function setTicket()
{
include_once ONETHINK_ADDON_PATH . 'PublicBind/wxBizMsgCrypt.php';
// 第三方发送消息给公众平台
$encodingAesKey = 'DfEqNBRvzbg8MJdRQCSGyaMp6iLcGOldKFT0r8I6Tnp';
$token = 'weiphp';
$appId = D('Addons://PublicBind/PublicBind')->component_appid;
$timeStamp = empty($_GET['timestamp']) ? "" : trim($_GET['timestamp']);
$nonce = empty($_GET['nonce']) ? "" : trim($_GET['nonce']);
$msg_sign = empty($_GET['msg_signature']) ? "" : trim($_GET['msg_signature']);
$encryptMsg = file_get_contents('php://input');
$pc = new \WXBizMsgCrypt($token, $encodingAesKey, $appId);
// 第三方收到公众号平台发送的消息
$msg = '';
$errCode = $pc->decryptMsg($msg_sign, $timeStamp, $nonce, $encryptMsg, $msg);
if ($errCode == 0) {
$data = $this->_xmlToArr($msg);
$map['name'] = 'PublicBind';
$config = M('addons')->where($map)->getField('config');
$config = (array) json_decode($config, true);
$config['ComponentVerifyTicket'] = $data['ComponentVerifyTicket'];
$save['config'] = json_encode($config);
M('addons')->where($map)->save($save);
echo 'success';
} else {
addWeixinLog('解密后失败:' . $errCode, 'setTicket_error');
}
}
public function decodeMsg($msg)
{
import('@.ORG.aes.WXBizMsgCrypt');
$sReqMsgSig = $_GET['msg_signature'];
$sReqTimeStamp = $_GET['timestamp'];
$sReqNonce = $_GET['nonce'];
$sReqData = $msg;
$sMsg = '';
$pc = new WXBizMsgCrypt($this->wxuser['pigsecret'], $this->wxuser['aeskey'], $this->wxuser['appid']);
$errCode = $pc->decryptMsg($sReqMsgSig, $sReqTimeStamp, $sReqNonce, $sReqData, $sMsg);
if ($errCode == 0) {
$data = array();
$xml = new SimpleXMLElement($sMsg);
$xml || exit();
foreach ($xml as $key => $value) {
$data[$key] = strval($value);
}
return $data;
}
else {
return $errCode;
}
}
public function decodeMsg($msg)
{
import("@.ORG.aes.WXBizMsgCrypt");
$sReqMsgSig = $_GET['msg_signature'];
$sReqTimeStamp = $_GET['timestamp'];
// $sReqNonce = HttpUtils.ParseUrl("nonce");
$sReqNonce = $_GET['nonce'];
// post请求的密文数据
// $sReqData = HttpUtils.PostData();
$sReqData = $msg;
$sMsg = "";
// 解析之后的明文
$pc = new WXBizMsgCrypt($this->wxuser['pigsecret'], $this->wxuser['aeskey'], $this->wxuser['appid']);
$errCode = $pc->decryptMsg($sReqMsgSig, $sReqTimeStamp, $sReqNonce, $sReqData, $sMsg);
if ($errCode == 0) {
/*
$xml = new DOMDocument();
$xml->loadXML($sMsg);
$content = $xml->getElementsByTagName('Content')->item(0)->nodeValue;
*/
$data = array();
$xml = new SimpleXMLElement($sMsg);
$xml || exit;
foreach ($xml as $key => $value) {
$data[$key] = strval($value);
}
return $data;
} else {
return $errCode;
}
}
/**
*
*/
public function DecryptMsg($params, $data)
{
$mpa = TMS_APP::G('mp\\mpaccount');
$msg_signature = $params['msg_signature'];
$timestamp = $params['timestamp'];
$nonce = $params['nonce'];
$sMsg = "";
$wxcpt = new WXBizMsgCrypt($mpa->token, $mpa->qy_encodingaeskey, $mpa->qy_corpid);
$errCode = $wxcpt->DecryptMsg($msg_signature, $timestamp, $nonce, $data, $sMsg);
if ($errCode != 0) {
return array(false, $errCode);
}
return array(true, $sMsg);
