


WeChat payment development (6) Receiving address sharing interface, WeChat payment interface development_PHP tutorial
WeChat payment development (6) delivery address sharing interface, WeChat payment interface development
Keywords: WeChat payment delivery address sharing
Author: Fangbei Studio
Original text: http://www.cnblogs.com/txw1958/p/weixin-editAddress.html
This article introduces the development process of the delivery address sharing interface under WeChat payment.
1. Introduction
WeChat delivery address sharing means that users open a webpage in the WeChat browser and fill in the address. They can then quickly select without filling in the address, and can also add and edit it. This address is a user attribute and can be shared on the web pages of various merchants. Support native controls to fill in addresses, and the address data will be passed to the merchant.
Address sharing is based on the WeChat JavaScript API and can only be used in the WeChat built-in browser. Calls from other browsers are invalid. At the same time, WeChat version 5.0 is required to support it. It is recommended to use the user agent to determine the user's current version number before calling the address interface. Taking the iPhone version as an example, you can obtain the following WeChat version example information through useragent: "Mozilla/5.0(iphone;CPU iphone OS 5_1_1 like Mac OS For the version number of WeChat installed by the user, the merchant can determine whether the version number is higher than or equal to 5.0.
Address format
The data fields used for WeChat address sharing include:
- Consignee’s name
- Regions, provinces and municipalities at three levels
- Detailed address
- Postcode
- Contact number
Among them, the region corresponds to the national standard three-level area code, such as "Guangdong Province-Guangzhou City-Tianhe District", and the corresponding postal code is 510630. Reference link for details: http://www.stats.gov.cn/tjsj/tjbz/xzqhdm/201401/t20140116_501070.html
2. OAuth2.0 authorization
Before obtaining the delivery address, you need to call the login authorization interface to obtain an OAuth2.0 Access Token. Therefore, authorization needs to be done once, and the confirmation box will not pop up for this authorization.
The essence is that when the user accesses
http:<span>//</span><span>www.fangbei.org/wxpay/js_api_call.php</span>Jump to
when
https:<span>//</span><span>open.weixin.qq.com/connect/oauth2/authorize?appid=wx8888888888888888&redirect_uri=http://www.fangbei.org/wxpay/js_api_call.php&response_type=code&scope=snsapi_base&state=STATE#wechat_redirect</span>
Use this to obtain the code parameter, and obtain the authorized access_token and openid based on the code. This access token will be used for the delivery address sharing interface.
For the detailed process of its implementation, please refer to WeChat Public Platform Development (71) OAuth2.0 Web Authorization
2. Get random string
The method to generate a random string is as follows
3. Generate signature
Fields participating in addrSign signature include: appId, url (webpage URL calling JavaScript API), timestamp, noncestr, accessToken
After sorting all the parameters to be signed according to the ASCII code of the field name from small to large (lexicographic order) , use the URL key-value pair format (i.e. key1=value1&key2=value2...) to concatenate it into a string string1.
It should be noted here that all parameter names during the signature process are in lowercase characters. For example, the appId string after sorting is appid;
For the signature algorithm on string1, the field names and field values use the original values and do not proceed. URL escaping. The specific signature algorithm is addrSign = SHA1(string1). The specific example of generating addrSign is given here:
appId=<span>wx17ef1eaef46752cb url</span>=http:<span>//</span><span>open.weixin.qq.com/</span> timeStamp=<span>1384841012</span><span> nonceStr</span>=<span>123456</span><span> accessToken</span>=OezXcEiiBSKSxW0eoylIeBFk1b8VbNtfWALJ5g6aMgZHaqZwK4euEskSn78Qd5pLsfQtuMdgmhajVM5QDm24W8X3tJ18kz5mhmkUcI3RoLm7qGgh1cEnCHejWQo8s5L3VvsFAdawhFxUuLmgh5FRA
i: After sorting the key-value pairs through the a process, string1 is obtained:
accesstoken=OezXcEiiBSKSxW0eoylIeBFk1b8VbNtfWALJ5g6aMgZHaqZwK4euEskSn78Qd5pLsfQtuMdgmhajVM5QDm24W8X3tJ18kz5mhmkUcI3RoLm7qGgh1cEnCHejWQo8s5L3VvsFAdawhFxUuLmgh5FRA&appid=wx17ef1eaef46752cb&noncestr=<span>123456</span>×tamp=<span>1384841012</span>&url=http:<span>//</span><span>open.weixin.qq.com/?code=CODE&state=STATE</span>
ii: After signing through process b, you can get:
addrSign=SHA1(accesstoken=<span>OezXcEiiBSKSxW0eoylIeBFk1b8VbNtfWALJ5g6aMgZHaqZwK4euEskSn78Qd5pLsfQtuMdgmhajVM5QDm24W8X3tJ18kz5mhmkUcI3RoLm7qGgh1cEnCHejWQo8s5L3VvsFAdawhFxUuLmg h5FRA</span>&appid=wx17ef1eaef46752cb&noncestr=<span>123456</span>×tamp=<span>1384841012</span>&url=http:<span>//</span><span>open.weixin.qq.com/?code=CODE&state=STATE)=ca604c740945587544a9cc25e58dd090f200e6fb</span>
The implementation code is as follows
4. Obtain the delivery address
Edit and obtain the user's delivery address editAddress interface, which is called on the front end of the web page.
Parameter list:
参数 | 必填 | 说明 |
---|---|---|
appId | 是 | 公众号appID |
scope | 是 | 填写“jsapi_address”,获得编辑地址权限 |
signType | 是 | 签名方式,目前仅支持SHA1 |
addrSign | 是 | 签名,由各参数一起参与签名生成 |
timeStamp | 是 | 时间戳 |
nonceStr | 是 | 随机字符串 |
The calling method is as follows
Parameter return:
返回值 | 说明 |
---|---|
err_msg | edit_address:ok获取编辑收货地址成功 |
edit_address:fail获取编辑收货地址失败 | |
username | 收货人姓名 |
telNumber | 收货人电话 |
addressPostalCode | 邮编 |
proviceFirstStageName | 国标收货地址第一级地址 |
addressCitySecondStageName | 国标收货地址第二级地址 |
addressCountiesThirdStageName | 国标收货地址第三级地址 |
addressDetailInfo | 详细收货地址信息 |
nationalCode | 收货地址国家码 |
5. Example

