Contents
Preface
Because I don’t want to publish some articles directly (maybe they are too sensitive?), and using passwords feels low-level... I remembered that I saw some bloggers setting up VIP in a more technical way before, and I thought that maybe I could use it in the future, so I decided to make one myself. Because it involves payment methods, I naturally want to apply for a formal Alipay or WeChat payment code (such as Alipay’s face-to-face payment, which is the kind we usually pay for when we eat), but it seems that now all business licenses are required (it was said to be relatively relaxed before, but with the current economic situation, it is estimated that even if an ant is small, it is still meat, and no one will be spared). I just want to do scientific research, the entire project, I can’t get a business license for this, this seems a bit too much.
How about using WeChat and Alipay's personal code to receive money? It doesn't matter if the amount is small or the number of transactions is small, but it will be troublesome if there are many transactions:
What if I become bigger and stronger in the future? After some research, I found that WeChat's reward code and Alipay's merchant code can avoid risk control (at least for now, it's hard to say in the future), and the application is simple and takes only a few minutes.
However, using the praise code and Alipay's merchant code involves another problem, which is the control of the payment process. For example, if user A of the website recharges 10 yuan, how does the website know whether user A's scan code payment is successful? If user B recharges 20 yuan at the same time, how to know which user recharged 10 yuan and which user recharged 20 yuan? Therefore, a system is needed to automatically complete the charging, confirm whether the payment is successful, and perform corresponding operations with the website users (if it is an official commercial merchant code of Alipay or WeChat, these functions are provided, so it is reasonable for others to charge a handling fee..). After some research, I finally chose V free signature (in fact, there is another one called xpay, which also has 4.6k stars on github. If you are interested, you can also try it). This construction will be based on the source code of the pagoda linux panel, because it is indeed more convenient to use pagoda for this installation, and I also have a ready-made pagoda environment (used as a reverse proxy). Of course, you can also use docker. After everyone understands the spirit, it is actually the same to install it with docker.
Let me briefly explain how v-signature-free works. v-signature-free consists of two parts: the website and the monitoring end. When user A calls up the QR code payment page on the website and prepares to scan the code, the payment page will keep requesting the monitoring end to obtain the payment result. When the monitoring end detects that the transaction is completed (there are many ways, the app monitoring end monitors the notification bar message, and the PC monitoring end monitors the application notification, such as Aliwangwang and WeChat notifications), it will tell the payment page that the transaction is completed. The payment page will determine which user (in this case, user A) completed the transaction based on the transaction information sent back by the monitoring end, and then jump to the page where the transaction is successfully completed for user A.
源码搭建V免签的网站
下载v免签php版的源码
原作者的github网址如下:https://github.com/szvone/Vmqphp,这个版本可以用,不过php版本推荐是5.6-7.3。其实也能用php7.4,只是需要做如下修改:
/thinkphp/library/think/db/Query.php 第568行 value{0}改成 value[0]
我用的另一个修改版:
https://github.com/Jiu-ci/vmq,这个就可以直接使用php7.4:
直接点击上图中的红框下载源码的zip包。如果github无法访问,也可以访问以下链接下载:Unrivaled file sharing,访问密码为:”blog.tangwudi.com”,下载其中的”vmq-main.zip”文件即可。
安装mysql 5.6
按照以下步骤安装mysql 5.6
注:我喜欢用编译安装,时间长一点,但是稳妥,不过极速安装一般来说也没啥问题,这纯属个人习惯,后面一样。
安装PHP7.4
按照以下步骤安装php7.4
![image.png](https://image.tangwudi.com/images/2023/12/08/202312081210951.png)
安装并使用phpmyadmin对数据库进行初始化
安装phpmyadmin
按照以下步骤安装phpmyadmin
![image.png](https://image.tangwudi.com/images/2023/12/08/202312081220782.png)
Initialize the database
修改默认mysql5.6的默认密码,假设为123456:
进入phpmyadmin:
使用账号root及前面设置的密码(本例中为123456)登录:
进入数据库后,默认只有3个库,我们需要创建一个名为vmq的库用来给V免签使用,入下图所示:
然后在左边点击选中刚刚创建的库”vmq”,然后在右边点击红框中的”导入”:
点击下图中框中的”选择文件”按钮:
进入v免签zip包解压缩以后的文件夹里,选择”vmq.sql”,然后点击下方的打开:
最后点击右下角红框中的”执行”按钮:
成功后可以看到原本空的库”vmq”已经有了4个表:
(可选)修改root账号主机名:
如果需要修改root账号的可访问主机,可以在如下红框中修改。不过本例中,数据库也是在宝塔中安装的,所以访问数据库只需要访问127.0.0.1即可,默认值localhost就可以,所以不用修改。
