js:
<script src="http://res.wx.qq.com/open/js/jweixin-1.4.0.js"></script>
<script>
var getwxconfig='{:U("public/Lottery/getJssdk")}';
var shareurl=location.href.split('#')[0];
$(function() {
$.ajax({
type:"post",
url:getwxconfig,
dataType: 'json',
data:{url:shareurl},
success: function (data) {
wxconfig(data);
wx.ready(function () {
/* 转发好友 */
wx.onMenuShareAppMessage({
title: '测试标题', // 分享标题
desc: '测试内容', // 分享描述
link: data['url'], // 分享链接,该链接域名或路径必须与当前页面对应的公众号JS安全域名一致
imgUrl: 'http://xxx.com/resources/logo_2.png', // 分享图标
success: function () {
alert('成功分享朋友圈');
}
});
/* 转发朋友圈 */
wx.onMenuShareTimeline({
title: '测试标题',
link: data['url'],
imgUrl: 'http://xxx.com/resources/logo_2.png',
success: function () {
alert('成功分享朋友圈');
}
});
})
}
})
})
function wxconfig(json)
{
if(json["appId"])
{
wx.config({
debug: true,
appId: json["appId"],
timestamp: json['timestamp'],
nonceStr: json['nonceStr'],
signature: json['signature'],
jsApiList: [
'onMenuShareTimeline',
'onMenuShareAppMessage',
'onMenuShareQQ',
'onMenuShareWeibo',
'onMenuShareQZone',
'hideMenuItems',
'hideOptionMenu',
'showOptionMenu',
]
});
}
}
</script>
php:
<?php
namespace apps\Common\Extend\Jssdk;
use apps\Common\Extend\Redis\Predis;
class Jssdk
{
private $appId;
private $appSecret;
public function __construct($appId, $appSecret)
{
$this->appId = empty($appId) ? '你的appID' : $appId;
$this->appSecret = empty($appSecret) ? '你的appSecret' : $appSecret;
}
public function getSignPackage($url)
{
$jsapiTicket = $this->getJsApiTicket();
// 注意 URL 一定要动态获取,不能 hardcode.
//$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
//$url = "$protocol$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$timestamp = time();
$nonceStr = $this->createNonceStr();
// 这里参数的顺序要按照 key 值 ASCII 码升序排序
$string = "jsapi_ticket=$jsapiTicket&noncestr=$nonceStr×tamp=$timestamp&url=$url";
$signature = sha1($string);
$signPackage = array(
"appId" => $this->appId,
"nonceStr" => $nonceStr,
"timestamp" => $timestamp,
"url" => $url,
"signature" => $signature,
"rawString" => $string
);
return $signPackage;
}
private function createNonceStr($length = 16)
{
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$str = "";
for ($i = 0; $i < $length; $i++) {
$str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
return $str;
}
private function getJsApiTicket()
{
// jsapi_ticket 应该全局存储与更新,写入到redis
$redisObj = new Predis();
$JsApi_expire_time = $redisObj->getInstance()->get('JsApi_expire_time');
if ($JsApi_expire_time < time()) {
$accessToken = $this->getAccessToken();
// 如果是企业号用以下 URL 获取 ticket
// $url = "https://qyapi.weixin.qq.com/cgi-bin/get_jsapi_ticket?access_token=$accessToken";
$url = "https://api.weixin.qq.com/cgi-bin/ticket/getticket?type=jsapi&access_token=$accessToken";
$res = json_decode($this->httpGet($url));
$ticket = $res->ticket;
if ($ticket) {
$redisObj->getInstance()->set('JsApi_expire_time',time()+7000);
$redisObj->getInstance()->set('jsapi_ticket',$ticket);
}
} else {
$ticket = $redisObj->getInstance()->get('jsapi_ticket');
}
return $ticket;
}
private function getAccessToken()
{
// access_token 应该全局存储与更新,写入到redis
$redisObj = new Predis();
$access_expire_time = $redisObj->getInstance()->get('access_expire_time');
if ($access_expire_time < time()) {
// 如果是企业号用以下URL获取access_token
// $url = "https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=$this->appId&corpsecret=$this->appSecret";
$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=$this->appId&secret=$this->appSecret";
$res = json_decode($this->httpGet($url));
$access_token = $res->access_token;
if ($access_token) {
$redisObj->getInstance()->set('access_expire_time',time()+7000);
$redisObj->getInstance()->set('access_token',$access_token);
}
} else {
$access_token = $redisObj->getInstance()->get('access_token');
}
return $access_token;
}
private function httpGet($url)
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_TIMEOUT, 500);
// 为保证第三方服务器与微信服务器之间数据传输的安全性,所有微信接口采用https方式调用,必须使用下面2行代码打开ssl安全校验。
// 如果在部署过程中代码在此处验证失败,请到 http://curl.haxx.se/ca/cacert.pem 下载新的证书判别文件。
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, true);
curl_setopt($curl, CURLOPT_URL, $url);
$res = curl_exec($curl);
curl_close($curl);
return $res;
}
}
有一个地方需要注意的是还有script获取的地址一定是要转码过的,不带#的,下面这段话是微信官方给的:
1.确认签名算法正确,可用http://mp.weixin.qq.com/debug/cgi-bin/sandbox?t=jsapisign 页面工具进行校验。
2.确认config中nonceStr(js中驼峰标准大写S), timestamp与用以签名中的对应noncestr, timestamp一致。
3.确认url是页面完整的url(请在当前页面alert(location.href.split('#')[0])确认),包括'http(s)://'部分,以及'?'后面的GET参数部分,但不包括'#'hash后面的部分。
4.确认 config 中的 appid 与用来获取 jsapi_ticket 的 appid 一致。
5.确保一定缓存access_token和jsapi_ticket。
6.确保你获取用来签名的url是动态获取的,动态页面可参见实例代码中php的实现方式。如果是html的静态页面在前端通过ajax将url传到后台签名,前端需要用js获取当前页面除去'#'hash部分的链接(可用location.href.split('#')[0]获取,而且需要encodeURIComponent),因为页面一旦分享,微信客户端会在你的链接末尾加入其它参数,如果不是动态获取当前链接,将导致分享后的页面签名失败。
(注:红色部分是重点部分)