php 微信 token校驗失敗 解決方法
阿新 • • 發佈:2018-12-12
<?php namespace app\user\controller; use think\Controller; use think\Session; use think\Db; use think\Request; //微信訊息接收 class Wx extends Controller { public function ts() //微信推送 { define("TOKEN", "wwwzzkyecom"); //定義TOKEN祕鑰 $wechatObj = new wechatCallbackapiTest(); ob_clean(); //這句才是重點 if (isset($_GET['echostr'])) { $wechatObj->valid(); }else{ $wechatObj->responseMsg(); } } //==================================================== public function curlPost($url,$data=''){ $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE); if (!empty($data)){ curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, $data); } curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($curl); curl_close($curl); $result = json_decode($output,true); return $result; } public function curlGet($url,$header=FALSE){ $curl = curl_init($url); curl_setopt($curl,CURLOPT_HTTPGET,true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,FALSE); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,FALSE); curl_setopt($curl, CURLOPT_HEADER, FALSE); curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); // curl_setopt($curl, CURLOPT_HEADER,false); //當需要接收表頭時將此項開啟;並將結果轉換為陣列的的處理關閉; // curl_setopt($curl,CURLOPT_RETURNTRANSFER,true); // curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5); $res = curl_exec($curl); curl_close($curl); if($header==FALSE){ $result = json_decode($res,true); return $result; }else{ return $res; } // return $res; } //======================================= } //================================================================= //定義類檔案 class wechatCallbackapiTest { public function valid() { $echoStr = $_GET["echostr"]; if($this->checkSignature()){ echo $echoStr; exit; } } private function checkSignature() { $signature = $_GET["signature"]; $timestamp = $_GET["timestamp"]; $nonce = $_GET["nonce"]; $token = TOKEN; $tmpArr = array($token, $timestamp, $nonce); sort($tmpArr); $tmpStr = implode( $tmpArr ); $tmpStr = sha1( $tmpStr ); if( $tmpStr == $signature ){ return true; }else{ return false; } } public function responseMsg() { $postStr = $GLOBALS["HTTP_RAW_POST_DATA"]; if (!emptyempty($postStr)){ $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA); $fromUsername = $postObj->FromUserName; $toUsername = $postObj->ToUserName; $keyword = trim($postObj->Content); $time = time(); $textTpl = "<xml> <ToUserName><![CDATA[%s]]></ToUserName> <FromUserName><![CDATA[%s]]></FromUserName> <CreateTime>%s</CreateTime> <MsgType><![CDATA[%s]]></MsgType> <Content><![CDATA[%s]]></Content> <FuncFlag>0</FuncFlag> </xml>"; if($keyword != " " || !emptyempty( $keyword ) ) { $msgType = "text"; //$contentStr .= date("Y-m-d H:i:s",time()); $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr); echo $resultStr; } }else{ echo ""; exit; } } }