}
public function responseMsg()
{
if (!$this->checkSignature()) {
exit;
}
$this->timestamp = $_GET['timestamp'];
$this->nonce = $_GET["nonce"];
$this->msg_signature = $_GET['msg_signature'];
$this->encrypt_type = isset($_GET['encrypt_type']) && $_GET['encrypt_type'] == 'aes' ? "aes" : "raw";
$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
if (!empty($postStr)) {
//解密
if ($this->encrypt_type == 'aes') {
$pc = new WXBizMsgCrypt(TOKEN, EncodingAESKey, APPID);
$decryptMsg = "";
//解密后的明文
$errCode = $pc->DecryptMsg($this->msg_signature, $this->timestamp, $this->nonce, $postStr, $decryptMsg);
$postStr = $decryptMsg;
}
if ($this->check_php_version("5.2.11")) {
libxml_disable_entity_loader(true);
}
$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
$rxType = trim($postObj->MsgType);
//消息类型分离
switch ($rxType) {
case "event":
$result = $this->receiveEvent($postObj);
break;
case "text":
$result = $this->receiveText($postObj);
break;
default:
$result = "unknown msg type: " . $rxType;
break;
}
//加密
if ($this->encrypt_type == 'aes') {
$encryptMsg = '';
//加密后的密文
$errCode = $pc->encryptMsg($result, $this->timeStamp, $this->nonce, $encryptMsg);
$result = $encryptMsg;
}
echo $result;
} else {
echo "";
exit;
}
}
public function responseMsg()
{
$wxMsgCrypt = new WXBizMsgCrypt($this->token, $this->enaeskey, $this->appid);
$Common = new Common();
$WxModel = new WxModel();
$postStr = file_get_contents("php://input");
$WxModel->recordLog($postStr);
if (!empty($postStr)) {
$signature = $_GET["signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$WxModel->recordLog('signature=' . $signature);
$WxModel->recordLog('timestamp=' . $timestamp);
$WxModel->recordLog('nonce=' . $nonce);
$msg = '';
$errCode = $wxMsgCrypt->decryptMsg($signature, $timestamp, $nonce, $postStr, $msg);
if ($errCode == 0) {
$WxModel = new WxModel();
$WxModel->recordLog($msg);
libxml_disable_entity_loader(true);
$postObj = simplexml_load_string($msg, 'SimpleXMLElement', LIBXML_NOCDATA);
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$MsgType = $postObj->MsgType;
$Event = $postObj->Event;
$WxModel->recordLog('MsgType=' . $MsgType . ' Event=' . $Event);
$keyword = trim($postObj->Content);
$resultStr = $WxModel->fix($MsgType, $Event, $keyword, $fromUsername, $toUsername, $timestamp);
$WxModel->recordLog($resultStr);
if ($resultStr) {
$encryptMsg = '';
$errCode = $wxMsgCrypt->encryptMsg($resultStr, $timestamp, $nonce, $encryptMsg);
if ($errCode == 0) {
echo $encryptMsg;
} else {
$WxModel->recordLog('encryptMsg:errCode=' . $errCode);
}
}
} else {
$WxModel->recordLog('decryptMsg:errCode=' . $errCode);
}
} else {
echo "";
exit;
}
}
public function decodeMsg($msg)
{
import("@.ORG.aes.WXBizMsgCrypt");
$pc = new WXBizMsgCrypt($this->_config["wechat_token"], $this->_config["wechat_encodingaeskey"], $this->_config["wechat_appid"]);
$sMsg = "";
$errCode = $pc->decryptMsg($this->msg_signature, $this->sTimeStamp, $this->nonce, $msg, $sMsg);
