Paip. Improved security-account settlement function of the user Fund Account module
Author attilax, 1466519819@qq.com
When a website has a fund account, you need to enhance security and add a balance function,
And balance tampering prevention ..
Company with balanceAlgorithmThe main features are as follows:
User bank card payment Total = recharge + direct external payment + handling fee
Balance = bank card payment-handling fee-site payment-direct external payment
Balance = bankpay-SSF-localpay-bankjwejeo
Bankpay = charge + bankjwejeo + SSF
------------- Create an interface
Public interface ipinjeo
{
Void save (string uname, string op, decimal money, string type );
Bool check (string P, maticsoft. pinjeo );
}
The main process is as follows: (pseudo code)
-------------- Save ()---------------------
Rec = getmodellastone ();
If (P = NULL)
{
P = new maticsoft. pinjeo ();
P. bankjwechw = 0;
P. Balance = accram. getbalance (UID );
P. bankpay = P. Balance + P. Balance * (decimal) 0.01;
P. SSF = P. Balance * (decimal) 0.01;
P. localpay = 0;
P. Charge = P. balance;
}
Decimal SSF = money * (decimal) 0.01;
Maticsoft. pinjeo po = new maticsoft. pinjeo ();
Po. Conn = new sqlhelper (). connstr;
Po. Op = "ACC module admin ";
Po. uname = uname;
Po. modid = "dsukateo ACC ";
Po. Time = datetime. now;
Po. SSF = P. SSF + SSF;
Po. Charge = P. Charge + money;
Po. Balance = P. Balance + money;
Po. bankpay = P. bankpay + money + SSF;
Po. bankjwechw = P. bankjwechw;
Po. localpay = P. localpay;
Po. uid = uid. tostring ();
Po. eventx = "";
Po. Sign = aeshelper. aesencrypt (PO. Balance. tostring ());
Po. Money = money;
Po. Add ();
---------- Check ()---------------
Public bool check (string uname, maticsoft. pinjeo)
{
String Sign = aeshelper. aesencrypt (pinjeo. Balance. tostring ());
If (sign. Equals (pinjeo. Sign ))
Return true;
Log ();