<?php
namespace app\index\controller;
use \think\Controller;
use \think\Db;
class Index extends Controller
{
public function index()
{
return $this->fetch();
}
public function testGet(){
$get = $this->request->get();
return json($get);
}
public function testPost(){
$post = $this->request->post();
return json($post);
}
//获取文章详情
public function listarticle(){
$post = $this->request->post();
if($post["type"]){
$data = Db::name("article")->where("type",$post["type"])->field("id,title,content")->find();
if($data){
return_msg(200,"获取成功",$data);
}else{
return_msg(200,"没有此数据");
}
}else{
return_error("参数有误");
}
}
//授权登录
public function actionAuthwr(){
//$get = $_REQUEST;
$post = $this->request->post();
$param['appid'] = 'wx1bd4a3d6b0f91a52'; //小程序id
$param['secret'] = '5b7a7b78cc48ff8cb12a2516172ee693'; //小程序密钥
$param['js_code'] = $this->define_str_replace($post['code']);
$param['grant_type'] = 'authorization_code';
$aid = $param['appid'];
$st = $param['secret'];
$ce = $param['js_code'];
$ty = $param['grant_type'];
$http_key =$this->httpGet("https://api.weixin.qq.com/sns/jscode2session?"."appid=".$aid."&secret=".$st."&js_code=".$ce."&grant_type=".$ty);
$session_key = json_decode($http_key,true);
$fp = fopen('sessionkey.txt', 'a+b');
fwrite($fp, var_export($session_key, true));
fclose($fp);
if (!empty($session_key['session_key'])) {
$decodeData = $this->decryptData($param['appid'],$session_key['session_key'],$post["encryptedData"],$post["iv"]);
$zh_data = json_decode($decodeData, true);
if($zh_data == "-41003"){
return_error("授权失败");
}
// $is_member = Member::find()->where(array("openid"=>$session_key["openid"]))->asArray()->one();
$is_member = Db::name("member")->where(array("openid"=>$session_key["openid"]))->find();
if($is_member){
$token = $this->generate_token($session_key["openid"]);
$token_extime = strtotime("+1 month");
// $result = Member::updateAll(["nickname"=>$zh_data["nickName"],"token"=>$token,"token_extime"=>$token_extime,"avatar_path"=>$zh_data["avatarUrl"]],["id"=>$is_member["id"]]);
$result = Db::name("member")->where(["id"=>$is_member["id"]])->update(["nickname"=>$zh_data["nickName"],"token"=>$token,"token_extime"=>$token_extime,"avatar_path"=>$zh_data["avatarUrl"]]);
if($result){
$return["nickname"] = $zh_data["nickName"];
$return["uid"] = $is_member["id"];
$return["openid"] = $session_key["openid"];
$return["avatar_path"] = $zh_data["avatarUrl"];
$return["token"] = $token;
return_msg("200","授权成功",$return);
}else{
return_error("授权失败1");
}
}else{
//则新增
$Member['openid'] = $session_key["openid"];
$Member['nickname'] = $zh_data["nickName"];
// $Member->p_id = $get["incode"];
//$Member->name = $zh_data["nickName"];
$Member['avatar_path'] = $zh_data["avatarUrl"];
$Member['login_time'] = time();
//$Member->addtime = date('Y-m-d H:i:s');
$Member['token'] = $this->generate_token($session_key["openid"]);
$Member['token_extime'] = strtotime("+1 month");
$id = Db::name("member")->insertGetId($Member);
if($id){
$return["nickname"] = $zh_data["nickName"];
$return["uid"] = $id;
$return["openid"] = $zh_data["openId"];
$return["avatar_path"] = $zh_data["avatarUrl"];
$return["token"] = $Member['token'];
return_msg("200","授权成功",$return);
}else{
return_error("授权失败2");
}
}
}else{
return_error("授权失败3");
}
}
public function generate_token($phone){
$encryption_token = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz'.time().$phone;
return md5($encryption_token);
}
public function define_str_replace($data)
{
return str_replace(' ','+',$data);
}
public function httpGet($url) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_TIMEOUT, 500);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_URL, $url);
$res = curl_exec($curl);
curl_close($curl);