if ($errCode == 0) {
$data = array();
$xml = new SimpleXMLElement($sMsg);
$xml || exit;
foreach ($xml as $key => $value) {
$data[$key] = strval($value);
}
return $data;
} else {
return $errCode;
}
}
public function decodeMsg($msg)
{
import('source.class.aes.WXBizMsgCrypt');
$pc = new WXBizMsgCrypt($this->_config['wx_token'], $this->_config['wx_encodingaeskey'], $this->_config['wx_appid']);
$sMsg = '';
$errCode = $pc->decryptMsg($this->msg_signature, $this->sTimeStamp, $this->nonce, $msg, $sMsg);
if ($errCode == 0) {
$data = array();
$xml = new SimpleXMLElement($sMsg);
$xml || exit;
foreach ($xml as $key => $value) {
$data[$key] = strval($value);
}
return $data;
} else {
return $errCode;
}
}
/**
* 输出消息
* @return [encypted] msg
*/
private function sendout($msg)
{
if ($this->encrypted) {
$errCode = $this->msgCryptor->encryptMsg($msg, $this->getRequest('timestamp'), $this->getRequest('nonce'), $msg);
if ($errCode != 0) {
exit($errCode);
}
}
exit($msg);
}
private function _wxlogic()
{
//接口认证
if (IS_GET && $_GET['signature'] && $_GET['timestamp'] && $_GET['nonce'] && $_GET['echostr']) {
$this->_auth();
exit;
}
$signature = $_REQUEST['signature'];
$msg_signature = $_REQUEST['msg_signature'];
$timestamp = $_REQUEST['timestamp'];
$nonce = $_REQUEST['nonce'];
$postdata = file_get_contents("php://input");
//处理微信消息
if ($signature && $timestamp && $nonce) {
include VENDOR_PATH . 'Weixin/wxBizMsgCrypt.php';
$Token = C('WX.Token');
$EncodingAESKey = C('WX.EncodingAESKey');
$AppID = C('WX.AppID');
$Weixin = new \WXBizMsgCrypt($Token, $EncodingAESKey, $AppID);
$xmldata = '';
$errCode = $Weixin->decryptMsg($msg_signature, $timestamp, $nonce, $postdata, $xmldata);
if ($errCode != 0) {
echo $errCode;
exit;
} else {
$XMLDom = new \DOMDocument();
$XMLDom->loadXML($xmldata);
$MsgType = $XMLDom->getElementsByTagName('MsgType')->item(0)->nodeValue;
$Event = $XMLDom->getElementsByTagName('Event')->item(0)->nodeValue;
//记录地理位置
if ($MsgType == 'event' && $Event == 'LOCATION') {
$FromUserName = $XMLDom->getElementsByTagName('FromUserName')->item(0)->nodeValue;
$Latitude = $XMLDom->getElementsByTagName('Latitude')->item(0)->nodeValue;
$Longitude = $XMLDom->getElementsByTagName('Longitude')->item(0)->nodeValue;
D('User')->saveWXUserLatLng($FromUserName, $Latitude, $Longitude);
}
echo true;
exit;
}
}
}
private function retRes($resultStr)
{
if ($this->restype == 'aes') {
$pc = new WXBizMsgCrypt(TOKEN, $this->encodingAesKey, APP_ID);
$encryptMsg = '';
$errCode = $pc->encryptMsg($resultStr, $_GET['timestamp'], $_GET['nonce'], $encryptMsg);
if ($errCode > 0) {
Yii::log($errCode, 'error', 'WX_MESSAGE_AES_ERROR');
} else {
echo $encryptMsg;
}
} else {
echo $resultStr;
}
}
/**
* Lancy webserver recieve client side data;
* @param: string $appid;
* return: string $sMsg;
*/
public function get_msg($appid)
{
switch ($appid) {
case '1':
$encodingAesKey = "1yrAF6xYc5Zp9kNz2npfBWssc6jkwWBMQr65WF0Btlh";
$token = "BtWjuMH7Db3ugSg5ENNORHoIp6J";
