Before you read this article, I want to say one thing to you:

If an avalanche, no snowflake is innocent

The same is true for bugs in programs

No letter is innocent when it comes to errors

I just arrived at the company early this morning, and an inexplicable BUG occurred in my previously developed wechat public account, throwing an error message: undefined index OpenID!!

Immediately respond to the problem, find the corresponding code error line number, go through the business logic from top to bottom.

First, the steps of obtaining user information through wechat official account webpage authorization are described superfluously:

  1. The user agrees to authorize and gets the Code
  2. Exchange web page authorization access_token with code
  3. Refresh access_token (if required)
  4. Pull user information (scope is snsapi_userinfo)

I use the scope is snsapi_userinfo (there is also a small hole here, but the solution document has a detailed description, in fact, in the case of already concerned about the public account, in the public account to do active authorization to pull the authorization page is also through silent authorization without the user’s awareness of the authorization. However, after logging in wechat on PC, the authorization page will appear when re-entering the official account for page jump.)

After the investigation of their own program, basically ruled out the code writing error or use of undefined variables, so to find the document, follow the steps above, and checked again to obtain their own authorization, pull user information code, there is no problem where the problem actually appeared?

In order to obtain user information (openID, HeadimgURL), you need acess_token(here acess_token is different from acess_token in base support). To get acess_token, you need to get a Code, which requires the user to go through an authorization link

https://open.weixin.qq.com/connect/oauth2/authorize?appid=wxf0e81c3bee622d60&redirect_uri=http%3A%2F%2Fnba.bluewebgame.c om%2Foauth_response.php&response_type=code&scope=snsapi_userinfo&state=STATE#wechat_redirect
Copy the code

So far, a user access WeChat public mobile phone number of a process is covered after the access to information, the business logic of the normal walk, so try it step by step, by Charles caught the request of the mobile phone, found that mobile phone no matter how to authorize or no matter how request, cancel the attention, attention, and so on any action, just dig in for a while there is no any error!

At this point has reached the edge of collapse, the online frequent error, the pressure can not withstand! Then I turned to Baidu for help and provided some solutions, but I thought that was not the root cause of the problem, until I saw CSDN and said, “No matter how users access the mobile phone, there will be no Code failure!” Do people log in wechat on the PC and then operate it in the wechat browser in the public account?

With this question, I logged on my own wechat in the public number began their own test, the following I tell you my own operation steps (limited to the PC side wechat public number operation) :

  1. Enter the public account randomly click a menu or pop-up message to guide the user authorization, pull up the authorization page appears

  1. Access to the personal center after successful authorization

  1. Please note that if you want to report an error, please keep clicking the back button carefully prepared for you by wechat browser. Before reporting an error, you will see such a prompt page

  1. Then wait a few seconds (depending on the network speed) and your program will receive an error message about the OpenID problem

Through the packet capture analysis of the above operation, it is found that after clicking back in the PC operation, the Code you obtained before will be used to pull your user information again. This Code is actually the Code you used the first time. The Code for exchanging information can only be used once, and it will become invalid after use.

Speaking of which, I will not talk about the rest, because I think my way of solving the problem is relatively LOW. Although the problem is solved, I always feel that it is not fundamental, because I just added such a page to the project. If I find that the error_code is returned when I obtain access_token through Code, I’ll jump to a page similar to 404, with a reauthorization button to jump to.

A summary that is not a summary

  1. When solving this problem, I made the old mistake again. At first, I only focused on whether my variable was defined or not, and did not think about its origin and origin.
  2. Once again, I was deceived by the appearance. Is wechat a very useful APP on the mobile phone and I have ruled out the possibility of operating on the PC by default?
  3. When you’re solving a problem or when you’re writing code and you have a problem, I think it’s best if you have a partner to look at the problem, because sometimes you don’t really pay attention to the details, or you don’t pay attention to the corners, and when you don’t pay attention, a letter can cause your program to fail