今天在代码里面看到一个迷惑的地方,函数形参是个指针。想一想也是对的,传指针可以修改在函数之外的变量,这个跟在foreach里面用用指针&key赋值,之后unset一样的道理,mark一下
$pc = new \WXBizDataCrypt($this->wechat_app->app_id, $session_key);
$errCode = $pc->decryptData($this->encrypted_data, $this->iv, $data);
if ($errCode == 0) {
$data = json_decode($data, true);
$user = User::findOne(['wechat_open_id' => $data['openId'], 'store_id' => $this->store_id]);
if (!$user) {
class WXBizDataCrypt
{
public static $OK = 0;
public static $IllegalAesKey = -41001;
public static $IllegalIv = -41002;
public static $IllegalBuffer = -41003;
public static $DecodeBase64Error = -41004;
private $appid;
private $sessionKey;
/**
* 构造函数
* @param $sessionKey string 用户在小程序登录后获取的会话密钥
* @param $appid string 小程序的appid
*/
public function __construct($appid, $sessionKey)
{
$this->sessionKey = $sessionKey;
$this->appid = $appid;
}
/**
* 检验数据的真实性,并且获取解密后的明文.
* @param $encryptedData string 加密的用户数据
* @param $iv string 与用户数据一同返回的初始向量
* @param $data string 解密后的原文
*
* @return int 成功0,失败返回对应的错误码
*/
public function decryptData($encryptedData, $iv, &$data)
{
if (strlen($this->sessionKey) != 24) {
return static::$IllegalAesKey;
}
$aesKey = base64_decode($this->sessionKey);
if (strlen($iv) != 24) {
return static::$IllegalIv;
}
$aesIV = base64_decode($iv);
$aesCipher = base64_decode($encryptedData);
$result = openssl_decrypt($aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
$dataObj = json_decode($result);
if ($dataObj == NULL) {
return static::$IllegalBuffer;
}
if ($dataObj->watermark->appid != $this->appid) {
return static::$IllegalBuffer;
}
$data = $result;
return static::$OK;
}
}