终于找到原因了,写微信开发文档的真是垃圾,需要去掉 CDATA 标记
string nonce_str = Get_GuidStr();//随机字符串 string sign = "";//签名 string mch_id = "100000000";//商户号 string mch_billno = Get_BillNo(mch_id);//商户订单号 string wxappid = "wx8asdfderqweqweqwe2b";//公众账号appid string nick_name = "aa";//提供方名称 string send_name = "aa";//商户名称 string re_openid = "asdfasfwerqweqeqweqe";//用户openid int total_amount = 100;//付款金额(分) int min_value = 100;//最小红包金额 int max_value = 100;//最大红包金额 int total_num = 1;//红包发放总人数 string wishing = "新年新气象,祝您身体健康,万事如意!";//红包祝福语 string client_ip = "114.249.210.173"; //"221.5.252.231";//Ip地址 string act_name = "测试红包功能。";//活动名称 string remark = "测的越多,送的越多。";//备注 string logo_imgurl = "";//商户logo的url string share_content = "";//分享文案 string share_url = "";//分享链接 string share_imgurl = "";//分享的图片<?phpconst API = \'https://api.mch.weixin.qq.com/mmpaymkttransfers/sendredpack\';const MCH_ID = \'\';const MCH_SECRET = \'\';const APP_KEY = \'\';const APP_SECRET = \'\';const OPENID = \'\';$money = 100;//------------------logic----------------------$params = [ \'mch_billno\'=>gen_mch_billno(), \'mch_id\'=>MCH_ID, \'wxappid\'=>APP_KEY, \'nick_name\'=>\'xxxxx\', \'send_name\'=>\'xxxx\', \'re_openid\'=>OPENID, \'total_amount\'=>$money, \'min_value\'=>$money, \'max_value\'=>$money, \'total_num\'=>1, \'wishing\'=>\'感谢您参加!\', \'client_ip\'=>\'127.0.0.1\', \'act_name\'=>\'测试红包\', \'act_id\'=>17481, \'remark\'=>\'备注提示\', \'logo_imgurl\'=>\'http://www.sogou.com/images/logo/new/sogou.png\' , \'share_url\'=>\'http://xxxx.com\', \'share_imgurl\'=>\'http://www.sogou.com/images/logo/new/sogou.png\', \'share_content\'=>\'恭喜发财\', \'remark\'=>\'新年红包哦~\', \'nonce_str\'=>gen_nonce(),];$res = post(API, gen_xml($params), true);var_dump($res);//-----------------func-----------------------function gen_xml($params) { $xml = \'<xml>\'; $fmt = \'<%s><![CDATA[%s]]></%s>\'; foreach($params as $key=>$val){ $xml.=sprintf($fmt, $key, $val, $key); } $xml.=\'</xml>\'; return $xml;}function sign($params){ ksort($params); $beSign = array_filter($params, \'strlen\'); $pairs = array(); foreach ($beSign as $k => $v) { $pairs[] = "$k=$v"; } $sign_data = implode(\'&\', $pairs); $sign_data.=\'&key=\'.MCH_SECRET; return strtoupper(md5($sign_data));}function gen_nonce(){ return md5(uniqid(\'\', true));}function gen_mch_billno(){ return MCH_ID.date(\'Ymd\').time();}function post($url, $strXml, $CA = true) { //$arrHeader[] = \'Content-Length: \' . strlen($strXml); $cacert = __DIR__ . \'/cacert.pem\'; //CA根证书 $SSL = substr($url, 0, 8) == "https://" ? true : false; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); //curl_setopt($ch, CURLOPT_HTTPHEADER, $arrHeader); if ($SSL && $CA) { curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); // 只信任CA颁布的证书 curl_setopt($ch, CURLOPT_SSLCERT,__DIR__.\'/apiclient_cert.pem\'); curl_setopt($ch, CURLOPT_SSLKEY,__DIR__.\'/apiclient_key.pem\'); curl_setopt($ch, CURLOPT_CAINFO, $cacert); // CA根证书(用来验证的网站证书是否是CA颁布) curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // 检查证书中是否设置域名,并且是否与提供的主机名匹配 } else if ($SSL && !$CA) { curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // 信任任何证书 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // 检查证书中是否设置域名 } curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $strXml); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); $res = curl_exec($ch); curl_close($ch); return $res;}