承接 saleh7/php-zatca-xml 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

saleh7/php-zatca-xml

Composer 安装命令:

composer require saleh7/php-zatca-xml

包简介

An unofficial PHP library for generating ZATCA Fatoora e-invoices. This library facilitates the creation of compliant e-invoices, QR Codes, and certificates, as well as the submission of e-invoices to ZATCA's servers. It provides developers with an easy-to-use, customizable, and robust toolkit to in

README 文档

README

php-zatca-xml

php Version Packagist Stars Packagist Downloads Packagist Version License

View Examples · Report a bug · Discussions

Production Tested — Full onboarding flow (CSR → Compliance → 6 Invoice Types → Production Certificate → Invoice Reporting) successfully tested against ZATCA production API on March 31, 2026 using Ubuntu 24.04 / PHP 8.4.

Introduction

PHP-ZATCA-XML is a PHP library for generating ZATCA-compliant e-invoices (Fatoora). It handles the full lifecycle: certificate generation, XML invoice creation, digital signing, QR codes, and API submission to ZATCA.

Built to match the official ZATCA Java SDK (R3.4.8) specifications: secp256k1 keys, SHA256withECDSA signatures, UBL 2.1 XML, and all three environment tiers.

Features

  • Certificate Builder aligned with ZATCA SDK (CSR generation, secp256k1, proper DN order, Arabic support)
  • Invoice Generation for Standard and Simplified invoices (Invoice, Credit Note, Debit Note)
  • Digital Signing with XAdES-BES enveloped signatures
  • QR Code Generation per ZATCA TLV specification
  • Full API Client covering all 6 ZATCA endpoints (compliance, production, reporting, clearance, renewal)
  • Response Objects with typed accessors for validation results, warnings, and errors
  • Data Mapper to build invoices from arrays/JSON (e-commerce integration)

Requirements

  • PHP 8.1+
  • Extensions: ext-dom, ext-openssl, ext-hash, ext-mbstring

Installation

composer require saleh7/php-zatca-xml

Quick Start: Production Onboarding

The full ZATCA onboarding flow in 4 steps:

Step 1: Generate CSR + Private Key

📄 Full example: examples/Certificates/GeneratorCertificate.php

use Saleh7\Zatca\CertificateBuilder;

(new CertificateBuilder)
    ->setOrganizationIdentifier('3XXXXXXXXXXXXX3')   // 15-digit VAT number
    ->setSerialNumber('ERP', '1.0', 'unique-device-uuid')
    ->setCommonName('ERP-886431145-3XXXXXXXXXXXXX3')
    ->setCountryName('SA')
    ->setOrganizationName('Your Company Name')       // Arabic supported
    ->setOrganizationalUnitName('Branch Name')
    ->setAddress('RRRD2929')
    ->setInvoiceType('1100')                         // Standard + Simplified
    ->setEnvironment(CertificateBuilder::ENV_PRODUCTION)
    ->setBusinessCategory('Supply activities')
    ->generateAndSave('output/certificate.csr', 'output/private.pem');

Environment options:

  • ENV_PRODUCTIONZATCA-Code-Signing (live)
  • ENV_NONPRODTSTZATCA-Code-Signing (sandbox/test)
  • ENV_SIMULATIONPREZATCA-Code-Signing (pre-production)

Step 2: Request Compliance Certificate (CCSID)

📄 Full example: examples/Certificates/RequestComplianceCertificate.php

Get an OTP from fatoora.zatca.gov.sa, then:

use Saleh7\Zatca\ZatcaAPI;

$api = new ZatcaAPI('production'); // or 'sandbox', 'simulation'
$csr = file_get_contents('output/certificate.csr');

$result = $api->requestComplianceCertificate($csr, $otp);

$api->saveToJson(
    $result->getCertificate(),
    $result->getSecret(),
    $result->getRequestId(),
    'output/compliance_credentials.json'
);

Step 3: Compliance Check (6 Invoice Types)

📄 Full automated example: examples/Certificates/ComplianceCheck.php

Submit 6 test invoices to pass compliance validation:

$creds = json_decode(file_get_contents('output/compliance_credentials.json'), true);

$response = $api->validateInvoiceCompliance(
    $creds['certificate'],
    $creds['secret'],
    $signedInvoiceXml,
    $invoiceHash,
    $uuid
);

if ($response->isSuccess()) {
    echo "PASS: " . $response->getValidationStatus();
}

Required types: Standard Invoice, Standard Credit Note, Standard Debit Note, Simplified Invoice, Simplified Credit Note, Simplified Debit Note.

See examples/Certificates/ComplianceCheck.php for an automated script that generates, signs, and submits all 6 types.

