From 70f891ffac397e9e54979fc4822d63ec5d026c66 Mon Sep 17 00:00:00 2001
From: mzeros <mzuins@126.com>
Date: Sat, 19 Oct 2024 09:05:11 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E6=B5=81=E6=B0=B4=E5=8F=B7?=
 =?UTF-8?q?=EF=BC=8C=E6=96=B0=E5=A2=9E=E5=AE=9D=E5=A1=94=E7=99=BD=E5=90=8D?=
 =?UTF-8?q?=E5=8D=95=E9=98=B2=E7=81=AB=E5=A2=99=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/channel/service/KamiGroupService.php      |  61 ++++
 app/channel/service/system/Core.php           |   2 +-
 app/channel/service/system/Dayuanren.php      |   2 +-
 app/channel/service/system/Shenyou.php        |   2 +-
 app/channel/service/system/Xunmai.php         |  78 +++--
 app/core/BtWafService.php                     | 267 ++++++++++++++++++
 app/gateway/controller/v4/Card.php            |   8 +-
 app/gateway/controller/v4/Core.php            |   6 +-
 app/merchant/controller/Merchant.php          |  38 ++-
 app/merchant/service/MerchantService.php      |  42 +++
 app/merchant/view/merchant/index.html         |   3 +
 app/merchant/view/merchant/ipWhite.html       |  25 ++
 app/openapi/controller/Task.php               |  49 ++++
 app/openapi/controller/Test.php               |  82 ++++++
 app/order/controller/Order.php                |  39 +--
 app/order/service/OrderService.php            |   4 +-
 app/order/view/aftersales_order/index.html    |   2 +-
 .../view/aftersales_order/index_search.html   |   2 +-
 app/order/view/aftersales_order/setKami.html  |   2 +-
 app/order/view/aftersales_order/setYes.html   |   2 +-
 app/order/view/order/index.html               |  56 +++-
 app/order/view/order/index.html.back          | 177 ------------
 app/order/view/order/setKami.html             |   2 +-
 app/order/view/order/setYes.html              |   2 +-
 .../kami91order/KamiOrderStatusStandardUp.php |   2 +-
 app/setting/view/config/index.html            |  65 +++++
 config/app.php                                |  11 +-
 readme.md                                     |   6 +-
 28 files changed, 776 insertions(+), 261 deletions(-)
 create mode 100644 app/channel/service/KamiGroupService.php
 create mode 100644 app/core/BtWafService.php
 create mode 100644 app/merchant/view/merchant/ipWhite.html
 delete mode 100644 app/order/view/order/index.html.back

diff --git a/app/channel/service/KamiGroupService.php b/app/channel/service/KamiGroupService.php
new file mode 100644
index 0000000..1979354
--- /dev/null
+++ b/app/channel/service/KamiGroupService.php
@@ -0,0 +1,61 @@
+<?php
+
+namespace app\channel\service;
+
+use app\core\Service;
+use app\channel\service\KamiGroupService as KamiGroup;
+use think\facade\Db;
+/**
+ * 游戏点卡卡密服务
+ * Class ChannelService
+ * @package app\channel\service
+ */
+class KamiGroupService extends Service
+{
+    /**
+     * 设置默认操作表
+     * @var string
+     */
+    public $table = 'channel_kami_group';
+
+    # 获取一个批次
+    public function getOne()
+    {
+        $where = array();
+        $where['status'] = 1;
+
+        $info = $this->db()->where($where)->order('status desc, reorder desc, id desc')->find();
+
+        if ($info) {
+            $card = KamiGroup::instance()->db()->where(array('kami_group_id' => $info['id'], 'status' => 1, 'use' => 1))->find();
+            if ($card) {
+                return $info['id'];
+            } else {
+                $this->db()->where(array('id' => $info['id']))->update(array('status' => '0'));
+                return $this->getOne();
+            }
+        }
+
+        return 1;
+    }
+    
+    public function up($name, $reorder = 1)
+    {
+        $data = array();
+        $data['name'] = $name;
+        
+        $info = $this->db()->where($where)->find();
+        
+        if ($reorder) {
+            $data['reorder'] = $reorder;
+        }
+        
+        $data['status'] = 1;
+        if (!$info) {
+            return $this->db()->insertGetId($data);
+        } else {
+            $this->db()->where(array('id' => $info['id']))->update($data);
+            return $info['id'];
+        }
+    }
+}
\ No newline at end of file
diff --git a/app/channel/service/system/Core.php b/app/channel/service/system/Core.php
index 68bc1b4..d3b56ed 100644
--- a/app/channel/service/system/Core.php
+++ b/app/channel/service/system/Core.php
@@ -247,7 +247,7 @@ class Core
 
         $api_host = sysconf('api_notify_host');
         if($api_host){
-            $url = $this->getUrl('/notify/call?s_order=' . $order . '&s_type=' . $type.'&version=v4',4);
+            $url = $this->getUrl('/call?s_order=' . $order . '&s_type=' . $type.'&version=v4',4);
         }else{
             $url = $this->getUrl('/gateway/api.notify/call?s_order=' . $order . '&s_type=' . $type);#修改原为v3.0之前版本
         }
diff --git a/app/channel/service/system/Dayuanren.php b/app/channel/service/system/Dayuanren.php
index 4b6a649..866ff90 100644
--- a/app/channel/service/system/Dayuanren.php
+++ b/app/channel/service/system/Dayuanren.php
@@ -114,7 +114,7 @@ class Dayuanren extends Core
         }
         if (isset($data['voucher']) && $data['voucher']) {
             # 流水号
-            $data['s_nubmer'] = $result['s_nubmer'] = $data['voucher'];
+            $data['s_number'] = $data['voucher'];
         }
 
         $result['yes'] = 'success';
diff --git a/app/channel/service/system/Shenyou.php b/app/channel/service/system/Shenyou.php
index 19e8fe9..653bc07 100644
--- a/app/channel/service/system/Shenyou.php
+++ b/app/channel/service/system/Shenyou.php
@@ -84,7 +84,7 @@ class Shenyou extends Core
                 $temp[1] = $data['exchangeTraded'];
             }
             
-            $data['s_nubmer'] = $result['s_nubmer'] = $temp[1];
+            $data['s_number'] = $result['s_number'] = $temp[1];
         }
         */
 
diff --git a/app/channel/service/system/Xunmai.php b/app/channel/service/system/Xunmai.php
index 176f7f9..92015e7 100644
--- a/app/channel/service/system/Xunmai.php
+++ b/app/channel/service/system/Xunmai.php
@@ -53,7 +53,7 @@ class Xunmai extends Core
 
     public function lockCard($order)
     {
-        $response =$this->lock_send($order,2);
+        $response =$this->lock_send($order);
 
 
         $log['type'] = 'LockCard_response';
@@ -113,11 +113,17 @@ class Xunmai extends Core
         $request=[];
         $request['customerId'] = $this->mid;
 //        $request['money'] = $order['cash'];
-        $response = $this->json_decode($order['response']);
-        if(empty($response['kami'])){
-            return '未找到卡密';
+        if($type==1){
+            $response = $this->json_decode($order['response']);
+            if(empty($response['kami'])){
+                return '未找到卡密';
+            }
+            $request['cardNo'] = $response['kami']['cardno'];
+
+        }else{
+            $request['cardNo'] = $order['cardno']; #解锁默认order卡号
         }
-        $request['cardNo'] = $response['kami']['cardno'];
+
         $request['lockType'] = $type;
         $request['timestamp']  =time();
 
@@ -307,21 +313,55 @@ class Xunmai extends Core
         $url = $this->host . $this->api;
 