break;
case '2':
$encodingAesKey = "i1YU8HYolgq3PkhmQgLnokDU2vOdeGJ3wFfSMTL4mcn";
$token = "kCL5zfI";
break;
case '3':
$encodingAesKey = "oO969aJa3KNcVy8tiYEB7fBCzJIOkEvd1sYVpd2RPmU";
$token = "RCNLgSDmHlIWsmO1w3";
break;
case '13':
$encodingAesKey = "agmE6ZaJt4X9IAMqTVTQkuhole4tmeCz6nuvudXpAdG";
$token = "a2X0UtCiDHqhR1";
break;
}
$corpId = "wx2575de58198c6b26";
$wxcpt = new WXBizMsgCrypt($token, $encodingAesKey, $corpId);
$sReqMsgSig = $_GET["msg_signature"];
$sReqTimeStamp = $_GET["timestamp"];
$sReqNonce = $_GET["nonce"];
$sReqData = file_get_contents("php://input");
$sMsg = "";
$errCode = $wxcpt->DecryptMsg($sReqMsgSig, $sReqTimeStamp, $sReqNonce, $sReqData, $sMsg);
//sMsg为用户输入message信息
return $sMsg;
}
/**
* 发送文本消息
*/
public static function sendMsg($paramArr)
{
$options = array('toUserName' => '', 'msgContent' => '', 'msgType' => 'text');
if (is_array($paramArr)) {
$options = array_merge($options, $paramArr);
}
extract($options);
$corpId = self::$corpId;
$token = self::$token;
$signature = self::$signature;
$timestamp = self::$timestamp;
$encodingAesKey = self::$encodingAesKey;
$nonce = self::$nonce;
$agentId = self::$agentId;
if (empty($corpId)) {
return false;
}
$wxcpt = new WXBizMsgCrypt($token, $encodingAesKey, $corpId);
$expend = "";
if ($msgContent) {
switch ($msgType) {
#文本
case "text":
$expend = "<Content><![CDATA[{$msgContent}]]></Content>";
break;
#图片
#图片
case "image":
$expend = "<Image><MediaId><![CDATA[{$msgContent}]]></MediaId></Image>";
break;
#声音
#声音
case "voice":
$expend = "<Voice><MediaId><![CDATA[{$msgContent}]]></MediaId></Voice>";
break;
#新闻
#新闻
case "news":
if (!is_array($msgContent)) {
break;
}
$expend = "<Articles>";
foreach ($msgContent as $value) {
!empty($value['title']) && ($expend .= "<item><Title><![CDATA[{$value['title']}]]></Title>");
!empty($value['title']) && ($expend .= "<Description><![CDATA[{$value['desc']}]]></Description>");
!empty($value['title']) && ($expend .= "<PicUrl><![CDATA[{$value['picUrl']}]]></PicUrl>");
!empty($value['title']) && ($expend .= "<Url><![CDATA[{$value['url']}]]></Url></item>");
}
$expend .= "</Articles>";
break;
}
}
$sRespData = "<xml><ToUserName><![CDATA[mycreate]]></ToUserName><FromUserName><![CDATA[{$corpId}]]></FromUserName><CreateTime>" . SYSTEM_TIME . "</CreateTime><MsgType><![CDATA[text]]></MsgType>{$expend}</xml>";
$sEncryptMsg = "";
//xml格式的密文
$errCode = $wxcpt->EncryptMsg($sRespData, $timestamp, $nonce, $sEncryptMsg);
return $sEncryptMsg;
}
public function platform_encryptMsg($xml)
{
$encodingAesKey = $this->platform_encodingAesKey;
$token = $this->platform_token;
$timeStamp = get_gmtime();
$nonce = rand(77, 999) * rand(605, 888) * rand(11, 99);
$appId = $this->platform_appid;
$text = $xml;
$pc = new WXBizMsgCrypt($token, $encodingAesKey, $appId);
$encryptMsg = '';
$errCode = $pc->encryptMsg($text, $timeStamp, $nonce, $encryptMsg);
if ($errCode == 0) {
$this->log("加密后: " . $encryptMsg . "\n");
} else {
