfigurationSettings.AppSettings[
"
account
"
];
//
支付宝帐户你的帐户
t3
=
ConfigurationSettings.AppSettings[
"
password
"
];
//
安全校验码,设置的商家验证码
t4
=
"
images/logo_zfbsmall.gif
"
;
//
按钮图片地址
t5
=
"
test
"
;
//
悬停说明
cmd
=
"
0001
"
;
//
默认
subject
=
"
item
"
;
//
商品名称
body
=
"
decrip
"
;
//
描述
order_no
=
;
//
定单号,用户自己生成,方便自己管理 prices=100;
//
价格0.01~50000.00
rurl
=
"
http://www.xxx.com/
"
;
//
商品展示网址
types
=
"
1
"
;
//
1:商品购买2:服务购买3:网络拍卖4:捐赠
number
=
"
1
"
;
//
购买数量
transport
=
"
3
"
;
//
1:平邮2:快递3:虚拟物品
ordinary_fee
=
""
;
//
平邮运费
express_fee
=
""
;
//
快递运费
readonlys
=
"
true
"
;
//
交易信息是否只读
buyer_msg
=
""
;
//
买家给卖家的留言
buyer
=
""
;
//
买家Email
buyer_name
=
""
;
//
买家姓名
buyer_address
=
""
;
//
买家地址
buyer_zipcode
=
""
;
//
买家邮编
buyer_tel
=
""
;
//
买家电话号码
buyer_mobile
=
""
;
//
买家手机号码
partner
=
ConfigurationSettings.AppSettings[
"
partenid
"
];
//
合作伙伴ID,这个是固定的
上面就是要提供得基本信息,然后就是生成支付宝得连接,也就是给支付宝提供一条带验证的购买信息。
public
string
creatAlipayItemURL(
string
t1,
string
t2,
string
t3,
string
t4,
string
t5,
string
cmd,
string
subject,
string
body,
string
order_no,
string
prices,
string
rurl,
string
types,
string
number,
string
transport,
string
ordinary_fee,
string
express_fee,
string
readonlys,
string
buyer_msg,
string
buyer,
string
buyer_name,
string
buyer_address,
string
buyer_zipcode,
string
buyer_tel,
string
buyer_mobile,
string
partner)
{
string
itemURL,str2CreateAc,acCode;
string
INTERFACE_URL,sellerEmail,keyCode,imgsrc,imgtitle,AlipayItemURL;
//
初始化各必要变量
INTERFACE_URL
=
t1
+
t2;
//
支付接口
sellerEmail
=
t2;
//
商户支付宝账户(改成你自己的)
keyCode
=
t3;
//
安全校验码(改成你自己的)
imgsrc
=
t4;
//
支付宝按钮图片
imgtitle
=
t5;
//
按钮悬停说明
str2CreateAc
=
"
cmd
"
+
cmd
+
"
subject
"
+
subject;
str2CreateAc
=
str2CreateAc
+
"
body
"
+
body;
str2CreateAc
=
str2CreateAc
+
"
order_no
"
+
order_no;
str2CreateAc
=
str2CreateAc
+
"
price
"
+
prices;
//
str2CreateAc=str2CreateAc + "url" + rurl;
str2CreateAc
=
str2CreateAc
+
"
type
"
+
types;
str2CreateAc
=
str2CreateAc
+
"
number
"
+
number;
str2CreateAc
=
str2CreateAc
+
"
transport
"
+
transport;
/*
str2CreateAc=str2CreateAc + "ordinary_fee" + ordinary_fee;
str2CreateAc=str2CreateAc + "express_fee" + express_fee;
str2CreateAc=str2CreateAc + "readonly" + readonlys;
str2CreateAc=str2CreateAc + "buyer_msg" + buyer_msg;
*/
str2CreateAc
=
str2CreateAc
+
"
seller
"
+
sellerEmail;
/*
str2CreateAc=str2CreateAc + "buyer" + buyer;
str2CreateAc=str2CreateAc + "buyer_name" + buyer_name;
str2CreateAc=str2CreateAc + "buyer_address" + buyer_address;
str2CreateAc=str2CreateAc + "buyer_zipcode" + buyer_zipcode;
str2CreateAc=str2CreateAc + "buyer_tel" + buyer_tel;
str2CreateAc=str2CreateAc + "buyer_mobile" + buyer_mobile;
*/
str2CreateAc
=
str2CreateAc
+
"
partner
"
+
partner;
str2CreateAc
=
str2CreateAc
+
keyCode;
//
acCode=FormsAuthentication.HashPasswordForStoringInConfigFile(str2CreateAc,"MD5");
acCode
=
this
.GetMD5(str2CreateAc,
"
gb2312
"
);
itemURL
=
INTERFACE_URL
+
"
?cmd=
"
+
cmd;
itemURL
=
itemURL
+
"
&subject=
"
+
HttpUtility.UrlEncode(subject);
itemURL
=
itemURL
+
"
&body=
"
+
HttpUtility.UrlEncode(body);
itemURL
=
itemURL
+
"
&order_no=
"
+
order_no;
itemURL
=
itemURL
+
"
&price=
"
+
prices;
//
itemURL=itemURL + "&url=" + rurl;
itemURL
=
itemURL
+
"
&type=
"
+
types;
itemURL
=
itemURL
+
"
&number=
"
+
number;
itemURL
=
itemURL
+
"
&transport=
"
+
transport;
/*
itemURL=itemURL + "&ordinary_fee=" + ordinary_fee;
itemURL=itemURL + "&express_fee=" + express_fee;