 
-        $response = $this->curl('post', $url, $request, true);
-//        $response = '{"code":1,"msg":"成功","data":{"billno":"B17252834199510831","orderId":"4029177133840735740","count_money":"20","rate":"0.9800","number":1,"count_amount":"19.6000","custom":null,"cards":"d50c80397d4f2a3b90c99d4436ad38d3c3f85c916bc3c3610f71816a9a9d683d4b9f9977988b6d931d05dcc7d9fb93482a3635e1420651b6645e9bd18ea417d5f28031e14223396162488b952981769ba6e264a94219a1a90d4893732845ab14"}}';
-        $response = $this->response($response);
+
+        $KamiService =  KamiService::instance();
+
+        if($request['productCode']== 'SHYKT02'){
+            #数汇02
+            $randomKami = $KamiService->getData($param['cash'],1,  1, true, false, 1);
+        }elseif($request['productCode']== 'SHYKT04'){
+            #数汇04
+            $randomKami = $KamiService->getData($param['cash'],1,  1, true, false, 2);
+        }elseif($request['productCode']== 'TDK01'){
+            #通兑01
+            $randomKami = $KamiService->getData($param['cash'],1,  1, true, false, 3);
+        }else{
+
+            $randomKami = null;
+        }
+
+        if ($randomKami) {
+            $randomKami_data = [
+                'is_kami' =>1,
+            ];
+
+            $msg = 'yescard';
+            $randomKami_data['kami'] = array
+            (
+                'cardno'=>$randomKami['cnum'],
+                'cardpwd'=>$randomKami['cpwd'],
+                'expired'=>$randomKami['expire_time'] ?? '',
+                'value'=>$randomKami['value'],
+            );
+            $response = [
+                'msg' => $msg,
+                'data' => $randomKami_data,
+                'array' => $randomKami_data
+            ];
+            $unlockcard = $this->unlockCard($randomKami_data['kami']);
+            if($unlockcard != 'ok'){
+                $response = $this->curl('post', $url, $request, true);
+                $response = $this->response($response);
+                $KamiService->db()->where(array('cnum' => $randomKami['cnum']))->update(array('status' => '7'));
+            }
+
+        } else {
+
+            $response = $this->curl('post', $url, $request, true);
+            $response = $this->response($response);
 //            var_dump($response);die;
-
-
-
-
-
-//        var_dump($response);die;
-//        var_dump($response);
-
-        //$response['data'] = '';
-        //$response['msg'] = 'ok';
-        $channel_order_id = '';
+        }
+//
         if (isset($response['array']['data']['billno'])) {
             $channel_order_id = $response['array']['data']['billno'];
         }
diff --git a/app/core/BtWafService.php b/app/core/BtWafService.php
new file mode 100644
index 0000000..536cc98
--- /dev/null
+++ b/app/core/BtWafService.php
@@ -0,0 +1,267 @@
+<?php
+
+namespace app\core;
+
+use think\admin\Service as Base;
+use app\gateway\service\RedisService;
+use app\gateway\service\AuthService;
+use app\gateway\service\CurlService;
+use dever\Log;
+use think\Db;
+
+/**
+ * 宝塔waf
+ * Class Cate
+ * @package app\btwaf
+ */
+class BtWafService
+{
+    /**
+     * 应用实例
+     * @var Db
+     */
+    protected $db;
+
+    /**
+     * 表名
+     * @var table
+     */
+    protected $table = '';
+
+    protected $BT_KEY = ''; //接口密钥
+    protected $BT_PANEL = ''; //面板地址
+    protected $config = array(
+        # 系统状态相关接口
+        'GetSystemTotal' => '/system?action=GetSystemTotal',       //获取系统基础统计
+        'GetDiskInfo' => '/system?action=GetDiskInfo',                 //获取磁盘分区信息
+        'GetNetWork' => '/system?action=GetNetWork',                   //获取实时状态信息(CPU、内存、网络、负载)
+        'GetTaskCount' => '/ajax?action=GetTaskCount',                 //检查是否有安装任务
+        'UpdatePanel' => '/ajax?action=UpdatePanel',                   //检查面板更新
+        # 网站管理相关接口
+        'Websites' => '/data?action=getData&table=sites',             //获取网站列表
+        'Webtypes' => '/site?action=get_site_types',                   //获取网站分类
+        'GetPHPVersion' => '/site?action=GetPHPVersion',             //获取已安装的 PHP 版本列表
+        'GetSitePHPVersion' => '/site?action=GetSitePHPVersion', //获取指定网站运行的PHP版本
+        'SetPHPVersion' => '/site?action=SetPHPVersion',         //修改指定网站的PHP版本
+        'SetHasPwd' => '/site?action=SetHasPwd',                 //开启并设置网站密码访问
+        'CloseHasPwd' => '/site?action=CloseHasPwd',             //关闭网站密码访问
+        'GetDirUserINI' => '/site?action=GetDirUserINI',         //获取网站几项开关（防跨站、日志、密码访问）
+        'WebAddSite' => '/site?action=AddSite',                             //创建网站
+        'WebDeleteSite' => '/site?action=DeleteSite',                   //删除网站
+        'WebSiteStop' => '/site?action=SiteStop',                         //停用网站
+        'WebSiteStart' => '/site?action=SiteStart',                       //启用网站
+        'WebSetEdate' => '/site?action=SetEdate',                         //设置网站有效期
+        'WebSetPs' => '/data?action=setPs&table=sites',                 //修改网站备注
+        'WebBackupList' => '/data?action=getData&table=backup',     //获取网站备份列表
+        'WebToBackup' => '/site?action=ToBackup',                         //创建网站备份
+        'WebDelBackup' => '/site?action=DelBackup',                       //删除网站备份
+        'WebDoaminList' => '/data?action=getData&table=domain',     //获取网站域名列表
+        'GetDirBinding' => '/site?action=GetDirBinding',         //获取网站域名绑定二级目录信息
+        'AddDirBinding' => '/site?action=AddDirBinding',         //添加网站子目录域名
+        'DelDirBinding' => '/site?action=DelDirBinding',         //删除网站绑定子目录
+        'GetDirRewrite' => '/site?action=GetDirRewrite',         //获取网站子目录伪静态规则
+        'WebAddDomain' => '/site?action=AddDomain',                       //添加网站域名
+        'WebDelDomain' => '/site?action=DelDomain',                       //删除网站域名
+        'GetSiteLogs' => '/site?action=GetSiteLogs',             //获取网站日志
+        'GetSecurity' => '/site?action=GetSecurity',             //获取网站盗链状态及规则信息
+        'SetSecurity' => '/site?action=SetSecurity',             //设置网站盗链状态及规则信息
+        'GetSSL' => '/site?action=GetSSL',                       //获取SSL状态及证书详情
+        'HttpToHttps' => '/site?action=HttpToHttps',             //强制HTTPS
+        'CloseToHttps' => '/site?action=CloseToHttps',           //关闭强制HTTPS
+        'SetSSL' => '/site?action=SetSSL',                       //设置SSL证书
+        'CloseSSLConf' => '/site?action=CloseSSLConf',           //关闭SSL
+        'WebGetIndex' => '/site?action=GetIndex',                //获取网站默认文件
+        'WebSetIndex' => '/site?action=SetIndex',                //设置网站默认文件
+        'GetLimitNet' => '/site?action=GetLimitNet',             //获取网站流量限制信息
+        'SetLimitNet' => '/site?action=SetLimitNet',             //设置网站流量限制信息
+        'CloseLimitNet' => '/site?action=CloseLimitNet',         //关闭网站流量限制
+        'Get301Status' => '/site?action=Get301Status',           //获取网站301重定向信息
+        'Set301Status' => '/site?action=Set301Status',           //设置网站301重定向信息
+        'GetRewriteList' => '/site?action=GetRewriteList',           //获取可选的预定义伪静态列表
+        'GetFileBody' => '/files?action=GetFileBody',                   //获取指定预定义伪静态规则内容(获取文件内容)
+        'SaveFileBody' => '/files?action=SaveFileBody',                 //保存伪静态规则内容(保存文件内容)
+        'GetProxyList' => '/site?action=GetProxyList',           //获取网站反代信息及状态
+        'CreateProxy' => '/site?action=CreateProxy',             //添加网站反代信息
+        'ModifyProxy' => '/site?action=ModifyProxy',             //修改网站反代信息
+
+        # Ftp管理
+        'WebFtpList' => '/data?action=getData&table=ftps',       //获取FTP信息列表
+        'SetUserPassword' => '/ftp?action=SetUserPassword',      //修改FTP账号密码
+        'SetStatus' => '/ftp?action=SetStatus',                  //启用/禁用FTP
+
+        # Sql管理
+        'WebSqlList' => '/data?action=getData&table=databases',  //获取SQL信息列表
+        'ResDatabasePass' => '/database?action=ResDatabasePassword',  //修改SQL账号密码
+        'SQLToBackup' => '/database?action=ToBackup',            //创建sql备份
+        'SQLDelBackup' => '/database?action=DelBackup',          //删除sql备份
+
+        'download' => '/download?filename=',                     //下载备份文件(目前暂停使用)
+
+        # 插件管理
+        'deployment' => '/plugin?action=a&name=deployment&s=GetList&type=0',       //宝塔一键部署列表
+        'SetupPackage' => '/plugin?action=a&name=deployment&s=SetupPackage',       //部署任务
+
+        #宝塔WAF
+        'WAF_customize_rule' =>'/plugin?action=a&name=btwaf&s=update_customize_rule',     //Nginx自定义规则
+        'WAF_customize_rule_create' =>'/plugin?action=a&name=btwaf&s=create_customize_rule',     //Nginx自定义规则
+        'WAF_customize_rule_list' => '/plugin?action=a&name=btwaf&s=get_customize_list',  //Nginx自定义规则列表
+
+
+    );
+    /**
+     * 初始化服务
+     * @return $this
+     */
+
+
+    /**
+     * 初始化
+     * @param [type] $bt_panel 宝塔接口地址
+     * @param [type] $bt_key   宝塔Api密钥
+     */
+    public function __construct()
+    {
+        $bt_panel = sysconf('BtApi_ip');
+        $bt_key = sysconf('BtApi_password');
+
+        if ($bt_panel) $this->BT_PANEL = $bt_panel;
+        if ($bt_key) $this->BT_KEY = $bt_key;
+        header('Content-type: application/json');
+    }
+
+    public function db($table = false)
+    {
+        $table = $table ? $table : $this->table;
+        $this->db = $this->app->db->name($table);
+        return $this->db;
+    }
+
+    /**
+     * 构造带有签名的关联数组
+     */
+    public function GetKeyData(){
+        $now_time = time();
+        $p_data = array(
+            'request_token'	=>	md5($now_time.''.md5($this->BT_KEY)),
+            'request_time'	=>	$now_time
+        );
+        return $p_data;
+    }
+
+
+
+    /**
+     * 获取系统基础统计
+     */
+    public function update_waf_whiteIp($rule_id,$whiteName,$domain,$ip_white){
+
+
+        #infos: {"name":"ip白名单-2","servers":["apis.gcdat.com"],"status":1,"is_global":0,"priority":0,"root":{"logic":"or","type":"block","option":null,"children":[{"logic":"and","type":"block","option":null,"children":[{"type":"option","logic":"","children":[],"option":{"type":"ip","operator":"eq","left_factor":"","right_factor":"12.12.12.12"}}]}]},"action":{"type":"allow","response":{"type":"","response_id":0,"status":0,"headers":{},"body":""}}}
+
+
+
+        $p_data = $this->GetKeyData();
+        if(isset($rule_id)&& $rule_id){
+            $url = $this->BT_PANEL.$this->config["WAF_customize_rule"];
+            $p_data['id'] = $rule_id;
+        }else{
+            $url = $this->BT_PANEL.$this->config["WAF_customize_rule_create"];
+        }
+        $info = array();
+        $info['name'] = $whiteName;
+        $info['servers'] = [$domain];
+        $info['status'] = 1;
+        $info['is_global'] = 0;
+        $info['priority'] = 0;
+        $root_info = [];
+        $root_info['logic'] = 'or';
+        $root_info['type'] = 'block';
+        $root_info['option'] = 'null';
+//        $children;
+        $num = 0;
+//        var_dump($ip_white);die;
+        foreach ($ip_white as $k => $v){
+            $children[$num]['logic'] = 'and';
+            $children[$num]['type'] = 'block';
+            $children[$num]['option'] = 'null';
+            $children[$num]['children'][0]['type'] = 'block';
+            $children[$num]['children'][0]['logic'] = '';
+            $children[$num]['children'][0]['children'] = [];
+            $children[$num]['children'][0]['option'] = [
+                'type' => 'ip',
+                'operator' => 'eq',
+                'left_factor' => '',
+                'right_factor' => $v,
+            ];
+            $num++;
+        }
+
+
+        $root_info['children'] = $children;
+        $info['root'] = $root_info;
+        $info['action'] = [
+            'type'=>'allow',
+            'response'=>[
+                'type'=>'',
+                'response_id'=>0,
+                'status'=>0,
+//                'headers'=>[],
+                'body'=>''
+            ]
+        ];
+//        var_dump($info);die;
+        $json = json_encode($info,JSON_UNESCAPED_UNICODE);
+//        var_dump($json);die;
+
+
+//
+        $p_data['infos'] = $json;
+
+//        var_dump($p_data);
+
+
+        $result = $this->HttpPostCookie($url,$p_data);
+
+        $data = json_decode($result,true);
+        return $data;
+    }
+
+    private function HttpPostCookie($url, $data,$timeout = 60)
+    {
+        //定义cookie保存位置
+        $cookie_file='./'.md5($this->BT_PANEL).'.cookie';
+        if(!file_exists($cookie_file)){
+            $fp = fopen($cookie_file,'w+');
+            fclose($fp);
+        }
+
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, $url);
+        curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+        curl_setopt($ch, CURLOPT_POST, 1);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+        curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
+        curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+        curl_setopt($ch, CURLOPT_HEADER, 0);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+        $output = curl_exec($ch);
+        curl_close($ch);
+        return $output;
+    }
+    
+    public function get_customize_list(){
+        $url = $this->BT_PANEL.$this->config["WAF_customize_rule_list"];
+//        var_dump($url);die;
+        $p_data = $this->GetKeyData();
+        $result = $this->HttpPostCookie($url,$p_data);
+        $data = json_decode($result,true);
+        return $data;
+
+    }
+
+
+    #
+
+}
diff --git a/app/gateway/controller/v4/Card.php b/app/gateway/controller/v4/Card.php
index b726bb2..4b1269e 100644
--- a/app/gateway/controller/v4/Card.php
+++ b/app/gateway/controller/v4/Card.php
@@ -82,17 +82,17 @@ class Card extends Core
         $request = json_decode($data['channel_callback_msg'], true);
 
