<?php
class WeChat{
private $appid;
private $appsecret;
public function __construct($appid,$appsecret)
{
$this->appid = $appid;
$this->appsecret = $appsecret;
}
public function getOpenid($code){
$url = "https://api.weixin.qq.com/sns/jscode2session?appid={$this->appid}&secret={$this->appsecret}&js_code={$code}&grant_type=authorization_code";
$json = $this->httpRequest($url);
return json_decode($json, true);
}
public function getUserMobile($iv,$encryptedData,$sessionKey)
{
$WX = new WXBizDataCrypt($this->appid,$sessionKey);
$errCode = $WX->decryptData($encryptedData,$iv, $data);
if ($errCode == 0) {
$msg = 'ok';
$status = 1;
} else {
$msg = $errCode;
$status = 0;
$data = [];
}
return ['status'=>$status,'msg'=>$msg,'data'=>$data];
}
public function httpRequest($url, $method="GET", $postfields = null, $headers = array(), $debug = false){
$method = strtoupper($method);
$ci = curl_init();
curl_setopt($ci, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
curl_setopt($ci, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0");
curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, 60);
curl_setopt($ci, CURLOPT_TIMEOUT, 7);
curl_setopt($ci, CURLOPT_RETURNTRANSFER, true);
switch ($method) {
case "POST":
curl_setopt($ci, CURLOPT_POST, true);
if (!empty($postfields)) {
$tmpdatastr = is_array($postfields) ? http_build_query($postfields) : $postfields;
curl_setopt($ci, CURLOPT_POSTFIELDS, $tmpdatastr);
}
break;
default:
curl_setopt($ci, CURLOPT_CUSTOMREQUEST, $method);
break;
}
$ssl = preg_match('/^https:\/\//i', $url) ? TRUE : FALSE;
curl_setopt($ci, CURLOPT_URL, $url);
if ($ssl) {
curl_setopt($ci, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ci, CURLOPT_SSL_VERIFYHOST, FALSE);
}
curl_setopt($ci, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ci, CURLOPT_MAXREDIRS, 2);
curl_setopt($ci, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ci, CURLINFO_HEADER_OUT, true);
$response = curl_exec($ci);
$requestinfo = curl_getinfo($ci);
$http_code = curl_getinfo($ci, CURLINFO_HTTP_CODE);
if ($debug) {
echo "=====post data======\r\n";
var_dump($postfields);
echo "=====info===== \r\n";
print_r($requestinfo);
echo "=====response=====\r\n";
print_r($response);
}
curl_close($ci);
return $response;
}
}
class WXBizDataCrypt {
private $appid;
private $sessionKey;
public function __construct($appid,$sessionKey)
{
$this->appid = $appid;
$this->sessionKey = $sessionKey;
}
public function decryptData($encryptedData,$iv, &$data )
{
if (strlen($this->sessionKey) != 24) {
return $this->ErrorCode("IllegalAesKey");
}
$aesKey=base64_decode($this->sessionKey);
if (strlen($iv) != 24) {
return $this->ErrorCode("IllegalIv");
}
$aesIV=base64_decode($iv);
$aesCipher=base64_decode($encryptedData);
$result=openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
$dataObj=json_decode( $result );
if( $dataObj == NULL )
{
return $this->ErrorCode("IllegalBuffer");
}
if( $dataObj->watermark->appid != $this->appid )
{
return $this->ErrorCode("IllegalBuffer");
}
$data = $result;
return $this->ErrorCode("OK");
}
public function ErrorCode($parameter){
$errorcode = array(
'ValidateSignatureError' => "-41001: encodingAesKey 非法",
'ParseXmlError' => "-40002: xml解析失败",
'ComputeSignatureError' => "-40003: sha加密生成签名失败",
'IllegalAesKey' => "-40004: encodingAesKey 非法",
'ValidateAppidError' => "-40005: appid 校验错误",
'EncryptAESError' => "-40006: aes 加密失败",
'DecryptAESError' => "-40007: aes 解密失败",
'IllegalBuffer' => "-40008: 解密后得到的buffer非法",
'EncodeBase64Error' => "-40009: base64加密失败",
'DecodeBase64Error' => "-40010: base64解密失败",
'GenReturnXmlError' => "-40011: 生成xml失败",
'IllegalIv' => "-40012: Iv 非法",
'OK' => 0
);
return $errorcode[$parameter];
}
}