$this->log($errCode . "\n");
}
$xml_tree = new DOMDocument();
$xml_tree->loadXML($encryptMsg);
$array_e = $xml_tree->getElementsByTagName('Encrypt');
$array_s = $xml_tree->getElementsByTagName('MsgSignature');
$encrypt = $array_e->item(0)->nodeValue;
$msg_sign = $array_s->item(0)->nodeValue;
//$format = "<xml><ToUserName><![CDATA[".$this->_msg['ToUserName']."]]></ToUserName><Encrypt><![CDATA[%s]]></Encrypt></xml>";
$format = "<xml><Encrypt><![CDATA[%s]]></Encrypt><MsgSignature><![CDATA[%s]]></MsgSignature><TimeStamp><![CDATA[%s]]></TimeStamp><Nonce><![CDATA[%s]]></Nonce></xml>";
$from_xml = sprintf($format, $encrypt, $msg_sign, $timeStamp, $nonce);
return $from_xml;
}
function msgHandler()
{
include_once ONETHINK_ADDON_PATH . 'PublicBind/wxBizMsgCrypt.php';
// 第三方发送消息给公众平台
$encodingAesKey = 'Wry3C6IG6yzFR55cnje0W7CWd2jqlqQrAIK5ilOIfo3';
$token = 'youkang120';
$appId = D('Addons://PublicBind/PublicBind')->component_appid;
$timeStamp = empty($_GET['timestamp']) ? "" : trim($_GET['timestamp']);
$nonce = empty($_GET['nonce']) ? "" : trim($_GET['nonce']);
$msg_sign = empty($_GET['msg_signature']) ? "" : trim($_GET['msg_signature']);
$encryptMsg = file_get_contents('php://input');
$pc = new \WXBizMsgCrypt($token, $encodingAesKey, $appId);
// 第三方收到公众号平台发送的消息
$msg = '';
$errCode = $pc->decryptMsg($msg_sign, $timeStamp, $nonce, $encryptMsg, $msg);
if ($errCode == 0) {
$data = $this->_xmlToArr($msg);
error_log("公众号消息:" . $msg);
$map['name'] = 'PublicBind';
$config = M('addons')->where($map)->getField('config');
$config = (array) json_decode($config, true);
$config['ComponentVerifyTicket'] = $data['ComponentVerifyTicket'];
$save['config'] = json_encode($config);
M('addons')->where($map)->save($save);
echo 'success';
} else {
addWeixinLog('解密后失败:' . $errCode, 'setTicket_error');
}
}
private function route()
{
$nonce = isset($_REQUEST['nonce']) ? $_REQUEST['nonce'] : '';
$sTimeStamp = isset($_REQUEST['timestamp']) ? $_REQUEST['timestamp'] : time();
$msg_signature = isset($_REQUEST['msg_signature']) ? $_REQUEST['msg_signature'] : '';
$xml = $GLOBALS["HTTP_RAW_POST_DATA"];
import("@.ORG.aes.WXBizMsgCrypt");
$pc = new WXBizMsgCrypt($this->config['wx_token'], $this->config['wx_encodingaeskey'], $this->config['wx_appid']);
$sMsg = "";
$pc->decryptMsg($msg_signature, $sTimeStamp, $nonce, $xml, $sMsg);
$data = $this->api_notice_increment('http://we-cdn.net', $sMsg);
$data = str_replace('<?xml version="1.0"?>', '', $data);
$encryptMsg = "";
$pc->encryptMsg($data, $sTimeStamp, $nonce, $encryptMsg);
return $encryptMsg;
}
/**
* 企业号信息加密处理
*/
protected function encrypt($msg)
{
$sEncryptMsg = "";
//xml格式的密文
$timestamp = time();
$nonce = uniqid();
$app = \TMS_APP::model('mp\\mpaccount')->byId($this->call['mpid']);
$wxcpt = new WXBizMsgCrypt($app->token, $app->qy_encodingaeskey, $app->qy_corpid);
$errCode = $wxcpt->EncryptMsg($msg, $timestamp, $nonce, $sEncryptMsg);
if ($errCode != 0) {
TMS_APP::model('log')->log($this->call['mpid'], $this->content, $errCode);
