package main import ( "database/sql" "errors" "log" "net/http" "strconv" "time" ) type RpnIn struct { Id int64 Leanwork int64 Order_id string Order_time string Order_amount string Deal_id string Deal_time string Pay_amount string Pay_result string Signature string Ts time.Time Ip4 uint32 } //get given RpnIn record based on ID func getRpnInById(id int64) (ret RpnIn, err error) { if err = db.conn(Config); err != nil { return } defer db.close() q := "SELECT * FROM rpnIn WHERE id = ? " err = db.h.QueryRow(q, id).Scan( &ret.Id, &ret.Leanwork, &ret.Order_id, &ret.Order_time, &ret.Order_amount, &ret.Deal_id, &ret.Deal_time, &ret.Pay_amount, &ret.Pay_result, &ret.Signature, &ret.Ts, &ret.Ip4) if err != nil { if err == sql.ErrNoRows { log.Println("trying to retrieve rpnIn(" + strconv.FormatInt(id, 10) + ") but not found") } else { log.Println("Error retrieving rpnIn(" + strconv.FormatInt(id, 10) + ") encountered : " + err.Error()) } } return } //get given RpnIn record based on ID func getRpnInByLeanworkId(id int64) (ret RpnIn, err error) { if err = db.conn(Config); err != nil { return } defer db.close() q := "SELECT * FROM rpnIn WHERE leanwork = ? ORDER BY id DESC LIMIT 1" err = db.h.QueryRow(q, id).Scan( &ret.Id, &ret.Leanwork, &ret.Order_id, &ret.Order_time, &ret.Order_amount, &ret.Deal_id, &ret.Deal_time, &ret.Pay_amount, &ret.Pay_result, &ret.Signature, &ret.Ts, &ret.Ip4) if err != nil { if err == sql.ErrNoRows { log.Println("trying to retrieve rpnIn(" + strconv.FormatInt(id, 10) + ") but not found") } else { log.Println("Error retrieving rpnIn(" + strconv.FormatInt(id, 10) + ") encountered : " + err.Error()) } } return } //add to database func (m *RpnIn) add2db() (ret RpnIn, err error) { if err = db.conn(Config); err != nil { return } defer db.close() q := `INSERT INTO rpnIn( leanwork, order_id, order_time, order_amount, deal_id, deal_time, pay_amount, pay_result, signature) VALUES(?,?,?,?,?,?,?,?,?) ` insForm, err := db.h.Prepare(q) if err != nil { log.Printf("Failed to prepare SQL statment for insert " + err.Error()) return } res, err := insForm.Exec( m.Leanwork, m.Order_id, m.Order_time, m.Order_amount, m.Deal_id, m.Deal_time, m.Pay_amount, m.Pay_result, m.Signature) if err != nil { log.Printf("Error inserting rpnIn with orderNo =%s, %s \n", m.Order_id, err.Error()) return } id, err := res.LastInsertId() if err != nil { log.Printf("Cannot retrieve lastInsertId for orderID %s", m.Order_id) return } ret, err = getRpnInById(id) if err == nil { *m = ret } return } func (m *RpnIn) signature() (sig string) { s := "order_id=" + m.Order_id s += "|order_time=" + m.Order_time s += "|order_amount=" + m.Order_amount s += "|deal_id=" + m.Deal_id s += "|deal_time=" + m.Deal_time s += "|pay_amount=" + m.Pay_amount s += "|pay_result=" + m.Pay_result s += "|key=" + m.md5key() sig = md5str(s) log.Println("signature of rpnIn = " + sig + " using key " + m.md5key()) return } func (m *RpnIn) md5key() string { if m.Order_id == "" { return "" } ro, err := getRpnOutByOrderId(m.Order_id) if err != nil { log.Println("Cannot get RpnOut by order_id=" + m.Order_id) return "" } return ro.getMD5Key() } func GetRpnInFromHTTPRequest(r *http.Request) (ret RpnIn, err error) { r.ParseForm() ret.Order_id = r.FormValue("order_id") ret.Order_time = r.FormValue("order_time") ret.Order_amount = r.FormValue("order_amount") ret.Deal_id = r.FormValue("deal_id") ret.Deal_time = r.FormValue("deal_time") ret.Pay_amount = r.FormValue("pay_amount") ret.Pay_result = r.FormValue("pay_result") ret.Signature = r.FormValue("signature") ret.Ip4 = getClientIPLong(r) ret.Ts = time.Now() if ret.Order_id == "" { err = errors.New("Invalid OrderId for RpnIn") return } ro, err := getRpnOutByOrderId(ret.Order_id) if err != nil || ro.Order_id != ret.Order_id { log.Println("Cannot get RpnOut by order_id=" + ret.Order_id) return } if ret.Signature != ret.signature() { log.Println("Invalid RpnIn Signature") err = errors.New("Invalid signauture for RpnIn") return } return }