In PHP, you can use session_status() or session_id() to check whether the session has started. 1) Use the session_status() function. If PHP_SESSION_ACTIVE is returned, the session has been started. 2) Use the session_id() function, if a non-empty string is returned, the session has been started. Both methods can effectively check the session state, and choosing which method to use depends on the PHP version and personal preferences.

Sessionsarevitalinwebapplications,especiallyfore-commerceplatforms.Theymaintainuserdataacrossrequests,crucialforshoppingcarts,authentication,andpersonalization.InFlask,sessionscanbeimplementedusingsimplecodetomanageuserloginsanddatapersistence.

Managing concurrent session access in PHP can be done by the following methods: 1. Use the database to store session data, 2. Use Redis or Memcached, 3. Implement a session locking strategy. These methods help ensure data consistency and improve concurrency performance.

PHPsessionshaveseverallimitations:1)Storageconstraintscanleadtoperformanceissues;2)Securityvulnerabilitieslikesessionfixationattacksexist;3)Scalabilityischallengingduetoserver-specificstorage;4)Sessionexpirationmanagementcanbeproblematic;5)Datapersis

Load balancing affects session management, but can be resolved with session replication, session stickiness, and centralized session storage. 1. Session Replication Copy session data between servers. 2. Session stickiness directs user requests to the same server. 3. Centralized session storage uses independent servers such as Redis to store session data to ensure data sharing.

Sessionlockingisatechniqueusedtoensureauser'ssessionremainsexclusivetooneuseratatime.Itiscrucialforpreventingdatacorruptionandsecuritybreachesinmulti-userapplications.Sessionlockingisimplementedusingserver-sidelockingmechanisms,suchasReentrantLockinJ

Alternatives to PHP sessions include Cookies, Token-based Authentication, Database-based Sessions, and Redis/Memcached. 1.Cookies manage sessions by storing data on the client, which is simple but low in security. 2.Token-based Authentication uses tokens to verify users, which is highly secure but requires additional logic. 3.Database-basedSessions stores data in the database, which has good scalability but may affect performance. 4. Redis/Memcached uses distributed cache to improve performance and scalability, but requires additional matching

Sessionhijacking refers to an attacker impersonating a user by obtaining the user's sessionID. Prevention methods include: 1) encrypting communication using HTTPS; 2) verifying the source of the sessionID; 3) using a secure sessionID generation algorithm; 4) regularly updating the sessionID.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.

MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft

Zend Studio 13.0.1
Powerful PHP integrated development environment

SublimeText3 English version
Recommended: Win version, supports code prompts!
