Heim >Backend-Entwicklung >PHP-Tutorial >微信消息体加密php版

微信消息体加密php版

WBOY
WBOYOriginal
2016-06-23 13:45:161249Durchsuche

使用wx_sample.php和加密的demo.php拼接而成,微信官方的wiki写的比较烂,难以理解,demo也不是很好,类中使用了空参数过程中赋值,初学者难以理解,不如直接得到加密解密方便。另外逻辑上也先写加密后解密,也和微信处理流程相反,造成理解困难。

<?php /**  * wechat php test  *///define your tokendefine("TOKEN", "weixin");$wechatObj = new wechatCallbackapiTest();$wechatObj->responseMsg();class wechatCallbackapiTest{	public function valid()    {        $echoStr = $_GET["echostr"];        //valid signature , option        if($this->checkSignature()){        	echo $echoStr;        	exit;        }    }    public function responseMsg()    {		include_once "wxBizMsgCrypt.php";$encodingAesKey = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFG";$token = TOKEN;$timestamp = $_GET["timestamp"];$nonce = $_GET["nonce"];$appId = "wx47224801062443cc";$msg_sign = $_GET["msg_signature"];//解密$pc = new WXBizMsgCrypt($token, $encodingAesKey, $appId);		//get post data, May be due to the different environments		$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];		$msg = '';$errCode = $pc->decryptMsg($msg_sign, $timeStamp, $nonce, $postStr, $msg);if ($errCode == 0) {	$postStr=$msg;	if (!empty($postStr)){                /* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,                   the best way is to check the validity of xml by yourself */                libxml_disable_entity_loader(true);              	$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);                $fromUsername = $postObj->FromUserName;                $toUsername = $postObj->ToUserName;                $keyword = trim($postObj->Content);                $time = time();                $textTpl = "<xml>							<tousername></tousername>							<fromusername></fromusername>							<createtime>%s</createtime>							<msgtype></msgtype>							<content></content>							<funcflag>0</funcflag>							</xml>";             				if(!empty( $keyword ))                {              		$msgType = "text";                	$contentStr = "Welcome to wechat world!";                	$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);					//加密					$encryptMsg = '';$errCode = $pc->encryptMsg($resultStr, $timeStamp, $nonce, $encryptMsg);							if ($errCode == 0) {								echo $encryptMsg ;							} else {								print($errCode . "\n");							}				                }else{                	echo "Input something...";                }        }else {        	echo "";        	exit;        }		} else {	print($errCode . "\n");}		      	//extract post data		    }			private function checkSignature()	{        // you must define TOKEN by yourself        if (!defined("TOKEN")) {            throw new Exception('TOKEN is not defined!');        }                $signature = $_GET["signature"];        $timestamp = $_GET["timestamp"];        $nonce = $_GET["nonce"];        				$token = TOKEN;		$tmpArr = array($token, $timestamp, $nonce);        // use SORT_STRING rule		sort($tmpArr, SORT_STRING);		$tmpStr = implode( $tmpArr );		$tmpStr = sha1( $tmpStr );				if( $tmpStr == $signature ){			return true;		}else{			return false;		}	}}?>


Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn
Vorheriger Artikel:初学者对while 的一点疑惑Nächster Artikel:这句话如何理解呢