         $number = '';
-        if (isset($request['s_nubmer']) && $request['s_nubmer']) {
-            $result['s_nubmer'] = $request['s_nubmer'];
+        if (isset($request['s_number']) && $request['s_number']) {
+            $result['s_number'] = $request['s_number'];
         } elseif (isset($request['s_number']) && $request['s_number']) {
-            $result['s_nubmer'] = $request['s_number'];
+            $result['s_number'] = $request['s_number'];
         }
 
         $order_name = sysconf('order_name');
         if ($number && $order_name) {
             $result[$order_name] = $number;
         } elseif ($number) {
-            $result['s_nubmer'] = $number;
+            $result['s_number'] = $number;
         }
 
         $this->yes($result);
diff --git a/app/gateway/controller/v4/Core.php b/app/gateway/controller/v4/Core.php
index 851b7dd..9a61574 100644
--- a/app/gateway/controller/v4/Core.php
+++ b/app/gateway/controller/v4/Core.php
@@ -164,9 +164,9 @@ class Core extends Controller
         $ip_white_array = $ip_white_data?explode(',', $ip_white_data):[];
 
 
-//        if(!$ip_white_array || !in_array($request_ip, $ip_white_array)){
-//            $this->no(-801,'ip:'.$request_ip.',请求错误，不在白名单内。');
-//        }
+        if(!$ip_white_array || !in_array($request_ip, $ip_white_array)){
+            $this->no(-801,'ip:'.$request_ip.',请求错误，不在白名单内。');
+        }
         //        var_dump(1);die;
 		if ($this->proid && !str_contains($this->product, '_cash')) {
 			unset($input['cash']);
diff --git a/app/merchant/controller/Merchant.php b/app/merchant/controller/Merchant.php
index b614057..722f138 100644
--- a/app/merchant/controller/Merchant.php
+++ b/app/merchant/controller/Merchant.php
@@ -46,7 +46,7 @@ class Merchant extends Controller
         $this->title = '商户列表';
         $query = $this->_query($this->table);
         $query->equal('status')->dateBetween('create_at');
-        $query->like('name,phone,contacts');
+        $query->like('name,phone,contacts,ip_white');
         // 加载对应数据列表
         $this->type = input('type', 'all');
         $query->where(['is_deleted' => 0]);
@@ -334,6 +334,8 @@ class Merchant extends Controller
         }
     }
 
