Home > PHP Framework > ThinkPHP > Lightning protection! The pitfalls of thinkphp integrating enterprise account

Lightning protection! The pitfalls of thinkphp integrating enterprise account

藏色散人
Release: 2020-07-28 14:03:25
forward
1899 people have browsed it

The following tutorial column of thinkphp framework will share with you the pitfalls of thinkphp integrating enterprise accounts. I hope it will be helpful to friends in need!

Lightning protection! The pitfalls of thinkphp integrating enterprise account

ThinkPHP pitfalls in using WeChat enterprise account callbacks

I have recently been working on an interface for enterprise account callbacks. I have made several enterprise account applications before. The first time I connected to Thinkphp, various errors were reported. I was unlucky because I had to deal with all the pitfalls that should be avoided.

I almost gave up after falling into a trap this time. Anyone who has developed an Enterprise account knows that the Enterprise account callback will go through an encrypted algorithm, and the developer is required to decrypt it to enable the callback. It is this callback. WeChat's error message is extremely overbearing. No matter what your mistake is, it just says "echostr verification failed. Please check whether it is correctly decrypted and output plaintext echostr". At the very least, the developer should be told what the length of the response received by WeChat is, or it can be verified with its own output. If the length is inconsistent, let alone the content.

If you use the TP framework like me, then you should pay attention. This article takes Thinkphp3.2.3 php version 5.3 as an example

pit 1

  • Download the official processing interface example and place it in the Thinkphp>Library>Wechat (self-built) directory

  • Modify WXBizMsgCrypt.php to WXBizMsgCrypt.class.php

  • Declare the namespace namespace Wechat in WXBizMsgCrypt;

  • Introduce the class use Wechat WXBizMsgCrypt;

in the controller you need

After that, just use the official sample copy to enter your project and simply modify it to complete the integration. The process is quite simple, but! The writing method of constructor before PHP5.3 has changed from that after PHP5.3. The constructor can no longer be named with the class name as the function name. You must use __construct to declare a constructor, which means using official examples to integrate An error will definitely be reported, of course, provided that you are also using a version after PHP5.3.

So you still need to

  • Modify the WXBizMsgCrypt function name in the WXBizMsgCrypt file to __construct

  • Modify pkcs7Encoder in the pkcs7Encoder file Change the function name to __construct

You’re done. It may not be applicable to lower versions of Thinkphp or php5.3 or below. I have not tested other versions.

pits 2

When filling in the callback information of the enterprise number and clicking Save fails, clicking a few more times will really work wonders!
This is no joke~~ Because the random signature sent by the enterprise account to the developer is likely to contain the number. When you get the URL, PHP will automatically filter the number into spaces, resulting in the sent signature and actual address. If the signatures are inconsistent, the signature verification will not pass and 40001: Signature Verification Error will be reported.
Of course, you can also restore the spaces to numbers to ensure that they are consistent with the sent signature address. (I think this is a small bug in the WeChat callback. The signature should not contain such special symbols) Passed, or failed, what? Print it locally and have a look. It's not wrong. I searched all over Baidu. I tried everything to remove the BOM header of the file and change the header. I really decrypted it and returned the decrypted result to I tried WeChat, but it still doesn’t work, WTF. .

Is the clear text really returned? Do you think printing to local is correct? wrong. There is something called a buffer

Things in the buffer will not be printed locally. When WeChat accesses your website, the first thing it gets is the content of the buffer instead of the clear text you output. Therefore, the buffer must be cleared first by using ob_clean() before echo. It is estimated that other frameworks are the same.

These three are relatively big pitfalls, and there is very little information on the Internet. I hope it can help everyone.


The above is the detailed content of Lightning protection! The pitfalls of thinkphp integrating enterprise account. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:segmentfault.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template