Step 4: Request Production Certificate (PCSID)

📄 Included automatically in examples/Certificates/ComplianceCheck.php

After all 6 invoices pass:

$prodResult = $api->requestProductionCertificate(
    $creds['certificate'],
    $creds['secret'],
    $creds['requestId']
);

$api->saveToJson(
    $prodResult->getCertificate(),
    $prodResult->getSecret(),
    $prodResult->getRequestId(),
    'output/production_credentials.json'
);

Submitting Invoices

Reporting (B2C / Simplified)

📄 Full example: examples/InvoiceSimplified/simplified_invoice.php

$prod = json_decode(file_get_contents('output/production_credentials.json'), true);

$response = $api->submitReportingInvoice(
    $prod['certificate'], $prod['secret'],
    $signedXml, $invoiceHash, $uuid
);

$response->isReported();         // true if REPORTED
$response->getReportingStatus(); // "REPORTED"
$response->getValidationStatus();
$response->getWarningMessages();
$response->getErrorMessages();

Clearance (B2B / Standard)

📄 Full example: examples/InvoiceStandard/standard_invoice.php

$response = $api->submitClearanceInvoice(
    $prod['certificate'], $prod['secret'],
    $signedXml, $invoiceHash, $uuid
);

$response->isCleared();                // true if CLEARED
$response->getClearedInvoice();        // Base64 stamped invoice
$response->getDecodedClearedInvoice(); // XML string

Certificate Renewal

$renewed = $api->renewProductionCertificate(
    $prod['certificate'], $prod['secret'],
    $newCsr, $otp
);

Invoice Generation

From Array (e-commerce integration)

use Saleh7\Zatca\Mappers\InvoiceMapper;
use Saleh7\Zatca\GeneratorInvoice;

$invoiceData = [
    'uuid'            => '3cf5ee18-ee25-44ea-a444-2c37ba7f28be',
    'id'              => 'INV-001',
    'issueDate'       => '2025-01-15',
    'issueTime'       => '14:30:00',
    'currencyCode'    => 'SAR',
    'taxCurrencyCode' => 'SAR',
    'invoiceType'     => [
        'invoice' => 'simplified',  // or 'standard'
        'type'    => 'invoice',     // 'invoice', 'credit', or 'debit'
    ],
    'supplier' => [
        'registrationName' => 'Your Company',
        'taxId'            => '3XXXXXXXXXXXXX3',
        'identificationId' => 'XXXXXXXXXX',
        'identificationType' => 'CRN',
        'address' => [
            'street' => 'Main Street', 'buildingNumber' => '1234',
            'subdivision' => 'District', 'city' => 'Riyadh',
            'postalZone' => '12345', 'country' => 'SA',
        ],
    ],
    'invoiceLines' => [
        [
            'id' => 1, 'unitCode' => 'PCE', 'quantity' => 2,
            'lineExtensionAmount' => 200,
            'item' => [
                'name' => 'Product Name',
                'classifiedTaxCategory' => [['percent' => 15, 'taxScheme' => ['id' => 'VAT']]],
            ],
            'price' => ['amount' => 100, 'unitCode' => 'UNIT'],
            'taxTotal' => ['taxAmount' => 30, 'roundingAmount' => 230],
        ],
    ],
    // ... taxTotal, legalMonetaryTotal, etc.
];

$invoice = (new InvoiceMapper())->mapToInvoice($invoiceData);
$xml = GeneratorInvoice::invoice($invoice)->getXML();

Signing

use Saleh7\Zatca\Helpers\Certificate;
use Saleh7\Zatca\InvoiceSigner;

$certificate = new Certificate($certString, $privateKeyString, $secret);
$signer = InvoiceSigner::signInvoice($xml, $certificate);

$signedXml   = $signer->getInvoice();
$invoiceHash = $signer->getHash();

API Reference

Method Endpoint Returns
requestComplianceCertificate($csr, $otp) POST /compliance ComplianceCertificateResult
validateInvoiceCompliance(...) POST /compliance/invoices ComplianceInvoiceResponse
requestProductionCertificate(...) POST /production/csids ProductionCertificateResult
renewProductionCertificate(...) PATCH /production/csids ProductionCertificateResult
submitReportingInvoice(...) POST /invoices/reporting/single ReportingResponse
submitClearanceInvoice(...) POST /invoices/clearance/single ClearanceResponse

All response objects extend ApiResponse with: isSuccess(), hasWarnings(), hasErrors(), getValidationStatus(), getWarningMessages(), getErrorMessages(), toArray().

Examples

File Description
Certificates/GeneratorCertificate.php Generate CSR + private key
Certificates/RequestComplianceCertificate.php Request compliance certificate
Certificates/ComplianceCheck.php Automated 6-invoice compliance + production cert
InvoiceSimplified/simplified_invoice.php Simplified invoice generation + signing
InvoiceStandard/standard_invoice.php Standard invoice generation + signing

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change. Please make sure to update tests as appropriate.

Contributors

License

MIT License

saleh7/php-zatca-xml 适用场景与选型建议

saleh7/php-zatca-xml 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 16.64k 次下载、GitHub Stars 达 54, 最近一次更新时间为 2023 年 01 月 09 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「xml」 「invoice」 「qr-code」 「E-Invoice」 「ublinvoice」 「electronic invoice」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 saleh7/php-zatca-xml 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 saleh7/php-zatca-xml 我们能提供哪些服务?
定制开发 / 二次开发

基于 saleh7/php-zatca-xml 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 16.64k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 54
  • 点击次数: 31
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 54
  • Watchers: 8
  • Forks: 30
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2023-01-09