+
+
     /**
      * 商户信息查看
      * @login true
@@ -392,5 +394,39 @@ class Merchant extends Controller
         $this->_delete($this->table);
     }
 
+    /**
+     * 修改ip白名单
+     * @login true
+     * @auth true
+     * @param integer $id
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     */
+    public function ipWhite($id = 0)
+    {
+
+        if ($this->app->request->isGet()) {
+            $this->_applyFormToken();
+            $this->verify = false;
+
+//            $this->pkeylist = OrderService::instance()->getProductKeyList(true);
+
+            $this->_form($this->table, 'ipWhite','id', [], ['id' => $id]);
+
+        } else {
+            $id = input('id');
+            $ip_white = input('ip_white');
+
+            $up_ipWhite = MerchantService::instance()->update_ipWhite($id,$ip_white);
+            if($up_ipWhite == '添加防火墙错误'){
+                $this->error('添加防火墙ip错误，请联系技术何时！');
+            }else{
+                $this->success('IP白名单修改成功！', '');
+            }
+
+        }
+    }
+
     
 }
diff --git a/app/merchant/service/MerchantService.php b/app/merchant/service/MerchantService.php
index 0ff1408..50475e5 100644
--- a/app/merchant/service/MerchantService.php
+++ b/app/merchant/service/MerchantService.php
@@ -2,6 +2,7 @@
 
 namespace app\merchant\service;
 
+use app\core\BtWafService;
 use app\core\Service;
 use app\merchant\service\OrderService;
 use app\order\service\Kami91OrderService;
@@ -1172,4 +1173,45 @@ class MerchantService extends Service
 
         $this->db()->where(array('id' => $mid))->update($update);
     }
+
+    public function update_ipWhite($mid,$ip_white_data='')
+    {
+        $is_btWaf = sysconf('settingBtWafStatus');
+        $api_domain = sysconf('BtWaf_domain');
+
+
+        if(isset($is_btWaf) && $is_btWaf == 1) {
+            $ip_white_array = $ip_white_data?explode(',', $ip_white_data):[];
+            $bt = new BtWafService();
+            $list = $bt->get_customize_list();
+            $ip_white_id = '';
+            if($list){
+                $rule_list = $list['msg']['rules'];
+                $name = 'ip白名单-'.$mid;
+                foreach ($rule_list as $k=>$v){
+                    if($v['name'] == $name){
+                        $ip_white_id = $k;
+                        break;
+                    }
+
+                }
+
+            }
+
+            if($ip_white_id){
+                $data =  $bt->update_waf_whiteIp($ip_white_id,$name,$api_domain,$ip_white_array);
+
+            } else{
+                $data = $bt->update_waf_whiteIp('', $name, $api_domain, $ip_white_array);
+            }
+
+            if($data && isset($data['status']) && !$data['status']){
+                return '添加防火墙错误';
+            }
+
+        }
+        return $this->db()->where(array('id' => $mid))->update(['ip_white'=>$ip_white_data]);
+
+
+    }
 }
\ No newline at end of file
diff --git a/app/merchant/view/merchant/index.html b/app/merchant/view/merchant/index.html
index 8fd78a5..989837e 100644
--- a/app/merchant/view/merchant/index.html
+++ b/app/merchant/view/merchant/index.html
@@ -126,6 +126,9 @@
                         <a class="layui-btn layui-btn-xs layui-btn-danger"  data-title="映射产品编码设置"  data-open='{:url("/merchant/MerchantMappingProduct/index")}?mid={$vo.id}' data-csrf="{:systoken('recharge')}">映射产品编码设置</a>
                         <!--{/if}-->
 
+                        <a class="layui-btn layui-btn-xs layui-btn-green"  data-title="IP白名单设置"  data-modal='{:url("ipWhite")}?id={$vo.id}' data-csrf="{:systoken('ipWhite')}">设置IP白名单</a>
+
+
                         <!--{if $vo.callback_repeat==3}-->
                         <a class="layui-btn layui-btn-xs layui-btn-danger" data-csrf="{:systoken('recharge')}"
                            data-open='{:url("/merchant/callbackRepeat/setting")}?id={$vo.id}'
diff --git a/app/merchant/view/merchant/ipWhite.html b/app/merchant/view/merchant/ipWhite.html
new file mode 100644
index 0000000..3a03137
--- /dev/null
+++ b/app/merchant/view/merchant/ipWhite.html
@@ -0,0 +1,25 @@
+<form class="layui-form layui-card" action="{:request()->url()}" data-auto="true" method="post" autocomplete="off">
+    <div class="layui-card-body padding-left-40">
+
+        <div class="layui-form-item">
+            <label class="relative block">
+                <span class="color-green font-w7">ip白名单</span>
+
+                <!--{if isset($vo) and isset($vo.ip_white)}-->
+                <input name="ip_white" value='{$vo.ip_white|default=""}' class="layui-input">
+                <!--{else}-->
+                <input name="ip_white" value='{$vo.ip_white|default=""}' placeholder="请输入ip白名单" class="layui-input">
+                <!--{/if}-->
+<!--                <input name="ip_white" value='{$vo.ip_white|default=""}' placeholder="请输入ip白名单" class="layui-input">-->
+            </label>
+            <p class="color-desc">为空则不设置IP白名单</p>
+        </div>
+
+    </div>
+    <div class="hr-line-dashed"></div>
+    {notempty name='vo.id'}<input type='hidden' value='{$vo.id}' name='id'>{/notempty}
+    <div class="layui-form-item text-center">
+        <button class="layui-btn" type='submit'>保存</button>
+        <button class="layui-btn layui-btn-danger" type='button' data-confirm="确定要取消吗？" data-close>取消</button>
+    </div>
+</form>
\ No newline at end of file
diff --git a/app/openapi/controller/Task.php b/app/openapi/controller/Task.php
index c7dc5e9..d8eb925 100644
--- a/app/openapi/controller/Task.php
+++ b/app/openapi/controller/Task.php
@@ -210,6 +210,55 @@ class Task extends Core
         }
     }
 
+    /* 对快手黑名单队列进行退款处理正常执行 */
+    public function refundKuaishou()
+    {
+
+
+        try {
+            $this->redis();
+            $redisData = $this->redis->pop('blackcall');
+            $param = array();
+
+            $param['orderId'] = $redisData['orderNo'];
+            $param['status'] = 'FAILED';
+            $param['bizType'] = '10';
+            $param['failCode'] = '4013022';
+            $param['failMsg'] = '黑名单';
+
+
+            $param = json_encode($param);
+            $signtime = time();
+
+            $sign = 'access_token=' . $redisData['access_token'] . '&appkey=' . $redisData['agentId'] . '&method=integration.virtual.topup.mobile.order.callback&param=' . $param . '&signMethod=MD5&timestamp=' . $signtime . '&version=1';
+            $signmd5 = md5($sign);
+            $param = urlencode($param);
+
+            $geturl = $redisData['notify_url'] . '?access_token=' . $redisData['access_token'] . '&appkey=' . $redisData['agentId'] . '&method=integration.virtual.topup.mobile.order.callback&param=' . $param . '&signMethod=MD5&timestamp=' . $signtime . '&version=1&sign=' . $signmd5;
+
+//            $blackGet= ['result' => '1'];
+
+            $blackGet = \app\openapi\controller\Coreks::get_curl_post($geturl);
+            $blackGet = json_decode($blackGet, true);
+
+            $response = $blackGet['result'];
+
+            if ($response == '1') {
+                Log::write('gateway', 'black', $blackGet);
+            } else {
+                Log::write('errorTip', 'black_request', $redisData);
+                Log::write('gateway', 'black', $blackGet);
+            }
+
+            return 'ok';
+        } catch (\Exception $e) {
+//            return $e;
+            Log::write('errorTip', 'redis', $e->getMessage());
+            return 'error';
+        }
+
+    }
+
 
