1、凭证验证,主要是区别生产环境和沙盒环境
//凭证
$apple_receipt=addslashes($_REQUEST['app_receipt']);
// 进行验证
/*
* 21000 App Store不能读取你提供的JSON对象
* 21002 receipt-data域的数据有问题
* 21003 receipt无法通过验证
* 21004 提供的shared secret不匹配你账号中的shared secret
* 21005 receipt服务器当前不可用
* 21006 receipt合法,但是订阅已过期。服务器接收到这个状态码时,receipt数据仍然会解码并一起发送
* 21007 receipt是Sandbox receipt,但却发送至生产系统的验证服务
* 21008 receipt是生产receipt,但却发送至Sandbox环境的验证服务
*/
//请求验证
$post = ['receipt-data' => $apple_receipt];
$post = json_encode($post);
$url_buy = "https://buy.itunes.apple.com/verifyReceipt";
$url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt";
$return = http_post_data($url_buy, $post);
$return = json_decode(json_encode($return), true);
if ($return['status'] == '21007') {
//验证沙盒
$return = http_post_data($url_sandbox, $post);
$return = json_decode(json_encode($return), true);
}
if ($return['status'] == 0 && isset($return['status'])) {
//业务处理代码
}2、curl请求苹果app_store验证地址
function http_post_data($url, $data_string) {
$curl_handle=curl_init();
curl_setopt($curl_handle,CURLOPT_URL, $url);
curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_handle,CURLOPT_HEADER, 0);
curl_setopt($curl_handle,CURLOPT_POST, true);
curl_setopt($curl_handle,CURLOPT_POSTFIELDS, $data_string);
curl_setopt($curl_handle,CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl_handle,CURLOPT_SSL_VERIFYPEER, 0);
$response_json =curl_exec($curl_handle);
$response =json_decode($response_json);
curl_close($curl_handle);
return $response;
}