1.验证文件,wx_check.php,放入网站根目录,在公众平台进行配置验证
<?php
//获得接口认证
$timestamp = $_GET['timestamp'];
$nonce = $_GET['nonce'];
$token = 'maozi1988';
$signature = $_GET['signature'];
//将参数字典化排序
$tmpArr = array($timestamp,$nonce,$token);
sort($tmpArr);
$judgeArr = implode('',$tmpArr);
$judge = sha1($judgeArr);
//判断是否符合
if($judge == $signature)
{
echo $_GET['echostr'];
exit;
}
?>
2.微信access_token以及jsapi_ticket的获取及刷新,2小时刷新机制
public function access() { //微信access_token刷新
$app_info = M('wxconfig')->find();
$acc_info = M('wxaccess')->find();
$res = array();
$url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid={$app_info['appid']}&secret={$app_info['appsec']}";
if ($acc_info) {
$diff_time = time() - $acc_info['addtime'];
if ($diff_time >= 7000) {
$return = json_decode(sp_getcurl($url), 1);
$res['access_token'] = $return['access_token'];
//更新token
$ins['access_token'] = $return['access_token'];
$ins['addtime'] = time();
M('wxaccess')->where("id='{$acc_info['id']}'")->save($ins);
} else {
$res['access_token'] = $acc_info['access_token'];
}
} else {
$return = json_decode(sp_getcurl($url), 1);
$res['access_token'] = $return['access_token'];
//更新token
$ins['access_token'] = $return['access_token'];
$ins['addtime'] = time();
M('wxaccess')->add($ins);
}
//jsapi_ticket
$url2 = "https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=" . $res['access_token'] . "&type=jsapi";
$info2 = M('wxjsticket')->find();
if ($info2) {
$diff_time = time() - $info2['addtime'];
if ($diff_time >= 7200) {
$return = json_decode(sp_getcurl($url2), 1);
if ($return['errcode'] === 0) {
$res['ticket'] = $return['ticket'];
//更新token
$ins['ticket'] = $return['ticket'];
$ins['addtime'] = time();
M('wxjsticket')->where("id='{$info2['id']}'")->save($ins);
}
} else {
$res['jstickt'] = $info2['jstickt'];
}
} else {
$return = json_decode(sp_getcurl($url2), 1);
if ($return['errcode'] === 0) {
$res['ticket'] = $return['ticket'];
//更新token
$ins['ticket'] = $return['ticket'];
$ins['addtime'] = time();
M('wxjsticket')->add($ins);
}
}
}
3.网页授权
$appid = M('wxconfig')->getField('appid');
$redirect_uri = urlencode("http://{$url}/index.php?g=Apis&m=Act&a=index");
$response_type = 'code';
$scope = 'snsapi_userinfo';
$url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid={$appid}&redirect_uri={$redirect_uri}&response_type=code&scope={$scope}&state={$act}#wechat_redirect";
redirect($url);
4.跳转页面获取用户信息
$code = sp_checkparam('code', false, 'mysqlWhere');
$state = sp_checkparam('state', false, 'mysqlWhere');
$app_info = M('wxconfig')->find();
//网页授权
$url_page = "https://api.weixin.qq.com/sns/oauth2/access_token?appid={$app_info['appid']}&secret={$app_info['appsec']}&code={$code}&grant_type=authorization_code";
$return = json_decode(sp_getcurl($url_page),1);
$res['access_token'] = $return['access_token'];
$res['refresh_token'] = $return['refresh_token'];
//刷新Token
$refresh_url = "https://api.weixin.qq.com/sns/oauth2/refresh_token?appid={$app_info['appid']}&grant_type=refresh_token&refresh_token={$res['refresh_token']}";
$refresh_return = sp_getcurl($refresh_url);
$param = json_decode($refresh_return,1);
if (!$param['openid']) { //openid获取失败跳回授权页面
$webinfo = M('weburl')->find();
if ($webinfo) {
$url = $webinfo['url'];
} else {
$url = $_SERVER['HTTP_HOST'];
}
$redirect_uri = "http://{$url}/index.php?g=Apis&m=Index&a=index&act=".$state;
redirect($redirect_uri);
} else {
//openid先查询
$user = $this->usermodel->where("openid='{$param['openid']}'")->find();
if (!$user) { //添加微信用户
$uinfo_url = "https://api.weixin.qq.com/sns/userinfo?access_token={$param['access_token']}&openid={$param['openid']}&lang=zh_CN";
$uinfo = sp_getcurl($uinfo_url);
$uinfo = json_decode($uinfo,1);
$data = array();
$data['avatar'] = $uinfo['headimgurl'];
$data['user_nicename'] = $uinfo['nickname'];
$data['user_login'] = $uinfo['nickname'];
$data['user_pass'] = sp_password("123456");
$data['openid'] = $uinfo['openid'];
$data['create_time'] = date("Y-m-d H:i:s",time());
$data['user_type'] = 2;
$r = $this->usermodel->add($data);
session('uid',$r);
//存入session
} else {
//是否存在session
$uid = session("uid");
if (!$uid) { //不存在 重新赋值
session('uid',$user['id']);
}
}
}
5.jsapi 签名接口
<?php
/*
* 自定义菜单接口
*/
namespace Apis\Controller;
use Common\Controller\AppframeController;
class SignatureController extends AppframeController {
public function _initialize() {
parent::_initialize();
}
public function createNonceStr($length = 16) {
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$str = "";
for ($i = 0; $i < $length; $i++) {
$str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
}
return $str;
}
public function getSign() {
$url = $_REQUEST['url'];
$appinfo = M("wxconfig")->find();
$jsapiTicket = M('wxjsticket')->getField("ticket");
$timestamp = time();
$nonceStr = $this->createNonceStr();
// 这里参数的顺序要按照 key 值 ASCII 码升序排序
$string = "jsapi_ticket=$jsapiTicket&noncestr=$nonceStr×tamp=$timestamp&url=$url";
$signature = sha1($string);
$signPackage = array(
"appId" => $appinfo['appid'],
"nonceStr" => $nonceStr,
"timestamp" => $timestamp,
"signature" => $signature,
);
sp_api($signPackage);
}
}