exit;
}
return $sEncryptMsg;
}
<?php
include_once "WXBizMsgCrypt.php";
$encodingAesKey = "nil3OzTxXoPHx4mvx0GLbyECkPYrfyiB9ca4Iz61ny3";
$token = "N6cq3R";
$corpId = "wx926454a4965d2b7c";
$sVerifyMsgSig = $_GET["msg_signature"];
$sVerifyTimeStamp = $_GET["timestamp"];
$sVerifyNonce = $_GET["nonce"];
$sVerifyEchoStr = $_GET["echostr"];
$EchoStr = "";
$wxcpt = new WXBizMsgCrypt($token, $encodingAesKey, $corpId);
$errCode = $wxcpt->VerifyURL($sVerifyMsgSig, $sVerifyTimeStamp, $sVerifyNonce, $sVerifyEchoStr, $sEchoStr);
if ($errCode == 0) {
echo $sEchoStr;
} else {
print "ERR: " . $errCode . "\n\n";
}
这一步注意作URL解码。
2.验证消息体签名的正确性
3. 解密出echostr原文,将原文当作Get请求的response,返回给公众平台
第2,3步可以用公众平台提供的库函数VerifyURL来实现。
*/
// $sVerifyMsgSig = HttpUtils.ParseUrl("msg_signature");
$sVerifyMsgSig = "5c45ff5e21c57e6ad56bac8758b79b1d9ac89fd3";
// $sVerifyTimeStamp = HttpUtils.ParseUrl("timestamp");
$sVerifyTimeStamp = "1409659589";
// $sVerifyNonce = HttpUtils.ParseUrl("nonce");
$sVerifyNonce = "263014780";
// $sVerifyEchoStr = HttpUtils.ParseUrl("echostr");
$sVerifyEchoStr = "P9nAzCzyDtyTWESHep1vC5X9xho/qYX3Zpb4yKa9SKld1DsH3Iyt3tP3zNdtp+4RPcs8TgAE7OaBO+FZXvnaqQ==";
// 需要返回的明文
$EchoStr = "";
$wxcpt = new WXBizMsgCrypt($token, $encodingAesKey, $corpId);
$errCode = $wxcpt->VerifyURL($sVerifyMsgSig, $sVerifyTimeStamp, $sVerifyNonce, $sVerifyEchoStr, $sEchoStr);
if ($errCode == 0) {
//
// 验证URL成功,将sEchoStr返回
// HttpUtils.SetResponce($sEchoStr);
} else {
print "ERR: " . $errCode . "\n\n";
}
/*
------------使用示例二:对用户回复的消息解密---------------
用户回复消息或者点击事件响应时,企业会收到回调消息,此消息是经过公众平台加密之后的密文以post形式发送给企业,密文格式请参考官方文档
假设企业收到公众平台的回调消息如下:
POST /cgi-bin/wxpush? msg_signature=477715d11cdb4164915debcba66cb864d751f3e6×tamp=1409659813&nonce=1372623149 HTTP/1.1
Host: qy.weixin.qq.com
Content-Length: 613
/**
* 被动响应微信发送的信息(被动回复),密文模式已调通。
* @param string $to 接收用户名
* @param string $from 发送者用户名
* @param array $content 回复信息,文本信息为string类型
* @param string $type 消息类型
* @param string $flag 是否新标刚接受到的信息
* @return string XML字符串
*/
public function response($content, $type = 'text', $flag = 0)
{
/* 原来SDK的代码:定义本类的基础数据$data */
$timenow = NOW_TIME;
$this->data = array('ToUserName' => $this->data['FromUserName'], 'FromUserName' => $this->data['ToUserName'], 'CreateTime' => $timenow, 'MsgType' => $type);
/* 添加类型数据 */
$this->{$type}($content);
/* 添加状态 */
$this->data['FuncFlag'] = $flag;
// (这里我先省去了,形参中原来有个$flag = 0标识自己服务器的新旧消息)
/* 转换数据为XML */
$response = self::array2Xml($this->data);
if ($this->is_auth == 0) {
// 普通接入回复模式
if ($this->encode) {
// 如果采用密文模式,则加密后再发送
$nonce = $_GET['nonce'];
// $nonce用$_GET ['nonce']获取!2015/04/24,不可以自己生成一个,否则签名比对不上
//$nonce = md5 ( $timenow . randCode ( 4, 1 ) );
$xmlStr['Encrypt'] = $this->AESencode($response);
// 采用密文模式加密
$xmlStr['MsgSignature'] = self::getSHA1($xmlStr['Encrypt'], $nonce);
$xmlStr['TimeStamp'] = $timenow;
$xmlStr['Nonce'] = $nonce;
$response = '';
$response = self::array2Xml($xmlStr);
