开始百度了好几个验证token的php源码,怎么测试都不对,调试也能通过就是提示"token验证失败"。
本来对2012年微信官方的验证代码没报希望,死马当成活马医,一试就中了。好气噢,宝宝不开心了!!
官方代码贴一下。
1 <?php 2 /** 3 * wechat php test 4 */ 5 6 //define your token 7 define("TOKEN", "weixin"); 8 $wechatObj = new wechatCallbackapiTest(); 9 $wechatObj->valid(); 10 11 class wechatCallbackapiTest 12 { 13 public function valid() 14 { 15 $echoStr = $_GET["echostr"]; 16 17 //valid signature , option 18 if($this->checkSignature()){ 19 echo $echoStr; 20 exit; 21 } 22 } 23 24 public function responseMsg() 25 { 26 //get post data, May be due to the different environments 27 $postStr = $GLOBALS["HTTP_RAW_POST_DATA"]; 28 29 //extract post data 30 if (!empty($postStr)){ 31 32 $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA); 33 $fromUsername = $postObj->FromUserName; 34 $toUsername = $postObj->ToUserName; 35 $keyword = trim($postObj->Content); 36 $time = time(); 37 $textTpl = "<xml> 38 <ToUserName><![CDATA[%s]]></ToUserName> 39 <FromUserName><![CDATA[%s]]></FromUserName> 40 <CreateTime>%s</CreateTime> 41 <MsgType><![CDATA[%s]]></MsgType> 42 <Content><![CDATA[%s]]></Content> 43 <FuncFlag>0</FuncFlag> 44 </xml>"; 45 if(!empty( $keyword )) 46 { 47 $msgType = "text"; 48 $contentStr = "Welcome to wechat world!"; 49 $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr); 50 echo $resultStr; 51 }else{ 52 echo "Input something..."; 53 } 54 55 }else { 56 echo ""; 57 exit; 58 } 59 } 60 61 private function checkSignature() 62 { 63 $signature = $_GET["signature"]; 64 $timestamp = $_GET["timestamp"]; 65 $nonce = $_GET["nonce"]; 66 67 $token = TOKEN; 68 $tmpArr = array($token, $timestamp, $nonce); 69 sort($tmpArr); 70 $tmpStr = implode( $tmpArr ); 71 $tmpStr = sha1( $tmpStr ); 72 73 if( $tmpStr == $signature ){ 74 return true; 75 }else{ 76 return false; 77 } 78 } 79 } 80 81 ?>