return $res;
}
public function decryptData( $appid , $sessionKey, $encryptedData, $iv ){
$OK = 0;
$IllegalAesKey = -41001;
$IllegalIv = -41002;
$IllegalBuffer = -41003;
$DecodeBase64Error = -41004;
if (strlen($sessionKey) != 24) {
return $IllegalAesKey;
$fp = fopen('d69.txt', 'a+b');
fwrite($fp, var_export($IllegalAesKey, true));
fclose($fp);
}
$aesKey=base64_decode($sessionKey);
if (strlen($iv) != 24) {
$fp = fopen('d69.txt', 'a+b');
fwrite($fp, var_export($IllegalIv, true));
fclose($fp);
return $IllegalIv;
}
$aesIV=base64_decode($iv);
$aesCipher=base64_decode($encryptedData);
//$aesCipher=$encryptedData;
$result=openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
$dataObj=json_decode( $result );
$fp = fopen('d691.txt', 'a+b');
fwrite($fp, var_export($result, true));
fclose($fp);
$fp = fopen('d693.txt', 'a+b');
fwrite($fp, var_export($dataObj, true));
fclose($fp);
if( $dataObj == NULL )
{
$fp = fopen('d69.txt', 'a+b');
fwrite($fp, var_export($IllegalBuffer, true));
fclose($fp);
return $IllegalBuffer;
}
if( $dataObj->watermark->appid != $appid )
{
$fp = fopen('d69.txt', 'a+b');
fwrite($fp, var_export($DecodeBase64Error, true));
fclose($fp);
return $DecodeBase64Error;
}
$fp = fopen('d69.txt', 'a+b');
fwrite($fp, var_export($result, true));
fclose($fp);
$data = json_decode($result,true);
return $result;
}
// 获取openid和access_token
public function sq(){
header("Content-type:text/html;charset=utf-8");
$code = input('code');
if(empty($code)){
return_error('获取失败,code不存在,请联系管理员');
}
$appid = 'wx1bd4a3d6b0f91a52';//小程序的appid
$appSecret = '5b7a7b78cc48ff8cb12a2516172ee693';// 小程序的$appSecret
$wxUrl = 'https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code';
$getUrl = sprintf($wxUrl, $appid, $appSecret, $code);//把appid,appsecret,code拼接到url里
//发起请求
$getopenid = file_get_contents($getUrl);
$getopenid_arr = json_decode($getopenid, true);
return_msg(200,'获取成功',$getopenid_arr);
}
//授权用户手机号
public function wxtel()
{
$code = input('post.code');
$encryptedData =input('post.encryptedData');
$iv = input('post.iv');
/**
* 获取用户的openID和session_key
*/
$appid='wx1bd4a3d6b0f91a52';
$secret='5b7a7b78cc48ff8cb12a2516172ee693';
$url = "https://api.weixin.qq.com/sns/jscode2session?appid=$appid&secret=$secret&js_code=$code&grant_type=authorization_code";
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
$contents = curl_exec($ch);
curl_close($ch);
$info = json_decode($contents,true);
/**
* 获取加密电话数据
*/
$openid = $info['openid'];
$sessionKey = $info['session_key'];
$errCode = $this->decryptData2($appid,$sessionKey,$encryptedData, $iv, $data );
// dump($data);die;
// if ($errCode == 0) {
$data = json_encode($data);
$data = json_decode($data, true);
// print_r($data);die;
$a = Db::name('member')->where('openid',$openid)->where('mobile',$data['phoneNumber'])->find();
if ($a){
return_msg(200,'查询成功',$a['phone']);
}
$a = Db::name('member')->where('openid',$openid)->update(['mobile'=>$data['phoneNumber']]);
if ($a){
return_msg(200,'操作成功',$data['phoneNumber']);
}else{
return_error('操作失败');
}
}
/**
* 检验数据的真实性,并且获取解密后的明文.
* @param $encryptedData string 加密的用户数据
* @param $iv string 与用户数据一同返回的初始向量
* @param $data string 解密后的原文
*
* @return int 成功0,失败返回对应的错误码
*/
public function decryptData2( $appid,$sessionKey,$encryptedData, $iv, &$data )
{
if (strlen($sessionKey) != 24) {
return -41001;
}
$aesKey=base64_decode($sessionKey);
if (strlen($iv) != 24) {
return -41002;
}
$aesIV=base64_decode($iv);
$aesCipher=base64_decode($encryptedData);
$result=openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
$dataObj=json_decode( $result );
if( $dataObj == NULL )
{
return -41003;
}
if( $dataObj->watermark->appid != $appid )
{
return -41004;
}
$data = $dataObj;
return 0;
}
}
