微信Token验证代码的实现

2018-08-02 02:35:31   PHP

  php  

微信开放第三方API接口,

申请地址:

https://mp.weixin.qq.com/advanced/advanced?action=interface&t=advanced/interface&token=1865635074&lang=zh_CN

官方提供PHP开发代码下载: 点此下载

如果你的微信接口页面没有做好,提交保存的时候,会提示:验证Token失败。这个错误是因为,你的接口页面还没有反馈正确的信息给微信接口。微信在教程方面还做得不够成熟,就一个PHP示例,还是有问题的,在下篇文章我会讲到这个错误在哪。微信官方也没有跟大家说清楚怎么才能是token验证成功。下面我将给出示例告诉大家如何通过token验证。

譬如:微信接口页面是http://bbhet.com 默认页面是weixin.php,我们只需要把weixin.php的代码改为, 然后放到你得网站根目录:

官方下载地址 http://mp.weixin.qq.com/wiki/8/f9a0b8382e0b77d87b3bcc1ce6fbc104.html

方法一: 简单的PHP实现Token验证

  1. <?php
  2. //1. 将timestamp , nonce , token 按照字典排序
  3. $timestamp = $_GET['timestamp'];
  4. $nonce = $_GET['nonce'];
  5. $token = "你自定义的Token值 用于验证";
  6. $signature = $_GET['signature'];
  7. $array = array($timestamp,$nonce,$token);
  8. sort($array);
  9. //2.将排序后的三个参数拼接后用sha1加密
  10. $tmpstr = implode('',$array);
  11. $tmpstr = sha1($tmpstr);
  12. //3. 将加密后的字符串与 signature 进行对比, 判断该请求是否来自微信
  13. if($tmpstr == $signature)
  14. {
  15. echo $_GET['echostr'];
  16. exit;
  17. }

方法二: 封装类的代码实现Token验证

  1. <?php
  2. /**
  3. * wechat php test
  4. */
  5. //define your token
  6. define("TOKEN", "weixin");
  7. $wechatObj = new wechatCallbackapiTest();
  8. $wechatObj->valid();
  9. class wechatCallbackapiTest
  10. {
  11. public function valid()
  12. {
  13. $echoStr = $_GET["echostr"];
  14. //valid signature , option
  15. if($this->checkSignature()){
  16. echo $echoStr;
  17. exit;
  18. }
  19. }
  20. public function responseMsg()
  21. {
  22. //get post data, May be due to the different environments
  23. $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
  24. //extract post data
  25. if (!empty($postStr)){
  26. $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
  27. $fromUsername = $postObj->FromUserName;
  28. $toUsername = $postObj->ToUserName;
  29. $keyword = trim($postObj->Content);
  30. $time = time();
  31. $textTpl = "<xml>
  32. <ToUserName><![CDATA[%s]]></ToUserName>
  33. <FromUserName><![CDATA[%s]]></FromUserName>
  34. <CreateTime>%s</CreateTime>
  35. <MsgType><![CDATA[%s]]></MsgType>
  36. <Content><![CDATA[%s]]></Content>
  37. <FuncFlag>0</FuncFlag>
  38. </xml>";
  39. if(!empty( $keyword ))
  40. {
  41. $msgType = "text";
  42. $contentStr = "Welcome to wechat world!";
  43. $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
  44. echo $resultStr;
  45. }else{
  46. echo "Input something...";
  47. }
  48. }else {
  49. echo "";
  50. exit;
  51. }
  52. }
  53. private function checkSignature()
  54. {
  55. $signature = $_GET["signature"];
  56. $timestamp = $_GET["timestamp"];
  57. $nonce = $_GET["nonce"];
  58. $token = TOKEN;
  59. $tmpArr = array($token, $timestamp, $nonce);
  60. sort($tmpArr);
  61. $tmpStr = implode( $tmpArr );
  62. $tmpStr = sha1( $tmpStr );
  63. if( $tmpStr == $signature ){
  64. return true;
  65. }else{
  66. return false;
  67. }
  68. }
  69. }
  70. ?>