微信开发中验证基本配置的token验证及自动回复代码（PHP）

最新推荐文章于 2024-05-21 13:33:48 发布

原创最新推荐文章于 2024-05-21 13:33:48 发布 · 549 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#php #微信

PHP 专栏收录该内容

44 篇文章

订阅专栏

本文介绍了一种使用PHP实现的微信公众号接口验证及消息自动回复的方法。通过定义TOKEN并检查签名来确保请求的有效性，同时提供了如何响应消息的示例。

<?php

/**
* wechat php test
*/

//define your token
define(“TOKEN”, “demo”);
$wechatObj = new wechatCallbackapiTest();

$wechatObj->valid();
//这个地方只需要验证一次就够了

//$wechatObj->responseMsg();

class wechatCallbackapiTest
{
public function valid()
{
$echoStr = $_GET[“echostr”];

    //valid signature , option
    if($this->checkSignature()){
        echo $echoStr;
        exit;
    }
}

public function responseMsg()
{
    //get post data, May be due to the different environments
    if (PHP_VERSION >= 7) {
        $postStr = file_get_contents('php://input');
    } else {
        $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
    }
    //file_put_contents('999.txt', $postStr);
    //extract post data
    if (!empty($postStr)){

            /* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,
               the best way is to check the validity of xml by yourself */
            libxml_disable_entity_loader(true);
            $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
            $fromUsername = $postObj->FromUserName;
            $toUsername = $postObj->ToUserName;
            $keyword = trim($postObj->Content);
            $time = time();
            $textTpl = "<xml>
                        <ToUserName><![CDATA[%s]]></ToUserName>
                        <FromUserName><![CDATA[%s]]></FromUserName>
                        <CreateTime>%s</CreateTime>
                        <MsgType><![CDATA[%s]]></MsgType>
                        <Content><![CDATA[%s]]></Content>
                        <FuncFlag>0</FuncFlag>
                        </xml>";             
            if(!empty( $keyword ))
            {
                $msgType = "text";
                $contentStr = "自动回复中你想输出的内容";
                $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
                echo $resultStr;
            }else{
                echo "Input something...";
            }

    }else {
        echo "";
        exit;
    }
}

private function checkSignature()
{
    // you must define TOKEN by yourself
    if (!defined("TOKEN")) {
        throw new Exception('TOKEN is not defined!');
    }

    $signature = $_GET["signature"];
    $timestamp = $_GET["timestamp"];
    $nonce = $_GET["nonce"];

    $token = TOKEN;
    $tmpArr = array($token, $timestamp, $nonce);
    // use SORT_STRING rule
    sort($tmpArr, SORT_STRING);
    $tmpStr = implode( $tmpArr );
    $tmpStr = sha1( $tmpStr );

    if( $tmpStr == $signature ){
        return true;
    }else{
        return false;
    }
}

}