 
 
diff --git a/app/openapi/controller/Test.php b/app/openapi/controller/Test.php
index d4d3a31..a546c63 100644
--- a/app/openapi/controller/Test.php
+++ b/app/openapi/controller/Test.php
@@ -7,6 +7,7 @@ use app\channel\service\CardService;
 use app\channel\service\ChannelService;
 use app\channel\service\KamiService;
 use app\channel\service\ProductService;
+use app\core\BtWafService;
 use app\gateway\controller\api\Notify;
 use app\gateway\service\RedisService;
 use app\kami\controller\getcookie\KaiDianBao;
@@ -79,6 +80,87 @@ class Test extends Core
 
     }
 
+    public function btwaf()
+    {
+//        $m_oldIpWhite_data = MerchantService::instance()->db()->field('ip_white')->where(['id'=>6])->find();
+////        $m_oldIpWhite = $m_oldIpWhite_data['ip_white'];
+//        if($m_oldIpWhite_data && isset($m_oldIpWhite_data['ip_white']) && $m_oldIpWhite_data['ip_white']){
+//            $old_ip_white_array = $m_oldIpWhite_data['ip_white']?explode(',', $m_oldIpWhite_data['ip_white']):[];
+//            $ip_white_array = [
+//              '223.5.5.5','122.234.200.204'
+//            ];
+//            foreach ($old_ip_white_array as $k => $v) {
+//                if(in_array($old_ip_white_array[$k], $ip_white_array)){
+//                    var_dump($old_ip_white_array[$k]);
+//                }
+//
+//            }
+//        }
+//        var_dump(123);die;
+//        $inf= '{"name":"ip白名单","servers":["apis.gcdat.com"],"status":1,"is_global":0,"priority":0,"root":{"logic":"or","type":"block","option":null,"children":[{"logic":"and","type":"block","option":null,"children":[{"type":"option","logic":"","children":[],"option":{"type":"ip","operator":"eq","left_factor":"","right_factor":"125.122.178.235"}}]},{"logic":"and","type":"block","option":null,"children":[{"type":"option","logic":"","children":[],"option":{"type":"ip","operator":"eq","left_factor":"","right_factor":"1.1.1.1"}}]},{"logic":"and","type":"block","option":null,"children":[{"type":"option","logic":"","children":[],"option":{"type":"ip","operator":"eq","left_factor":"","right_factor":"223.5.5.5"}}]}]},"action":{"type":"allow","response":{"type":"","response_id":0,"status":0,"headers":{},"body":""}}}';
+//        var_dump(json_decode($inf,true));die;
+        $api_domain = 'apis.gcdat.com';
+
+        $ip_white_data = '223.5.5.5,1.1.1.1,8.9.9.9';
+
+
+
+            $ip_white_array = $ip_white_data ? explode(',', $ip_white_data) : [];
+            $bt = new BtWafService();
+            $list = $bt->get_customize_list();
+            $ip_white_id = '';
+            if ($list) {
+                $rule_list = $list['msg']['rules'];
+                $name = 'ip白名单-' . '3';
+                foreach ($rule_list as $k => $v) {
+                    if ($v['name'] == $name) {
+                        $ip_white_id = $k;
+                        break;
+                    }
+
+                }
+
+            }
+
+            if ($ip_white_id) {
+                $data = $bt->update_waf_whiteIp($ip_white_id, $name, $api_domain, $ip_white_array);
+                var_dump($data);
+
+            }else{
+                $data = $bt->update_waf_whiteIp('', $name, $api_domain, $ip_white_array);
+                var_dump($data);
+            }
+        die;
+
+
+        $bt = new BtWafService();
+        $list = $bt->get_customize_list();
+        $ip_white_id = '';
+        if($list){
+            $rule_list = $list['msg']['rules'];
+            $name = 'ip白名单-'.'1';
+            foreach ($rule_list as $k=>$v){
+                if($v['name'] == $name){
+                    $ip_white_id = $k;
+                    break;
+                }
+
+            }
+            var_dump($list);
+
+
+        }
+
+        if($ip_white_id){
+        var_dump($ip_white_id);
+
+        }
+
+
+//        var_dump($rule_list);
+
+    }
+
     public  function check_oar()
     {
         $orderAutoService = OrderAutoService::instance();
diff --git a/app/order/controller/Order.php b/app/order/controller/Order.php
index e549425..cfc958f 100644
--- a/app/order/controller/Order.php
+++ b/app/order/controller/Order.php
@@ -196,10 +196,10 @@ class Order extends Controller
 
         if ($is_number == 1) {
             # 有流水号的
-            $query->whereRaw(' channel_callback_msg like("%s_nubmer%")');
+            $query->whereRaw(' channel_callback_msg like("%s_number%")');
         } elseif ($is_number == 2) {
             # 无流水号的
-            $query->whereRaw(' channel_callback_msg not like("%s_nubmer%")');
+            $query->whereRaw(' channel_callback_msg not like("%s_number%")');
         }
 
         return $query;
@@ -277,7 +277,7 @@ class Order extends Controller
                     $vo['other'][$k1]['cinfo'] = $this->clist[$v1['cid']] ?? false;
                 }
             }
-            $vo['s_nubmer'] = '';
+            $vo['s_number'] = '';
             $vo['time'] = '';
             if ($vo['channel_callback_msg']) {
                 $vo['channel_callback_msg'] = json_decode($vo['channel_callback_msg'], true);
@@ -285,8 +285,8 @@ class Order extends Controller
                     $vo['channel_order_id'] = $vo['channel_callback_msg']['trade_no'];
                 }
 
-                if (isset($vo['channel_callback_msg']['s_nubmer']) && $vo['channel_callback_msg']['s_nubmer'] && $vo['cid'] != 10031) {
-                    $vo['s_nubmer'] = $vo['channel_callback_msg']['s_nubmer'];
+                if (isset($vo['channel_callback_msg']['s_number']) && $vo['channel_callback_msg']['s_number'] && $vo['cid'] != 10031) {
+                    $vo['s_number'] = $vo['channel_callback_msg']['s_number'];
                 }
 
                 if (isset($vo['channel_callback_msg']['message']) && $vo['channel_callback_msg']['message']) {
@@ -418,24 +418,6 @@ class Order extends Controller
 //            }
 
         }
-//        $this->total = 0;
-//        //Todo 注释修改统计
-//
-//        $result['dong_num'] = 0;
-//
-//
-//        $result['no_num'] = 0;
-//        $result['act_yes_num'] = 0;
-//        $result['yes_num'] = 0;
-//        $result['num'] = 0;
-//
-//        $result['order_num'] = $result['order_dong_num'] = $result['order_no_num'] = $result['order_yes_num'] = $result['order_ys_num'] = 0;
-//
-//        $result['order_yes_lv'] = 0 . '%' ;
-//        $this->total = $result;
-
-
-//        $this->total = OrderService::instance()->total();
     }
 
 
@@ -521,6 +503,7 @@ class Order extends Controller
 
             $this->_form($this->table, 'pay');
         } else {
+
             $mid = 1;
             $data = input('data');
             $cash = input('cash');
@@ -795,17 +778,17 @@ class Order extends Controller
 
         $order = OrderService::instance();
         if ($this->request->isPost()) {
-            $s_nubmer = input('s_nubmer');
-            $order->setCallback($data['data_type'], $data['order_id'], $data['status'], '', $s_nubmer);
+            $s_number = input('s_number');
+            $order->setCallback($data['data_type'], $data['order_id'], $data['status'], '', $s_number);
             $this->success('设置成功，商户回调结果要等系统统一推送才会同步，请关注同步结果！也可以手动发起回调！', '');
 
