php开发微信第三方平台遇到的那些坑 (更新中)

先谈component_verify_ticket

一共有两个坑，一个是php接收xml不要用$_post 还有一个就是解密后的ticket需要干掉字符串前面的"ticket@@@"

不说了 上代码吧

include_once "wx_third/wxBizMsgCrypt.php";//引入腾讯官方example
    function wxservice(){
            $xml_msg=file_get_contents('php://input');
            $msg=array(
                    "timeStamp"  => empty($_GET['timestamp'])     ? ""    : trim($_GET['timestamp']) ,
                    "nonce"     => empty($_GET['nonce'])     ? ""    : trim($_GET['nonce']) ,
                    "msg_sign"   => empty($_GET['msg_signature']) ? ""    : trim($_GET['msg_signature'])
            );
            $wx_settins=array(
                'appId'=>"xxx",
                'token'=>"xxx",
                'encodingAesKey'=>"xxx",
                'secrect'=>"xxx",
                'ticket'=>"xxx"
            );
            $result=component_decode($xml_msg,$msg,$wx_settins);
            }
    function component_decode($xml,$msg,$config){
            $pc = new WXBizMsgCrypt($config['token'], $config['encodingAesKey'], $config['appId']);
            $xml_tree = new DOMDocument();
            $xml_tree->loadXML($xml);
            $array_e = $xml_tree->getElementsByTagName('Encrypt');
            $encrypt = $array_e->item(0)->nodeValue;
            $format = "<xml><ToUserName><![CDATA[toUser]]></ToUserName><Encrypt><![CDATA[%s]]></Encrypt></xml>";
            $from_xml = sprintf($format, $encrypt);
            $message = '';
            $errCode = $pc->decryptMsg($msg['msg_sign'], $msg['timeStamp'], $msg['nonce'], $from_xml, $message);
            if ($errCode == 0) {
                $xml = new DOMDocument();
                $xml->loadXML($message);
                $array_e = $xml->getElementsByTagName('ComponentVerifyTicket');
                $component_verify_ticket = preg_replace("/ticket@@@/","",$array_e->item(0)->nodeValue) ;//处理解密后的字符串
                return $component_verify_ticket;
            }else{
            //如果出错则返回数组
                return array(
                    'err_msg'=>$errCode
                );
            }

        }

再谈component_access_token

很多朋友stream_context_create会报40002错误，我觉得可能是腾讯服务器对换行符的解析有问题导致的，于是改用了curl处理POST请求

function fresh_access_token($ticket=null){
    $wx_settins=$wx_settins=array(
                'appId'=>"xxx",
                'token'=>"xxx",
                'encodingAesKey'=>"xxx",
                'secrect'=>"xxx",
                'ticket'=>"xxx"
            );
        $post_data = array(
                'component_appid' =>$wx_settins['appId'],
                'component_appsecret' => $wx_settins['secrect'],
                'component_verify_ticket' =>$ticket
        );
        $data=json_decode(request_post('https://api.weixin.qq.com/cgi-bin/component/api_component_token', $post_data),1);
}
function request_post($url,$data){
        $data =json_encode($data);
        $ch = curl_init(); //用curl发送数据给api
        curl_setopt( $ch, CURLOPT_POST, true );
        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
        curl_setopt( $ch, CURLOPT_URL, $url );
        curl_setopt( $ch, CURLOPT_POSTFIELDS, $data );
        curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, FALSE );
        curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, FALSE );
        $response = curl_exec( $ch );
        curl_close( $ch );
        return $response;
    }

pre_auth_code

pre_auth_code和verify_ticket一样，字符串前面有 preauthcode@@@ 需要替换掉