<?php
namespace app\program\controller; //命名空间
use think\App;
use think\facade\Db;
class ProgramService //类名(可自定义)
{
private $table = "数据库表名"; //我的数据库表名 取你自己的表名或者表名写在SQL语句中
private $authorization_uri = "https://api.weixin.qq.com/sns/jscode2session"; //微信授权获取openID以及session_key的地址
//自定义变量
private $AppID;
private $Secret;
private $session_key;
private $openid;
private $unionid;
public function __construct()
{
//构造方法,用于变量赋值 也可以在定义变量时直接赋值 注, 类变量不能直接调用方法
$this -> AppID = sysconf("program.app_id");
$this -> Secret = sysconf("program.secret");
}
/**
* 小程序授权入口
* 接收小程序传过来的code值获取openID及sessionkey
* @param $code
* @param $rawData
* @param $session_key
* @param $signature
* @param $iv
* @param $encryptedData
* @return \think\response\Json
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\DbException
* @throws \think\db\exception\ModelNotFoundException
*/
public function authorization($code,$rawData,$signature,$iv,$encryptedData,$from_id = ''){
if(empty($code)) return json(returnData(1,'小程序授权参数code不存在'));
//拼接url地址
$url = $this -> authorization_uri . "?appid=" . $this -> AppID . "&secret=" . $this -> Secret . "&js_code=" . $code . "&grant_type=authorization_code";
//自己封装的请求 composer 安装php-curl 直接调用curl 请求即可 封装是为了简化代码
$res = json_decode(requestGetData($url),true);
// dump($res);die;
if(isset($res['errcode'])) return json(returnData(1,'授权失败',$res['errmsg']));
//变量赋值
$this -> session_key = $res['session_key'];
$this -> openid = $res['openid'];
// $this -> unionid = $res['unionid'];
//验证签名。判断数据真实性
$signature2 = sha1(htmlspecialchars_decode($rawData) . $this -> session_key);
if($signature != $signature2) return json(returnData(1,'授权失败',"签名认证失败"));
//检查用户登录状态
return $this -> changeLoginStatus($this -> session_key,$iv,$encryptedData,$from_id);
}
/**
* 检查用户登录状态
* @param $session_key
* @param $iv
* @param $encryptedData
* @return \think\response\Json
* @throws \think\db\exception\DataNotFoundException
* @throws \think\db\exception\DbException
* @throws \think\db\exception\ModelNotFoundException
*/
public function changeLoginStatus($session_key,$iv,$encryptedData,$from_id){
//根据openID判断数据库是否存在该用户。存在即直接返回用户数据
$user = Db::name($this -> table) -> where("openid",$this -> openid) -> find();
if($user) {
//是否被人邀请 如无需此功能可删除
if($from_id != '' && $user['from_id'] == 0){
Db::name($this -> table) -> where("id",$user['id']) -> update(['form_id' => $from_id]);
}
return json(returnData(99,'登录成功',$user['openid']));
}
//用户未授权,调用微信授权解密参数并存入数据库
return $result = $this -> decryptionEncryptedData($session_key,$iv,$encryptedData,$from_id);
}
/**
* 解密参数,保存用户数据
* @param $session_key
* @param $iv
* @param $encryptedData
* @return \think\response\Json
*/
public function decryptionEncryptedData($session_key,$iv,$encryptedData,$from_id){
if (strlen($session_key) != 24) return json(returnData(1,'授权失败',"解密后得到的sessionKey非法"));
if (strlen($iv) != 24) return json(returnData(1,'授权失败',"解密后得到的iv非法"));
$aesKey = base64_decode($session_key);
$aesIV = base64_decode($iv);
$aesCipher = base64_decode($encryptedData);
$result = openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
$result = json_decode($result,true);
// dump($result);die;
if(empty($result)) return json(returnData(1,'授权失败',"解密后得到的Buffer非法"));
//确认小程序AppID是否为同一个
if($result['watermark']['appid'] != $this -> AppID ) return json(returnData(1,'授权失败',"解密后得到的AppID非法"));
//需保存的用户数组 请改成你自己的数据库字段
$customer['openid'] = $this -> openid;
//开放平台标识,如无需开放平台 请注释或删除
$customer['unionid'] = $result['unionId'];
//用户昵称可能包含特殊字符,需处理
$customer['nickname'] = $this->removeEmoji($result['nickName']);
$customer['sex'] = $result['gender'];
$customer['city'] = $result['city'];
$customer['level'] = $this -> setCustomerLevel();
$customer['from_id'] = $from_id;
$customer['province'] = $result['province'];
$customer['country'] = $result['country'];
$customer['headimgurl'] = $result['avatarUrl'];
$customer['appid'] = $result['watermark']['appid'];
$customer['authorization_time'] = $result['watermark']['timestamp'];
$id = Db::name($this -> table) -> insertGetId($customer);
if($id) return json(returnData(99,'授权成功',$this -> openid));
return json(returnData(1,'授权失败',"保存用户信息出错".Db::name($this -> table) -> getLastSql()));
}
/**
* 处理特殊字符
* @param $text
* @return string|string[]|null
*/
public function removeEmoji($text) {
$clean_text = "";
preg_match_all("/[\x{4e00}-\x{9fa5}|0-9|a-z|A-Z|_]/u", $text, $matches);
$clean_text = isset($matches[0]) ? implode('', $matches[0]) : '';
// Match Emoticons
$regexEmoticons = '/[\x{1F600}-\x{1F64F}]/u';
$clean_text = preg_replace($regexEmoticons, '', $text);
// Match Miscellaneous Symbols and Pictographs
$regexSymbols = '/[\x{1F300}-\x{1F5FF}]/u';
$clean_text = preg_replace($regexSymbols, '', $clean_text);
// Match Transport And Map Symbols
$regexTransport = '/[\x{1F680}-\x{1F6FF}]/u';
$clean_text = preg_replace($regexTransport, '', $clean_text);
// Match Miscellaneous Symbols
$regexMisc = '/[\x{2600}-\x{26FF}]/u';
$clean_text = preg_replace($regexMisc, '', $clean_text);
// Match Dingbats
$regexDingbats = '/[\x{2700}-\x{27BF}]/u';
$clean_text = preg_replace($regexDingbats, '', $clean_text);
return $clean_text;
}
?>