         } else {
             $info = $order->getOrder($data['data_type'], $data['order_id']);
-            $data['s_nubmer'] = '';
+            $data['s_number'] = '';
             if ($info && $info['channel_callback_msg']) {
                 $info['channel_callback_msg'] = json_decode($info['channel_callback_msg'], true);
-                if (isset($info['channel_callback_msg']['s_nubmer']) && $info['channel_callback_msg']['s_nubmer']) {
-                    $data['s_nubmer'] = $info['channel_callback_msg']['s_nubmer'];
+                if (isset($info['channel_callback_msg']['s_number']) && $info['channel_callback_msg']['s_number']) {
+                    $data['s_number'] = $info['channel_callback_msg']['s_number'];
                 }
             }
             $this->fetch('setYes', $data);
diff --git a/app/order/service/OrderService.php b/app/order/service/OrderService.php
index 110a667..51859fc 100644
--- a/app/order/service/OrderService.php
+++ b/app/order/service/OrderService.php
@@ -256,10 +256,10 @@ class orderService extends Service
 
         if ($is_number == 1) {
             # 有流水号的
-            $db->whereRaw(' channel_callback_msg like("%s_nubmer%")');
+            $db->whereRaw(' channel_callback_msg like("%s_number%")');
         } elseif ($is_number == 2) {
             # 无流水号的
-            $db->whereRaw(' channel_callback_msg not like("%s_nubmer%")');
+            $db->whereRaw(' channel_callback_msg not like("%s_number%")');
         }
         
         if ($col == '*') {
diff --git a/app/order/view/aftersales_order/index.html b/app/order/view/aftersales_order/index.html
index f4d0e83..051597c 100644
--- a/app/order/view/aftersales_order/index.html
+++ b/app/order/view/aftersales_order/index.html
@@ -93,7 +93,7 @@
                 <td class='text-left nowrap'><span>{$vo.cash|number_format=###, 2, '.', ''}</span>{if $vo.show_set == 1} / {$vo.actual_cash|number_format=###, 2, '.', ''} / {$vo.product_cash|number_format=###, 2, '.', ''}{/if}</td>
                 <td class='text-left nowrap'><span>{$vo.buy_num|default=''}</span></td>
                 <td class='text-left nowrap'><span>{$vo.one_cash|default=''}</span></td>
-                <td class='text-left nowrap'><span>{$vo.s_nubmer|default=''}</span></td>
+                <td class='text-left nowrap'><span>{$vo.s_number|default=''}</span></td>
                 <td class='text-left nowrap'>
 
                     {if $vo.other}
diff --git a/app/order/view/aftersales_order/index_search.html b/app/order/view/aftersales_order/index_search.html
index fd899de..615c8dd 100644
--- a/app/order/view/aftersales_order/index_search.html
+++ b/app/order/view/aftersales_order/index_search.html
@@ -252,7 +252,7 @@
                     item.account || '',
                     item.cash || '',
                     item.actual_cash || '',
-                    item.s_nubmer || '',
+                    item.s_number || '',
                     item.status || '',
                     item.create_at || '',
                     item.time || '',
diff --git a/app/order/view/aftersales_order/setKami.html b/app/order/view/aftersales_order/setKami.html
index a02c008..2c50d3c 100644
--- a/app/order/view/aftersales_order/setKami.html
+++ b/app/order/view/aftersales_order/setKami.html
@@ -4,7 +4,7 @@
         <div class="layui-form-item">
             <label class="relative block">
                 <span class="color-green font-w7">官方流水号</span>
-                <input class="layui-input" name="s_nubmer" placeholder="请输入官方流水号" value='{$s_nubmer|default=""}'>
+                <input class="layui-input" name="s_number" placeholder="请输入官方流水号" value='{s_number|default=""}'>
             </label>
             <p class="color-desc">为空则不设置流水号</p>
         </div>
diff --git a/app/order/view/aftersales_order/setYes.html b/app/order/view/aftersales_order/setYes.html
index dfc8a53..1f0f0e3 100644
--- a/app/order/view/aftersales_order/setYes.html
+++ b/app/order/view/aftersales_order/setYes.html
@@ -4,7 +4,7 @@
         <div class="layui-form-item">
             <label class="relative block">
                 <span class="color-green font-w7">官方流水号</span>
-                <input name="s_nubmer" value='{$s_nubmer|default=""}' placeholder="请输入官方流水号" class="layui-input">
+                <input name="s_number" value='{$s_number|default=""}' placeholder="请输入官方流水号" class="layui-input">
             </label>
             <p class="color-desc">为空则不设置流水号</p>
         </div>
diff --git a/app/order/view/order/index.html b/app/order/view/order/index.html
index 9ca9aa7..829dbf5 100644
--- a/app/order/view/order/index.html
+++ b/app/order/view/order/index.html
@@ -27,14 +27,15 @@
     <div class="layui-tab-content think-box-shadow table-block table-block">
         {include file='order/index_search'}
         {include file='order/statement'}
+        <div style="min-width:1rem;overflow-x:auto;" class="tableAll">
         <table class="layui-table margin-top-10" lay-skin="line" id="order-table-data-list">
             {notempty name='list'}
             <thead>
             <tr>
-                <th class='list-table-check-td think-checkbox'>
+                <th class='list-table-check-td think-checkbox leftfix'>
                     <label><input data-auto-none data-check-target='.list-check-box' type='checkbox'></label>
                 </th>
-                <th class='text-left nowrap' width="" >序号</th>
+                <th class='text-left nowrap leftfixx' width="">序号</th>
                 <th class='text-left nowrap' width="">商户</th>
                 <th class='text-left nowrap' width="">系统订单号</th>
                 <th class='text-left nowrap' width="">商户订单号</th>
@@ -47,18 +48,18 @@
                 <th class='text-left nowrap' width="">下单时间</th>
                 <th class='text-left nowrap' width="">耗时</th>
                 <th class='text-left nowrap' width="">同步结果</th>
-                <th class='text-left nowrap' width="10">充值结果</th>
-                <th></th>
+                <th class='text-left nowrap '>充值结果</th>
+                <th class='text-left nowrap rightfix'>订单操作</th>
             </tr>
             </thead>
             {/notempty}
             <tbody>
             {foreach $list as $key=>$vo}
             <tr>
-                <td class='list-table-check-td think-checkbox'>
+                <td class='list-table-check-td think-checkbox leftfix' >
                     <label><input class="list-check-box" value='{$vo.id}' type='checkbox'></label>
                 </td>
-                <td class='text-left nowrap'><span>{$vo.index|default=''}</span></td>
+                <td class='text-left nowrap leftfixx'><span>{$vo.index|default=''}</span></td>
                 <td class='text-left nowrap'>{$vo.minfo.name|default=''}
                     ( <span class="color-desc">{$vo.minfo.id|default=''}</span>
                     {eq name='vo.minfo.status' value='0'}/<span class="color-red">禁</span>{/eq}
@@ -198,7 +199,7 @@
                 <td class='text-left nowrap'><span>{$vo.time|default=''}</span></td>
                 <td class='text-left nowrap'><span>{$vo.merchant_callback_msg|default=''}</span></td>
                 <td class='text-left'><span>{$vo.msg|default=''}</span></td>
-                <td class='text-left nowrap'>
+                <td class='text-left nowrap rightfix' style="border-left: 2px #EEEEEE solid !important;">
 
                     <!--{if $vo.show_set == 1 || $vo.status == -2 || $vo.status == 5}-->
                     {if $vo.show_set == 1}
@@ -239,7 +240,7 @@
                     <a class="layui-btn layui-btn-xs layui-btn-normal"  data-title="设置卡密"  data-modal='{:url("setCard")}?order_id={$vo.id}&status=2&data_type={$data_type}' data-csrf="{:systoken('pass')}">置成功</a>
 
                     {elseif $vo.card_status == 3}
-                    <a class="layui-btn layui-btn-xs layui-btn-normal" data-csrf="{:systoken('pass')}"
+                    <a class="layui-btn layui-btn-xs layui-btn-normal"  data-csrf="{:systoken('pass')}"
                        data-modal='{:url("setKami")}?order_id={$vo.id}&status=2&data_type={$data_type}'
                        data-title="手动置成功">置成功</a>
 
@@ -280,16 +281,51 @@
             {/foreach}
             </tbody>
         </table>
-        {empty name='list'}<span class="notdata">没有记录哦</span>{else}{$pagehtml|raw|default=''}{/empty}
+        </div>{empty name='list'}<span class="notdata">没有记录哦</span>{else}{$pagehtml|raw|default=''}{/empty}
     </div>
 </div>
 <style type="text/css">
 
