$TOKEN = "Token(令牌)";
$EncodingAESKey = "EncodingAESKey(消息加密密钥)";
if(isset($_GET['echostr'])){
$shuju = [
$TOKEN,
$_GET['timestamp'],
$_GET['nonce'],
];
sort($shuju, SORT_STRING);
$hash = sha1(implode('',$shuju));
if($_GET['signature'] == $hash ){
exit($_GET['echostr']);
}
exit('error');
}
$encrypt_type = $_GET['encrypt_type']??"";
$msg_signature = $_GET['msg_signature']??"";
$nonce = $_GET['nonce']??"";
$openid = $_GET['openid']??"";
$signature = $_GET['signature']??"";
$timestamp = $_GET['timestamp']??"";
$body = file_get_contents('php://input');
$bodydata = (array)json_decode($body??'{}',true);
//将token、timestamp(URL参数中的)、nonce(URL参数中的)、Encrypt(发包中的)
$shuju = [
$TOKEN,
$timestamp,
$nonce ,
$bodydata['Encrypt']
];
sort($shuju, SORT_STRING);
$hash = sha1(implode('',$shuju));
if($hash != $msg_signature ){
exit('error');
}
$AESKey = base64_decode( $EncodingAESKey.'=' );
$iv = substr($AESKey,0,16);
$ciphertext_dec = base64_decode($bodydata['Encrypt']);
$data = openssl_decrypt($ciphertext_dec, 'AES-256-CBC', $AESKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, $iv);
if(!$data){
exit('error');
}
$pad = ord(substr($data, -1));
if ($pad < 1 || $pad > 32) {
$pad = 0;
}
$result = substr($data, 0, (strlen($data) - $pad));
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_appid = substr($content, $xml_len + 4);
$xml_content = (array) json_decode($xml_content ,true);
if($xml_content && $xml_content['errcode'] =='0' ){
exit('success');
}
exit('error');
微信消息推送 php版本 消息加密方式安全模式 openssl 版本
微信消息推送 php版本 消息加密方式安全模式 openssl
川公网安备 51072202110075号