Overview

Packages

  • None
  • WxRobot
    • Admin
    • Cmd
    • CoreFunctions
    • Exends
    • Install
    • Table
    • Uninstall
    • WxSDK

Classes

  • ErrorCode
  • PKCS7Encoder
  • Prpcrypt
  • SHA1
  • Weixin_BaseCore
  • WeiXin_SDK
  • Weixin_Template
  • WXBizMsgCrypt
  • WxRobot_Admin
  • WxRobot_Admin_Menu_Extends
  • WxRobot_Admin_Menu_Instro
  • WxRobot_Admin_Menu_Menu
  • WxRobot_Admin_Menu_Records
  • WxRobot_Admin_Menu_Reply
  • WxRobot_Admin_Menu_Setting
  • WxRobot_Admin_Menu_Statistics
  • WxRobot_Cmd
  • WxRobot_Cmd_Event
  • WxRobot_Cmd_Event_User
  • WxRobot_Cmd_Text
  • WxRobot_Extends
  • WxRobot_Install
  • WxRobot_Robot
  • WxRobot_SDK
  • WxRobot_Table_Extends
  • WxRobot_Table_Menu
  • WxRobot_Table_Records
  • WxRobot_Table_Reply
  • WxRobot_Uninstall
  • WxRobot_Wp
  • XMLParse

Functions

  • wx_admin_log
  • wx_is_xml
  • wx_notice_msg
  • wx_parse_xml
  • wx_random_big_pic
  • wx_random_small_pic
  • wx_request_array
  • wx_request_decode
  • wx_request_is_encode
  • wx_request_xml
  • wx_send_encode
  • Overview
  • Package
  • Class 
  1: <?php
  2: 
  3: /**
  4:  * 对公众平台发送给公众账号的消息加解密示例代码.
  5:  *
  6:  * @copyright Copyright (c) 1998-2014 Tencent Inc.
  7:  */
  8: 
  9: 
 10: include_once "sha1.php";
 11: include_once "xmlparse.php";
 12: include_once "pkcs7Encoder.php";
 13: include_once "errorCode.php";
 14: 
 15: /**
 16:  * 1.第三方回复加密消息给公众平台;
 17:  * 2.第三方收到公众平台发送的消息,验证消息的安全性,并对消息进行解密。
 18:  */
 19: class WXBizMsgCrypt
 20: {
 21:     private $token;
 22:     private $encodingAesKey;
 23:     private $appId;
 24: 
 25:     /**
 26:      * 构造函数
 27:      * @param $token string 公众平台上,开发者设置的token
 28:      * @param $encodingAesKey string 公众平台上,开发者设置的EncodingAESKey
 29:      * @param $appId string 公众平台的appId
 30:      */
 31:     public function WXBizMsgCrypt($token, $encodingAesKey, $appId)
 32:     {
 33:         $this->token = $token;
 34:         $this->encodingAesKey = $encodingAesKey;
 35:         $this->appId = $appId;
 36:     }
 37: 
 38:     /**
 39:      * 将公众平台回复用户的消息加密打包.
 40:      * <ol>
 41:      *    <li>对要发送的消息进行AES-CBC加密</li>
 42:      *    <li>生成安全签名</li>
 43:      *    <li>将消息密文和安全签名打包成xml格式</li>
 44:      * </ol>
 45:      *
 46:      * @param $replyMsg string 公众平台待回复用户的消息,xml格式的字符串
 47:      * @param $timeStamp string 时间戳,可以自己生成,也可以用URL参数的timestamp
 48:      * @param $nonce string 随机串,可以自己生成,也可以用URL参数的nonce
 49:      * @param &$encryptMsg string 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
 50:      *                      当return返回0时有效
 51:      *
 52:      * @return int 成功0,失败返回对应的错误码
 53:      */
 54:     public function encryptMsg($replyMsg, $timeStamp, $nonce, &$encryptMsg)
 55:     {
 56:         $pc = new Prpcrypt($this->encodingAesKey);
 57: 
 58:         //加密
 59:         $array = $pc->encrypt($replyMsg, $this->appId);
 60:         $ret = $array[0];
 61:         if ($ret != 0) {
 62:             return $ret;
 63:         }
 64: 
 65:         if ($timeStamp == null) {
 66:             $timeStamp = time();
 67:         }
 68:         $encrypt = $array[1];
 69: 
 70:         //生成安全签名
 71:         $sha1 = new SHA1;
 72:         $array = $sha1->getSHA1($this->token, $timeStamp, $nonce, $encrypt);
 73:         $ret = $array[0];
 74:         if ($ret != 0) {
 75:             return $ret;
 76:         }
 77:         $signature = $array[1];
 78: 
 79:         //生成发送的xml
 80:         $xmlparse = new XMLParse;
 81:         $encryptMsg = $xmlparse->generate($encrypt, $signature, $timeStamp, $nonce);
 82:         return ErrorCode::$OK;
 83:     }
 84: 
 85: 
 86:     /**
 87:      * 检验消息的真实性,并且获取解密后的明文.
 88:      * <ol>
 89:      *    <li>利用收到的密文生成安全签名,进行签名验证</li>
 90:      *    <li>若验证通过,则提取xml中的加密消息</li>
 91:      *    <li>对消息进行解密</li>
 92:      * </ol>
 93:      *
 94:      * @param $msgSignature string 签名串,对应URL参数的msg_signature
 95:      * @param $timestamp string 时间戳 对应URL参数的timestamp
 96:      * @param $nonce string 随机串,对应URL参数的nonce
 97:      * @param $postData string 密文,对应POST请求的数据
 98:      * @param &$msg string 解密后的原文,当return返回0时有效
 99:      *
100:      * @return int 成功0,失败返回对应的错误码
101:      */
102:     public function decryptMsg($msgSignature, $timestamp = null, $nonce, $postData, &$msg)
103:     {
104:         if (strlen($this->encodingAesKey) != 43) {
105:             return ErrorCode::$IllegalAesKey;
106:         }
107: 
108:         $pc = new Prpcrypt($this->encodingAesKey);
109: 
110:         //提取密文
111:         $xmlparse = new XMLParse;
112:         $array = $xmlparse->extract($postData);
113:         $ret = $array[0];
114: 
115:         if ($ret != 0) {
116:             return $ret;
117:         }
118: 
119:         if ($timestamp == null) {
120:             $timestamp = time();
121:         }
122: 
123:         $encrypt = $array[1];
124:         $touser_name = $array[2];
125: 
126:         //验证安全签名
127:         $sha1 = new SHA1;
128:         $array = $sha1->getSHA1($this->token, $timestamp, $nonce, $encrypt);
129:         $ret = $array[0];
130: 
131:         if ($ret != 0) {
132:             return $ret;
133:         }
134: 
135:         $signature = $array[1];
136:         if ($signature != $msgSignature) {
137:             return ErrorCode::$ValidateSignatureError;
138:         }
139: 
140:         $result = $pc->decrypt($encrypt, $this->appId);
141:         if ($result[0] != 0) {
142:             return $result[0];
143:         }
144:         $msg = $result[1];
145: 
146:         return ErrorCode::$OK;
147:     }
148: 
149: }
150: 
151:
API documentation generated by ApiGen