     .layui-badge {
         line-height: 19px;/
-
         box-shadow: 0 0px 0px 0 rgba(0,0,0,0.15);
     }
+    .tableAll{
+        height: 60vh;
+        overflow-x: auto;
+        position: relative;
+        padding-bottom: 10px;
+    }
+    .layui-table {
+        position: relative;
+        box-shadow: 0 4px 8px rgba(0, 0, 0, 0.2);
+        margin-bottom: -10px;
+        z-index: 1;
+    }
+    .layui-table thead th {
+        position: sticky;
+        top: 0;
+        background: white;
+        z-index: 10;
+    }
+    .rightfix{
+        position: sticky !important;
+        right: 0px;
+        background-color: white;
+        z-index: 9;
+    }
+    .leftfix{
+        position: sticky !important;
+        left: -2px;
+        background-color: white;
+        z-index: 9;
+    }
+    .leftfixx{
+        position: sticky !important;
+        left: 46px;
+        background-color: white !important;
+        z-index: 9;
+    }
 
     .color-span {
         padding: 2px;
diff --git a/app/order/view/order/index.html.back b/app/order/view/order/index.html.back
deleted file mode 100644
index 6ee1afb..0000000
--- a/app/order/view/order/index.html.back
+++ /dev/null
@@ -1,177 +0,0 @@
-{extend name="../../admin/view/table"}
-{block name="button"}
-
-<a class='layui-btn layui-btn-sm layui-btn-primary' id="upload" style="margin: 10px;">批量手动充值</a>
-<a id="restart" class='layui-btn layui-btn-sm layui-btn-primary'>将暂停中订单重新启动</a>
-<a id="errorToTiancheng" class='layui-btn layui-btn-sm layui-btn-primary' style="display: none;">八达通失败订单转到天成</a>
-
-
-{if input('set_callback') == 1}
-<a data-confirm="确定要把已勾选的订单置成功吗？" data-action="{:url('set')}" data-rule="order_id#{key};status#2;data_type#{$data_type}" data-csrf="{:systoken('set')}" class='layui-btn layui-btn-sm'>批量置成功</a>
-
-<a data-confirm="确定要把已勾选的订单置失败吗？" data-action="{:url('set')}" data-rule="order_id#{key};status#3;data_type#{$data_type}" data-csrf="{:systoken('set')}" class='layui-btn layui-btn-sm layui-btn-danger'>批量置失败</a>
-
-<a data-confirm="确定要把已勾选的订单重新启动吗？" data-action="{:url('set_restart')}" data-rule="order_id#{key}" data-csrf="{:systoken('set_restart')}" class='layui-btn layui-btn-sm'>批量重新启动</a>
-
-{/if}
-
-
-
-{/block}
-
-{block name="content"}
-<div class="think-box-shadow">
-
-    <table id="order-table-data-list" data-url="{:request()->url()}" data-target-search="form.form-search"></table>
-</div>
-{/block}
-
-{block name='script'}
-<script>
-    $(function () {
-        $('#order-table-data-list').layTable({
-            even: true, height: 'full',
-            sort: {field: 'id', type: 'desc'},
-            cols: [[
-                {checkbox: true, fixed: 'left'},
-                {field: 'id', title: 'ID', width: 80, sort: true, align: 'center'},
-                {field: 'minfo.id', title: '商户', minWidth: 100, width: '8%', sort: true, align: 'center'},
-                {field: 'order_id', title: '系统订单号', minWidth: 120},
-                {field: 'merchant_order_id', title: '商户订单号', minWidth: 120},
-                {field: 'account', title: '充值账号', minWidth: 150},
-                {field: 'cash', title: '总面值', minWidth: 100, width: '10%'},
-                {field: 'buy_num', title: '数量', minWidth: 100, width: '10%'},
-                {field: 'one_cash', title: '单面值', minWidth: 100, width: '10%'},
-                {field: 's_nubmer', title: '官方流水号', minWidth: 100},
-                {field: 'status', title: '订单状态', minWidth: 100, width: '10%'},
-
-
-                {field: 'create_at', title: '下单时间', minWidth: 170, align: 'center', sort: true},
-                {field: 'sort', title: '耗时', minWidth: 150},
-                {field: 'sort', title: '同步结果', minWidth: 150},
-                {field: 'sort', title: '充值结果', minWidth: 150},
-
-
-                {toolbar: '#toolbar', title: '操作面板', align: 'center', minWidth: 210, fixed: 'right'}
-            ]]
-        });
-
-        // 数据状态切换操作
-        layui.form.on('switch(StatusSwitchRoleTable)', function (obj) {
-            let data = {id: obj.value, status: obj.elem.checked > 0 ? 1 : 0};
-            $.form.load("{:url('state')}", data, 'post', function (ret) {
-                if (ret.code < 1) $.msg.error(ret.info, 3, function () {
-                    $('#RoleTable').trigger('reload');
-                });
-                return false;
-            }, false);
-        });
-    });
-</script>
-<!-- 数据状态切换模板 -->
-<script type="text/html" id="StatusSwitchRoleTableTpl">
-    <!--{if auth("state")}-->
-    <input type="checkbox" value="{{d.id}}" lay-skin="switch" lay-text="{:lang('已激活')}|{:lang('已禁用')}" lay-filter="StatusSwitchRoleTable" {{-d.status>0?'checked':''}}>
-    <!--{else}-->
-    {{-d.status ? '<b class="color-green">{:lang("已启用")}</b>' : '<b class="color-red">{:lang("已禁用")}</b>'}}
-    <!--{/if}-->
-</script>
-
-<script type="text/html" id="toolbar">
-    <!--{if auth("edit")}-->
-    <a class="layui-btn layui-btn-xs" data-dbclick data-modal='{:url("edit")}?id={d.id}'
-       data-title="编辑映射商品ID">编 辑</a>
-    <!--{/if}-->
-
-
-
-</script>
-
-<script>
-    layui.use(['layer','jquery', 'upload'], function(){
-        var layer = layui.layer;
-        var $ = layui.jquery;
-        var upload = layui.upload;
-
-
-
-        //指定允许上传的文件类型
-        upload.render({
-            elem: '#upload'
-            ,url: '/order/order/uploadMul.html'
-            ,accept: 'file' //普通文件
-
-            ,progress: function() {
-                $('#upload').html('上传中...');
-            }
-            ,done: function(res){
-                if (res.code == 1) {
-                    $('#upload').html('上传成功，点此继续上传');
-                    layer.msg(res.info, function() {
-                        location.reload();
-                    });
-                } else {
-                    layer.msg(res.info);
-                    $('#upload').html('重新选择充值文件');
-                }
-            }
-        });
-
-
-        $('#restart').click(function() {
-            layer.confirm('确定要将暂停中订单重新启动吗？请确定上游渠道可以正常下单', {
-                btn: ['确定','取消'] //按钮
-            }, function(){
-
-                var url = "{:url('/order/order/restart')}";
-
-                $.post(url,{}, function() {
-                    layer.msg('操作成功', {icon: 1});
-                })
-
-            }, function(){
-
-            });
-        })
-
-        //这个废弃吧
-        $('#error').click(function() {
-
-            layer.confirm('确定要手动执行八达通失败订单吗？将自动处理因八达通余额不足导致的下单失败订单，重新下单', {
-                btn: ['确定','取消'] //按钮
-            }, function(){
-
-                var url = "{:url('/gateway/api.task/popenRunError')}";
-
-                $.post(url,{}, function() {
-                    layer.msg('操作成功', {icon: 1});
-                })
-
-            }, function(){
-
-            });
-        })
-
-        $('#errorToTiancheng').click(function() {
-            layer.confirm('确定要手动执行八达通失败订单吗？将自动处理因八达通余额不足导致的下单失败订单，转到天成，重新下单', {
-                btn: ['确定','取消'] //按钮
-            }, function(){
-
-                var url = "{:url('/gateway/api.task/popenRunError')}";
-
-                $.post(url,{}, function() {
-                    layer.msg('操作成功', {icon: 1});
-                })
-
-            }, function(){
-
-            });
-        })
-
-    });
-
-
-</script>
-{/block}
-
-
diff --git a/app/order/view/order/setKami.html b/app/order/view/order/setKami.html
index a02c008..95ced50 100644
--- a/app/order/view/order/setKami.html
+++ b/app/order/view/order/setKami.html
@@ -4,7 +4,7 @@
         <div class="layui-form-item">
             <label class="relative block">
                 <span class="color-green font-w7">官方流水号</span>
-                <input class="layui-input" name="s_nubmer" placeholder="请输入官方流水号" value='{$s_nubmer|default=""}'>
+                <input class="layui-input" name="s_number" placeholder="请输入官方流水号" value='{$s_number|default=""}'>
             </label>
             <p class="color-desc">为空则不设置流水号</p>
         </div>
diff --git a/app/order/view/order/setYes.html b/app/order/view/order/setYes.html
index dfc8a53..561f00f 100644
--- a/app/order/view/order/setYes.html
+++ b/app/order/view/order/setYes.html
@@ -4,7 +4,7 @@
         <div class="layui-form-item">
             <label class="relative block">
                 <span class="color-green font-w7">官方流水号</span>
-                <input name="s_nubmer" value='{$s_nubmer|default=""}' placeholder="请输入官方流水号" class="layui-input">
+                <input name="s_number" value='{s_number|default=""}' placeholder="请输入官方流水号" class="layui-input">
             </label>
             <p class="color-desc">为空则不设置流水号</p>
         </div>
diff --git a/app/queue/command/kami91order/KamiOrderStatusStandardUp.php b/app/queue/command/kami91order/KamiOrderStatusStandardUp.php
index 315714e..9049efa 100644
--- a/app/queue/command/kami91order/KamiOrderStatusStandardUp.php
+++ b/app/queue/command/kami91order/KamiOrderStatusStandardUp.php
@@ -71,7 +71,7 @@ class KamiOrderStatusStandardUp extends Command
                             if(is_array($callArray)) {
                                 if(isset($callArray['kami'])) {
                                     $callArray = $callArray['kami'];
-                                    $callArray['s_nubmer']=$callArray['cardno'];
+                                    $callArray['s_number']=$callArray['cardno'];
                                     $callJson = json_encode($callArray);
                                 }
                             }
diff --git a/app/setting/view/config/index.html b/app/setting/view/config/index.html
index 15e0c2e..0a3d8d3 100644
--- a/app/setting/view/config/index.html
+++ b/app/setting/view/config/index.html
@@ -47,6 +47,45 @@
             <span class="help-block">请填写维护时间，为空则24小时开启，值为22:30-00:30</span>
         </label>
 
