微信Token验证代码的实现

微信开放第三方API接口,

申请地址: 

https://mp.weixin.qq.com/advanced/advanced?action=interface&t=advanced/interface&token=1865635074&lang=zh_CN

官方提供PHP开发代码下载: 点此下载

 

如果你的微信接口页面没有做好,提交保存的时候,会提示:验证Token失败。这个错误是因为,你的接口页面还没有反馈正确的信息给微信接口。微信在教程方面还做得不够成熟,就一个PHP示例,还是有问题的,在下篇文章我会讲到这个错误在哪。微信官方也没有跟大家说清楚怎么才能是token验证成功。下面我将给出示例告诉大家如何通过token验证。

譬如:微信接口页面是http://bbhet.com  默认页面是weixin.php,我们只需要把weixin.php的代码改为, 然后放到你得网站根目录:

官方下载地址 http://mp.weixin.qq.com/wiki/8/f9a0b8382e0b77d87b3bcc1ce6fbc104.html

方法一: 简单的PHP实现Token验证

 

<?php
//1. 将timestamp , nonce , token 按照字典排序
$timestamp = $_GET['timestamp'];
$nonce = $_GET['nonce'];
$token = "你自定义的Token值 用于验证";
$signature = $_GET['signature'];
$array = array($timestamp,$nonce,$token);
sort($array);

//2.将排序后的三个参数拼接后用sha1加密
$tmpstr = implode('',$array);
$tmpstr = sha1($tmpstr);

//3. 将加密后的字符串与 signature 进行对比, 判断该请求是否来自微信
if($tmpstr == $signature)
{
	echo $_GET['echostr'];
	exit;
}

 

 

 

 

 

 

方法二: 封装类的代码实现Token验证

 

<?php
/**
  * wechat php test
  */

//define your token
define("TOKEN", "weixin");
$wechatObj = new wechatCallbackapiTest();
$wechatObj->valid();

class wechatCallbackapiTest
{
	public function valid()
    {
        $echoStr = $_GET["echostr"];

        //valid signature , option
        if($this->checkSignature()){
        	echo $echoStr;
        	exit;
        }
    }

    public function responseMsg()
    {
		//get post data, May be due to the different environments
		$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

      	//extract post data
		if (!empty($postStr)){
                
              	$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
                $fromUsername = $postObj->FromUserName;
                $toUsername = $postObj->ToUserName;
                $keyword = trim($postObj->Content);
                $time = time();
                $textTpl = "<xml>
							<ToUserName><![CDATA[%s]]></ToUserName>
							<FromUserName><![CDATA[%s]]></FromUserName>
							<CreateTime>%s</CreateTime>
							<MsgType><![CDATA[%s]]></MsgType>
							<Content><![CDATA[%s]]></Content>
							<FuncFlag>0</FuncFlag>
							</xml>";             
				if(!empty( $keyword ))
                {
              		$msgType = "text";
                	$contentStr = "Welcome to wechat world!";
                	$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
                	echo $resultStr;
                }else{
                	echo "Input something...";
                }

        }else {
        	echo "";
        	exit;
        }
    }
		
	private function checkSignature()
	{
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];	
        		
		$token = TOKEN;
		$tmpArr = array($token, $timestamp, $nonce);
		sort($tmpArr);
		$tmpStr = implode( $tmpArr );
		$tmpStr = sha1( $tmpStr );
		
		if( $tmpStr == $signature ){
			return true;
		}else{
			return false;
		}
	}
}

?>

jeffery 的博客

 

 

posted @ 2016-03-30 19:22  汀风说后端  阅读(138)  评论(0编辑  收藏  举报