// 将本类数组$data转换数据为XML
}
} else {
if ($this->is_auth == 1) {
// 开放平台回复模式
$appId = C('COMPONENT_APPID');
$token = C('COMPONENT_TOKEN');
$encodingAesKey = C('COMPONENT_ASEKEY');
$timestamp = $_GET['timestamp'];
$nonce = $_GET['nonce'];
$openresponse = "";
$msgcrypt = new WXBizMsgCrypt($token, $encodingAesKey, $appId);
$errCode = $msgcrypt->encryptMsg($response, $timeStamp, $nonce, $openresponse);
if ($errCode == 0) {
$response = $openresponse;
// 开放平台回包加密成功
} else {
$response = "";
// 开放平台回包加密出错
}
}
}
exit($response);
// 输出结果回应微信
}
/**
* event
*
*/
public function event()
{
\Log::info($this->request->getRequestUri());
// $sReqMsgSig = HttpUtils.ParseUrl("msg_signature");
$sReqMsgSig = $this->request->get('msg_signature');
// $sReqTimeStamp = HttpUtils.ParseUrl("timestamp");
$sReqTimeStamp = $this->request->get('timestamp');
// $sReqNonce = HttpUtils.ParseUrl("nonce");
$sReqNonce = $this->request->get('nonce');
// post请求的密文数据
// $sReqData = HttpUtils.PostData();
\Log::info($sReqMsgSig);
\Log::info($sReqTimeStamp);
\Log::info($sReqNonce);
$sReqData = (string) file_get_contents("php://input");
\Log::info($sReqData);
// 假设企业号在公众平台上设置的参数如下
$encodingAesKey = self::ASE_KEY;
$token = self::TOKEN;
$corpId = self::CORP_ID;
\Log::info($corpId);
$wxcpt = new \WXBizMsgCrypt($token, $encodingAesKey, $corpId);
$sMsg = "";
// 解析之后的明文
$errCode = $wxcpt->DecryptMsg($sReqMsgSig, $sReqTimeStamp, $sReqNonce, $sReqData, $sMsg);
if ($errCode == 0) {
// 解密成功,sMsg即为xml格式的明文
// TODO: 对明文的处理
// For example:
$xml = new \DOMDocument();
$xml->loadXML($sMsg);
$content = $xml->getElementsByTagName('SuiteTicket')->item(0)->nodeValue;
\Log::info("content: " . $content . "\n\n");
// ...
// ...
} else {
\Log::error("ERR: " . $errCode . "\n\n");
//exit(-1);
}
$this->setSuitTicketInRedis(self::SUIT_TICKET_KEY, $content);
}
<?php
include_once "wxBizMsgCrypt.php";
// 第三方发送消息给公众平台
$encodingAesKey = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFG";
$token = "pamtest";
$timeStamp = "1409304348";
$nonce = "xxxxxx";
$appId = "wxb11529c136998cb6";
$text = "<xml><ToUserName><![CDATA[oia2Tj我是中文jewbmiOUlr6X-1crbLOvLw]]></ToUserName><FromUserName><![CDATA[gh_7f083739789a]]></FromUserName><CreateTime>1407743423</CreateTime><MsgType><![CDATA[video]]></MsgType><Video><MediaId><![CDATA[eYJ1MbwPRJtOvIEabaxHs7TX2D-HV71s79GUxqdUkjm6Gs2Ed1KF3ulAOA9H1xG0]]></MediaId><Title><![CDATA[testCallBackReplyVideo]]></Title><Description><![CDATA[testCallBackReplyVideo]]></Description></Video></xml>";
$pc = new WXBizMsgCrypt($token, $encodingAesKey, $appId);
$encryptMsg = '';
$errCode = $pc->encryptMsg($text, $timeStamp, $nonce, $encryptMsg);
if ($errCode == 0) {
print "加密后: " . $encryptMsg . "\n";
} else {
print $errCode . "\n";
}
$xml_tree = new DOMDocument();
$xml_tree->loadXML($encryptMsg);
$array_e = $xml_tree->getElementsByTagName('Encrypt');
$array_s = $xml_tree->getElementsByTagName('MsgSignature');
$encrypt = $array_e->item(0)->nodeValue;
$msg_sign = $array_s->item(0)->nodeValue;
