WeChat payment problems

Let's talk about the process 1 here. The user places an order, generates an order and an order number 2, and pays for the order: first dynamically generates a payment order number, associates it with the order number table, and uses the payment order number to pay. 3. After the payment is successful, the callback address receives the sent payment order number and completes the order payment according to the payment order number... let's talk about the process here.
1. the user places an order and generates the order and order number.
2. User payment: a payment order number is generated dynamically first, which is associated with the order number table and paid with the payment order number.
3. After the payment is successful, the callback address receives the sent payment order number and completes the order payment according to the payment order number.

I think this design is inappropriate, but I can't come up with a good solution. I have the following questions:
1. If there is a problem with the dynamic generation of the payment order number for each payment
2. After the payment is successful, How can I fix the problem if my server crashes during callback.
3. The successful payment callback completes order payment based on the dynamically generated payment order number. in case of leakage of the callback address, someone maliciously guesses what to do with the payment order number.

PS: (the dynamic payment order number is used because the user canceled the payment and submitted different order numbers when making the payment again, so as not to prompt duplicate orders)

The payment function was implemented for the first time, and the technology was insufficient.

Reply content:

Let's talk about the process here.
1. the user places an order and generates the order and order number.
2. User payment: a payment order number is generated dynamically first, which is associated with the order number table and paid with the payment order number.
3. After the payment is successful, the callback address receives the sent payment order number and completes the order payment according to the payment order number.

I think this design is inappropriate, but I can't come up with a good solution. I have the following questions:
1. If there is a problem with the dynamic generation of the payment order number for each payment
2. After the payment is successful, How can I fix the problem if my server crashes during callback.
3. The successful payment callback completes order payment based on the dynamically generated payment order number. in case of leakage of the callback address, someone maliciously guesses what to do with the payment order number.

PS: (the dynamic payment order number is used because the user canceled the payment and submitted different order numbers when making the payment again, so as not to prompt duplicate orders)

The payment function was implemented for the first time, and the technology was insufficient.

1. You can turn your account into a ticket number and then make the payment.
2. If the callback fails, the callback will be performed again at intervals until it is successful or reaches a certain number of times.
3. It's useless to know about signature encryption.