+        <label class="layui-form-item margin-top-20 block relative">
+            <span class="color-green margin-right-10">是否支持宝塔Nginx WAF防火墙</span>
+            <div>
+                {foreach ['1'=>'是','2'=>'否'] as $k=>$v}
+                <label class="think-radio">
+                    {if sysconf('settingBtWafStatus') eq $k}
+
+                    <input checked type="radio" id="settingBtWafStatus" name="settingBtWafStatus" value="{$k}" lay-ignore> {$v}
+                    {else}
+                    <input type="radio" id="settingBtWafStatus2" name="settingBtWafStatus" value="{$k}" lay-ignore> {$v}
+                    {/if}
+                </label>
+                {/foreach}
+            </div>
+            <span class="color-desc">如果是宝塔部署后端，并支持Nginx WAF防火墙请配置</span>
+        </label>
+        <div class="layui-form-item" id="btWaf_info" style="display: none;">
+
+
+        <label class="layui-form-item relative block" >
+            <span class="color-black font-w7">宝塔ip地址</span>
+            <input class="layui-input" placeholder="请输入宝塔ip地址" name="BtApi_ip" value="{:sysconf('BtApi_ip')}"/>
+            <span class="help-block">请填写宝塔ip地址，请不要随意修改</span>
+        </label>
+
+        <label class="layui-form-item relative block" >
+            <span class="color-black font-w7">宝塔接口密钥</span>
+            <input class="layui-input" placeholder="请输入宝塔接口密钥" name="BtApi_password" value="{:sysconf('BtApi_password')}"/>
+            <span class="help-block">请填写宝塔接口密钥，请不要随意修改</span>
+        </label>
+
+            <label class="layui-form-item relative block" >
+                <span class="color-black font-w7">宝塔防火墙网站域名</span>
+                <input class="layui-input" placeholder="宝塔防火墙网站域名" name="BtWaf_domain" value="{:sysconf('BtWaf_domain')}"/>
+                <span class="help-block">请填写宝塔防火墙网站域名，请不要随意修改</span>
+            </label>
+
+        </div>
+
         <label class="layui-form-item margin-top-20 block relative">
             <span class="color-green margin-right-10">是否维护</span>
             <div>
@@ -170,9 +209,35 @@
 {/block}
 
 {block name='script'}
+
 <script>
     layui.use(['form', 'layer', 'upload'], function () {
         var form = layui.form, layer = layui.layer, upload = layui.upload;
     });
+
+
+        var obj = document.getElementsByName("settingBtWafStatus")
+            if(obj[0].checked){
+                $("#btWaf_info").show()
+            }else {
+                $("#btWaf_info").hide()
+            }
+
+
+    $(document).ready(function() {
+        $('input[type=radio][name=settingBtWafStatus]').change(function() {
+            if (this.value == '1') {
+                $("#btWaf_info").show()
+            } else if (this.value == '2') {
+                $("#btWaf_info").hide()
+            }
+        });
+    });
+
+
+
+
+
+
 </script>
 {/block}
diff --git a/config/app.php b/config/app.php
index 34d1a7b..2bc9ee1 100644
--- a/config/app.php
+++ b/config/app.php
@@ -26,12 +26,15 @@ return [
     // 默认时区
     'default_timezone'        => 'Asia/Shanghai',
     // 应用映射（多应用模式有效）
-    'app_map'                 => [],
+    'app_map'                 => [
+        'notify_api' => 'gateway'
+
+    ],
     // 域名绑定（多应用模式有效）
     'domain_bind'             => [
-         'apis' => 'gateway',
-         'openapi' =>'openapi',
-        //  'gwapi' => 'gateway'
+        'apis' => 'gateway',
+        'openapi' =>'openapi',
+        'notify' => 'notify_api'
          
         ],
     // 禁止访问（多应用模式有效）
diff --git a/readme.md b/readme.md
index 0f14078..059377b 100644
--- a/readme.md
+++ b/readme.md
@@ -103,12 +103,12 @@ public function index(){
 ### ThinkAdmin v6 基于 ThinkPHP 6.0 开发（后台权限基于注解实现）
 * 在线体验地址：https://v6.thinkadmin.top
 * Gitee 代码地址：https://gitee.com/zoujingli/ThinkAdmin/tree/v6
-* Github 代码地址：https://github.com/zoujingli/ThinkAdmin/tree/v6
+* GitHub 代码地址：https://github.com/zoujingli/ThinkAdmin/tree/v6
 
 ### ThinkAdmin v5 基于 ThinkPHP 5.1 开发（后台权限基于注解实现）
 * 在线体验地址：https://v5.thinkadmin.top
 * Gitee 代码地址：https://gitee.com/zoujingli/ThinkAdmin/tree/v5
-* Github 代码地址：https://github.com/zoujingli/ThinkAdmin/tree/v5
+* GitHub 代码地址：https://github.com/zoujingli/ThinkAdmin/tree/v5
 
 ### ThinkAdmin v4 基于 ThinkPHP 5.1 开发（不建议继续使用）
 * 在线体验地址：https://v4.thinkadmin.top
@@ -128,4 +128,4 @@ public function index(){
 ### ThinkAdmin v1 基于 ThinkPHP 5.0 开发（不建议继续使用）
 * 在线体验地址：https://v1.thinkadmin.top
 * Gitee 代码地址：https://gitee.com/zoujingli/ThinkAdmin/tree/v1
-* Github 代码地址：https://github.com/zoujingli/ThinkAdmin/tree/v1
+* GitHub 代码地址：https://github.com/zoujingli/ThinkAdmin/tree/v1