itemURL=itemURL + "&readonly=" + readonlys;
itemURL=itemURL + "&buyer_msg=" + HttpUtility.UrlEncode(buyer_msg);
itemURL=itemURL + "&buyer=" + HttpUtility.UrlEncode(buyer);
itemURL=itemURL + "&buyer_name=" + HttpUtility.UrlEncode(buyer_name);
itemURL=itemURL + "&buyer_address=" + HttpUtility.UrlEncode(buyer_address);
itemURL=itemURL + "&buyer_zipcode=" + buyer_zipcode;
itemURL=itemURL + "&buyer_tel=" + buyer_tel;
itemURL=itemURL + "&buyer_mobile=" + buyer_mobile;
*/
itemURL
=
itemURL
+
"
&partner=
"
+
partner;
itemURL
=
itemURL
+
"
&ac=
"
+
acCode;
AlipayItemURL
=
itemURL;
return
AlipayItemURL;
}
这个函数就是返回生成的地址,里面注释掉的看你自己需要可以添加进去,然后就是md5码的问题,现在用默认的md5生成程序对中文的支持只限于GB2312,而支付宝使用的是GBK,虽然两个编码的内容GBK兼容GB2312但是毕竟两个编码方式不同,所以会产生错误,如果用英文或者数字不会有问题。上面下载里面带的一个md5.asp的算法支持中文。
现在已经可以跳转到支付宝的页面了,而我们这边就要自己记录用户的信息已经生成的定单编号,这样在支付宝返回信息的时候来查询。在设定了返回地址后,我们就要看接收页面了。
string
msg_id,order_no,gross,buyer_email,buyer_name,buyer_address,buyer_zipcode,buyer_tel,buyer_mobile,action,s_date,ac,notify_type;
string
returnTxt;
//
返回给支付宝通知接口的结果
string
alipayNotifyURL;
//
支付宝查询接口URL
string
myalipayEmail;
//
商户的支付宝Email
string
ResponseTxt
=
""
;
returnTxt
=
"
N
"
;
alipayNotifyURL
=
ConfigurationSettings.AppSettings[
"
interfaceback
"
];
//
支付宝查询接口地址
myalipayEmail
=
ConfigurationSettings.AppSettings[
"
account
"
];
//
填写您的支付宝帐号
//
检查支付宝通知接口传递过来的参数是否合法
msg_id
=
newop.DelStr(Request[
"
msg_id
"
]);
order_no
=
newop.DelStr(Request[
"
order_no
"
]);
gross
=
newop.DelStr(Request[
"
gross
"
]);
buyer_email
=
newop.DelStr(Request[
"
buyer_email
"
]);
buyer_name
=
newop.DelStr(Request[
"
buyer_name
"
]);
buyer_address
=
newop.DelStr(Request[
"
buyer_address
"
]);
buyer_zipcode
=
newop.DelStr(Request[
"
buyer_zipcode
"
]);
buyer_tel
=
newop.DelStr(Request[
"
buyer_tel
"
]);
buyer_mobile
=
newop.DelStr(Request[
"
buyer_mobile
"
]);
action
=
newop.DelStr(Request[
"
action
"
]);
s_date
=
newop.DelStr(Request[
"
date
"
]);
ac
=
newop.DelStr(Request[
"
ac
"
]);
notify_type
=
newop.DelStr(Request[
"
notify_type
"
]);
alipayNotifyURL
=
alipayNotifyURL
+
"
msg_id=
"
+
msg_id
+
"
&email=
"
+
myalipayEmail
+
"
&order_no=
"
+
order_no;
System.Net.WebClient isClient
=
new
System.Net.WebClient();
Stream isStream
=
isClient.OpenRead(alipayNotifyURL);
StreamReader isReader
=
new
StreamReader(isStream,System.Text.Encoding.GetEncoding(
"
GB2312
"
));
ResponseTxt
=
isReader.ReadToEnd();
if
(action
==
"
test
"
)
//
测试商户网站URL是否正确安装
{
returnTxt
=
"
Y
"
;
}
else
if
((action
==
"
sendOff
"
)
&&
(msg_id
!=
""
))
//
发货通知
{
returnTxt
=
"
N
"
;
if
((ResponseTxt
==
"
true
"
)
||
(ResponseTxt
==
"
false
"
))
{
//
更新数据在商户系统里的订单数据;如果已经发货,则将returnTxt置为Y,否则为N
}
else
{
//
非法数据,不做更新
returnTxt
=
"
Error
"
;
}
}
else
if
((action
==
"
sendOff
"
)
&&
(notify_type
==
"
web
"
))
{
//
检查是否已经付帐,并记录 }
else
if
((action
==
"
checkOut
"
)
&&
(msg_id
!=
""
))
//
交易结束通知
{
returnTxt
=
"
Y
"
;
if
((ResponseTxt
==
"
true
"
)
||
(ResponseTxt
==
"
false
"
))
{
//
更新数据在商户系统里的订单数据;如果数据更新成功,则将returnTxt置为Y,否则为N
//
更新数据
//
你的代码,更新你这边数据
returnTxt
=
"
Y
"
;
}
else
{
//
非法数据,不做更新
returnTxt
=
"
Error
"
;
}
}
else
{
returnTxt
=
"
Error
"
;
}
Response.Write(returnTxt);
中间那段webclient是返回支付宝查询这个消息是不是支付宝发出的,这里也使用的是获取支付宝那里一个查询接口的结果,True或者False。
这样就完成了整个支付的流程,而你需要做的就是记录用户买的数据,然后接受支付宝给你的信息并确认是否正确,而且是否已经购买或者已经发货,从而完成你的销售过程。接收页面做的标准就是在直接访问的情况下显示的结果只有N或者Y或者其他你设定的returnTxt的值,如果有其他内容将会不能实现功能。
支付宝现在的即时到帐功能还没有正式发布,请不要私自做,要不然会出现麻烦。