1、凭证验证,主要是区别生产环境和沙盒环境
//凭证 $apple_receipt=addslashes($_REQUEST['app_receipt']); // 进行验证 /* * 21000 App Store不能读取你提供的JSON对象 * 21002 receipt-data域的数据有问题 * 21003 receipt无法通过验证 * 21004 提供的shared secret不匹配你账号中的shared secret * 21005 receipt服务器当前不可用 * 21006 receipt合法,但是订阅已过期。服务器接收到这个状态码时,receipt数据仍然会解码并一起发送 * 21007 receipt是Sandbox receipt,但却发送至生产系统的验证服务 * 21008 receipt是生产receipt,但却发送至Sandbox环境的验证服务 */ //请求验证 $post = ['receipt-data' => $apple_receipt]; $post = json_encode($post); $url_buy = "https://buy.itunes.apple.com/verifyReceipt"; $url_sandbox = "https://sandbox.itunes.apple.com/verifyReceipt"; $return = http_post_data($url_buy, $post); $return = json_decode(json_encode($return), true); if ($return['status'] == '21007') { //验证沙盒 $return = http_post_data($url_sandbox, $post); $return = json_decode(json_encode($return), true); } if ($return['status'] == 0 && isset($return['status'])) { //业务处理代码 }
2、curl请求苹果app_store验证地址
function http_post_data($url, $data_string) { $curl_handle=curl_init(); curl_setopt($curl_handle,CURLOPT_URL, $url); curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_handle,CURLOPT_HEADER, 0); curl_setopt($curl_handle,CURLOPT_POST, true); curl_setopt($curl_handle,CURLOPT_POSTFIELDS, $data_string); curl_setopt($curl_handle,CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl_handle,CURLOPT_SSL_VERIFYPEER, 0); $response_json =curl_exec($curl_handle); $response =json_decode($response_json); curl_close($curl_handle); return $response; }