php开发微信第三方平台遇到的那些坑

先谈component_verify_ticket

一共有两个坑，一个是php接收xml不要用$_post 还有一个就是解密后的ticket需要干掉字符串前面的”ticket@@@”

不说了 上代码吧

include_once "wx_third/wxBizMsgCrypt.php";//引入腾讯官方example function wxservice(){ $xml_msg=file_get_contents('php://input'); $msg=array( "timeStamp" => empty($_GET['timestamp']) ? "" : trim($_GET['timestamp']) , "nonce" => empty($_GET['nonce']) ? "" : trim($_GET['nonce']) , "msg_sign" => empty($_GET['msg_signature']) ? "" : trim($_GET['msg_signature']) ); $wx_settins=array( 'appId'=>"xxx", 'token'=>"xxx", 'encodingAesKey'=>"xxx", 'secrect'=>"xxx", 'ticket'=>"xxx" ); $result=component_decode($xml_msg,$msg,$wx_settins); } function component_decode($xml,$msg,$config){ $pc = new WXBizMsgCrypt($config['token'], $config['encodingAesKey'], $config['appId']); $xml_tree = new DOMDocument(); $xml_tree->loadXML($xml); $array_e = $xml_tree->getElementsByTagName('Encrypt'); $encrypt = $array_e->item(0)->nodeValue; $format = "<xml><ToUserName><![CDATA[toUser]]></ToUserName><Encrypt><![CDATA[%s]]></Encrypt></xml>"; $from_xml = sprintf($format, $encrypt); $message = ''; $errCode = $pc->decryptMsg($msg['msg_sign'], $msg['timeStamp'], $msg['nonce'], $from_xml, $message); if ($errCode == 0) { $xml = new DOMDocument(); $xml->loadXML($message); $array_e = $xml->getElementsByTagName('ComponentVerifyTicket'); $component_verify_ticket = preg_replace("/ticket@@@/","",$array_e->item(0)->nodeValue) ;//处理解密后的字符串 return $component_verify_ticket; }else{ //如果出错则返回数组 return array( 'err_msg'=>$errCode ); } }

再谈component_access_token

很多朋友stream_context_create会报40002错误，我觉得可能是腾讯服务器对换行符的解析有问题导致的，于是改用了curl处理POST请求

function fresh_access_token($ticket=null){ $wx_settins=$wx_settins=array( 'appId'=>"xxx", 'token'=>"xxx", 'encodingAesKey'=>"xxx", 'secrect'=>"xxx", 'ticket'=>"xxx" ); $post_data = array( 'component_appid' =>$wx_settins['appId'], 'component_appsecret' => $wx_settins['secrect'], 'component_verify_ticket' =>$ticket ); $data=json_decode(request_post('https://api.weixin.qq.com/cgi-bin/component/api_component_token', $post_data),1); } function request_post($url,$data){ $data =json_encode($data); $ch = curl_init(); //用curl发送数据给api curl_setopt( $ch, CURLOPT_POST, true ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $ch, CURLOPT_URL, $url ); curl_setopt( $ch, CURLOPT_POSTFIELDS, $data ); curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, FALSE ); curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, FALSE ); $response = curl_exec( $ch ); curl_close( $ch ); return $response; }

pre_auth_code

pre_auth_code和verify_ticket一样，字符串前面有 preauthcode@@@ 需要替换掉