$format = "<xml><ToUserName><![CDATA[toUser]]></ToUserName><Encrypt><![CDATA[%s]]></Encrypt></xml>";
$from_xml = sprintf($format, $encrypt);
// 第三方收到公众号平台发送的消息
$msg = '';
$errCode = $pc->decryptMsg($msg_sign, $timeStamp, $nonce, $from_xml, $msg);
if ($errCode == 0) {
print "解密后: " . $msg . "\n";
/**
* 向微信回复消息
*
* @param YDWXAnswerMsg $msg
*/
function ydwx_answer_msg(YDWXAnswerMsg $msg)
{
ob_start();
if (YDWX_WEIXIN_COMPONENT_APP_ID) {
//第三方平台要加密
$crypt = new WXBizMsgCrypt(YDWX_WEIXIN_COMPONENT_TOKEN, YDWX_WEIXIN_COMPONENT_ENCODING_AES_KEY, YDWX_WEIXIN_COMPONENT_APP_ID);
$encryptMsg = "";
$crypt->encryptMsg($msg->toXMLString(), time(), uniqid(), $encryptMsg);
echo $encryptMsg;
} else {
echo $msg->toXMLString();
}
ob_end_flush();
}
/**
* 微信开发者模式验证的签名
* @param $token string
*/
public function check_signature()
{
$msg_signature = urldecode(\Core\URI::kv('msg_signature', ''));
$timestamp = urldecode(\Core\URI::kv('timestamp', ''));
$nonce = urldecode(\Core\URI::kv('nonce', ''));
$echostr = urldecode(\Core\URI::kv('echostr', ''));
$decode_echostr = '';
$wxcpt = new \WXBizMsgCrypt($this->token, $this->encodingaeskey, $this->corpid);
//进行地址解析
$errcode = $wxcpt->VerifyURL($msg_signature, $timestamp, $nonce, $echostr, $decode_echostr);
if ($errcode == 0) {
return $decode_echostr;
}
return false;
}
public function encryptMessage($dataArr = array())
{
try {
extract($dataArr);
$returnArr = array('hasError' => false);
if ($encrypt_type == 'aes') {
$encryptMsg = '';
// encrypted message
$pc = new WXBizMsgCrypt($this->token, $this->encodingAESKey, $this->appid);
$errCode = $pc->encryptMsg($responseXML, $timestamp, $nonce, $encryptMsg);
if ($errCode == 0) {
// encrypt success
$returnArr['responseStr'] = $encryptMsg;
} else {
// failed
throw new Exception('Encryption error: ' . $errCode);
}
} else {
$returnArr['responseStr'] = $responseXML;
}
} catch (Exception $ex) {
# log the exception
log_error('WeChat: decryptMessage', null, $ex->getMessage());
$returnArr = array('hasError' => true, $ex->getMessage());
}
return $returnArr;
}
sort($tmpArr, SORT_STRING);
$tmpStr = implode($tmpArr);
$tmpStr = sha1($tmpStr);
if ($tmpStr == $signature) {
echo $echostr;
}
}
die;
}
//微信通知处理
$from_xml = @$GLOBALS["HTTP_RAW_POST_DATA"];
$msg_sign = $_GET["msg_signature"];
$timeStamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
if (YDWX_WEIXIN_COMPONENT_APP_ID) {
$crypt = new WXBizMsgCrypt(YDWX_WEIXIN_COMPONENT_TOKEN, YDWX_WEIXIN_COMPONENT_ENCODING_AES_KEY, YDWX_WEIXIN_COMPONENT_APP_ID);
} else {
$crypt = new WXBizMsgCrypt(YDWX_WEIXIN_TOKEN, YDWX_WEIXIN_ENCODING_AES_KEY, YDWX_WEIXIN_APP_ID);
}
$msg = '';
$errCode = $crypt->decryptMsg($msg_sign, $timeStamp, $nonce, $from_xml, $msg);
if (!$msg) {
die("success");
}
YDWXHook::do_hook(YDWXHook::YDWX_LOG, $msg . $APPID);
//微信事件指派
$wxevent = YDWXEvent::CreateEventMsg($msg);
if (@$APPID) {
$wxevent->APPID = $APPID;
}
YDWXHook::do_hook($wxevent->HookName(), $wxevent);