![image.png](https://image.tangwudi.com/images/2023/12/05/202312052119976.png)
配置域名解析
为v免签的站点分配一个可用域名,本例中就为vmq.example.com(也可以带非标端口),有没有443端口理论上无所谓,只要监控端的配置网站支持非标端口(:port)的方式就行,需要在域名供应商进行正确的DNS配置。如果只是在内网做测试,通过host或者dnsmaq的方式实现正确域名解析也可以。
用下载的源码创建网站
Add a site
![image.png](https://image.tangwudi.com/images/2023/12/08/202312082326030.png)
上传源码到站点目录
网站文件夹路径为:
/www/wwwroot/vmq.example.com
使用文件菜单上传前面下载的源码zip文件:
解压缩源码zip包:
解压以后进入解压出来的文件夹:
选中所有文件然后剪切到上级目录:
The final effect is as follows:
![image.png](https://image.tangwudi.com/images/2023/12/08/202312082349217.png)
对网站进行设置
进行如下设置:
SSL根据需要配置,建议配置。
设置数据库,修改如下文件:
/www/wwwroot/vmq.example.com/config/database.php
如果前面是按照前文一步一步做的,这里基本只需要改以下数据库的密码就可以了;如果不是,则按实际情况进行修改。
配置网站
使用http(s)://vmq.example.com登录,默认用户名和密码都是admin。
登录系统后默认界面如下:
重点介绍下系统设置和监控端设置项。
系统设置界面如下:
在上图中,异步回调和同步回调是监控端和网站通信的地址,地址分别如下:
http(s)://vmq.example.com/example/notify.php #异步回调
http(s)://vmq.example.com/example/return.php #同步回调
通信密钥是首次admin账号登录时系统自动生成的,监控端和v免签网站通信,以及wordpress的插件和v免签网站通信都要用到通信密钥。
微信二维码和支付宝二维码,如果直接使用个人码也不是不行,但是如果交易金额大了容易被风控。要避免风控,支付宝可以用商家收钱码(个人用户可以免费升级的),微信有个赞赏码,但是貌似v免签不能识别赞赏码,所以微信我暂时用的个人收款码。
监控端设置:
在上图中,监控端状态运行正常,是因为我已经正确配置了监控端,心跳正常的时候才会显示运行正常。另一个关键的是配置数据,实际上就是网站加通信密钥,本例中类似于:
vmq.example.com/xdbdfdfdfsskldjfk
这种格式,这个是需要在监控端进行配置的。
监控端配置
关于监控端,其实比较麻烦,因为没有很好很完美的解决方案,有点看人品。其实目前主要有2类:app监控端和pc监控端。我分别尝试过的app监控端和pc监控端分别如下:
app:https://github.com/shinian-a/Vmq-App
pc端监控:https://github.com/zh66y/vmqpc
app监控的方式需要一个安卓系统来安装apk,我因为没有安卓手机,所以就装了个安卓模拟器(别人本来是用来打游戏的~)来安装,结果是app上看起来一切都正常,但是最后回调有问题,付款以后支付界面收不到app发来的支付成功的消息(但是app上是看的到的),实在是不知道是不是安卓模拟器的问题,而我又不想花精力用docker搭个安卓环境,所以最终放弃了。我看了下评价,有些朋友还是可以用的,所以这个最终就看大家的选择了。
我最终是用pc端监控来实现的,具体实现细节我就不写了,github上别人写得很清楚,只不过,这个软件的使用需要找别人免费授权下,也可能有些小问题,不过别人态度非常好,还有群,使用问题也能交流,我暂时先用着这个,以后有心情了看看其他有没有好选择。不过大家在下载的时候要注意,尽量用github上的,我试的一个搜索引擎上找到的,直接一点开就要给我系统添加根证书,然后就要把我往一个看起来是支付宝的网址上面跳转,那网站的证书还是这个根证书颁发的~~~,太狠了。。
test
The website has a special test page, the URL is as follows:
https://vmq.example.com/example/
However, to use this test page, you need to change the $key in the three pages main.php, notify.php, and return.php to your communication key in advance. The paths of these three pages are located at:
/www/wwwroot/vmq.example.com/public/example/
After the modification, you can test it. For example, if you want to test WeChat payment, just click on the payment in the picture above:
After using WeChat QR code payment 0.1, if the monitoring end is normal, the following page will be returned:
At this time, you can see the transaction record in the PC monitoring:
At the same time, you can also see the actual amount of payment for this order in the v-free order list:
![image.png](https://image.tangwudi.com/images/2023/12/09/202312091000685.png)
The same applies to Alipay.
Friendly reminder: You need to register a new WeChat account because the PC version of WeChat needs to be kept online for a long time in the PC monitoring terminal. Alipay can be replaced by Taobao Wangwang, so there is no need to register a new account.
Configuring public network access
If you want to publish to the public Internet, you need to choose the most suitable publishing method according to the actual environment and the reverse proxy you use. You can refer to my previous articles:
1,Docker series uses Docker to build its own reverse proxy based on NPM
2,Linux panel series configure reverse proxy and use non-443 port for publishing
3.Home data center series uses domestic cloud hosting to get free cloudflare to achieve fast access to domestic sites from abroad
4.Home Data Center Series: Use cloudflare to build a website quickly with no public IP in your home broadband (general purpose)
The first and second methods are suitable for environments with public IP but no legal 443 port (home broadband, unregistered cloud host). You need to add a non-standard port after the URL (if you use cloudflare to build a website, you don't need to add a port, but you need to customize the source station port. You can refer to:Home data center series uses cloudflare's Origin Rules to solve the problem of having a public IP but no legal ports 80 and 443 when building a websiteThe third method is suitable for cloud hosts with a record, and the fourth method is suitable for all environments (including environments without public IP), which is also the method I recommend (regardless of whether your environment has a public IP or not, because this method does not require running https traffic directly on the public network).