微信小程序获取微信手机号前端和后端php代码
微信小程序支持一键点击获取当前微信用户的注册手机号功能,不用再频繁输入手机号及验证码进行注册了,提高了用户体验,非常好用,但是使用此功能的前提是小程序必须通过微信认证。
今天我们来讲讲如何编写前后端代码实现这个功能。
一、小程序端代码
我们先获取sessionkey这个值,这个值是参与手机号解密的,所以要提前获取,那么怎么获取呢
wx.login({ success(res) { console.log(res); var code = res.code wx.request({ url: '后端url', method: "post", data: { code }, success: function (res) { console.log(res.data.openid); that.setData(res.data); } }) } })后端的php返回sessionkey
<?php $appid = "wx1231312321"; $appsecret = "12312334343534534535"; $code = $_GET['code']; if ($code == '') { echo json_encode([ 'code' => '201', 'data' => 'code不能为空' ]); exit(); } $url = 'https://api.weixin.qq.com/sns/jscode2session?appid='.$appid.'&secret='.$appsecret.'&js_code='.$code.'&grant_type=authorization_code'; $result = http_curl($url); $token = json_decode($result, 1); if (isset($token['session_key'])) { $sessionkey = $token['session_key']; //拿到openid echo json_encode([ 'code' => '200', 'data' => $sessionkey ]); exit(); } echo json_encode([ 'code' => '201', 'data' => "登陆失败" ]); function http_curl($url) { $curlobj = curl_init(); curl_setopt($curlobj, CURLOPT_URL, $url); curl_setopt($curlobj, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curlobj, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curlobj, CURLOPT_SSL_VERIFYHOST, FALSE); $output = curl_exec($curlobj); curl_close($curlobj); return $output; } ?>ok,获取sessionkey后放在上下文中存储,下面来编写获取手机号的代码我们先增加一个布局wxml代码
<button open-type="getPhoneNumber" bindgetphonenumber="getPhoneNumber">获取手机号</button>在js中编写getPhoneNumber函数
getPhoneNumber: function (e) { var that = this; console.log(e.detail.errMsg == "getPhoneNumber:ok"); if (e.detail.errMsg == "getPhoneNumber:ok") { wx.request({ url: '后端url地址', data: { encrypteddata: e.detail.encryptedData, iv: e.detail.iv, sessionkey: that.data.sessionkey, }, method: "post", success: function (res) { console.log(res); } }) } },
二、后端php
后端主要是对数据进行解密<?php class Wxbizdatacrypt { private $appid; private $sessionKey; /** * 构造函数 * @param $sessionKey string 用户在小程序登录后获取的会话密钥 * @param $appid string 小程序的appid */ public function __construct($appid, $sessionKey) { $this->sessionKey = $sessionKey; $this->appid = $appid; } /** * 检验数据的真实性,并且获取解密后的明文. * @param $encryptedData string 加密的用户数据 * @param $iv string 与用户数据一同返回的初始向量 * @param $data string 解密后的原文 * * @return int 成功0,失败返回对应的错误码 */ public function decryptData($encryptedData, $iv, &$data) { if (strlen($this->sessionKey) != 24) { return ErrorCode::$IllegalAesKey; } $aesKey = base64_decode($this->sessionKey); if (strlen($iv) != 24) { return ErrorCode::$IllegalIv; } $aesIV = base64_decode($iv); $aesCipher = base64_decode($encryptedData); $result = openssl_decrypt($aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV); $dataObj = json_decode($result); if ($dataObj == NULL) { return ErrorCode::$IllegalBuffer; } if ($dataObj->watermark->appid != $this->appid) { return ErrorCode::$IllegalBuffer; } $data = $result; return ErrorCode::$OK; } } /** * error code 说明. * <ul> * <li>-41001: encodingAesKey 非法</li> * <li>-41003: aes 解密失败</li> * <li>-41004: 解密后得到的buffer非法</li> * <li>-41005: base64加密失败</li> * <li>-41016: base64解密失败</li> * </ul> */ class ErrorCode { public static $OK = 0; public static $IllegalAesKey = -41001; public static $IllegalIv = -41002; public static $IllegalBuffer = -41003; public static $DecodeBase64Error = -41004; } $pc = new Wxbizdatacrypt($appid, $sessionkey); $errCode = $pc->decryptData($encrypteddata, $iv, $data); if ($errCode == 0) { print($data . "\n"); } else { print($errCode . "\n"); } ?>好了,整个过程就这么简单,获取了微信用户的注册手机号,不过这个不难滥用,小心被微信封杀。
网友评论0