{"id":239,"title":"\u5fae\u4fe1\u516c\u4f17\u5e73\u53f0\u5f00\u53d1\u4e00\u4e2a\u5165\u95e8\u4f8b\u5b50","good":0,"bad":0,"hit":2179,"created_at":"2016-05-31 01:10:15","content":"<p>&lt;?php<br\/>\/**<br\/>&nbsp; * wechat php test<br\/>&nbsp; *\/<br\/><br\/>\/\/define your token<br\/>define(&quot;TOKEN&quot;, &quot;wwwgupiaojzcom&quot;);<br\/>$wechatObj = new wechatCallbackapiTest();<br\/><strong>\/\/$wechatObj-&gt;valid();\/\/\u5f00\u59cb\u5f00\u53d1\u7684\u65f6\u5019\u8981\u628a\u8fd9\u53e5\u6ce8\u91ca\u6389\uff0c\u6389\u7528\u4e0b\u9762\u7684responseMsg();<\/strong><br\/>$wechatObj-&gt;responseMsg();<br\/><br\/>class wechatCallbackapiTest<br\/>{<br\/>&nbsp;&nbsp; &nbsp;public function valid()<br\/>&nbsp;&nbsp;&nbsp; {<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $echoStr = $_GET[&quot;echostr&quot;];<br\/><br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/\/valid signature , option<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if($this-&gt;checkSignature()){<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;echo $echoStr;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;exit;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br\/>&nbsp;&nbsp;&nbsp; }<br\/><br\/>&nbsp;&nbsp;&nbsp; public function responseMsg()<br\/>&nbsp;&nbsp;&nbsp; {<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;\/\/get post data, May be due to the different environments<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$postStr = $GLOBALS[&quot;HTTP_RAW_POST_DATA&quot;];<br\/><br\/>&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;\/\/extract post data<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;if (!empty($postStr)){<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; the best way is to check the validity of xml by yourself *\/<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libxml_disable_entity_loader(true);<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$postObj = simplexml_load_string($postStr, &#39;SimpleXMLElement&#39;, LIBXML_NOCDATA);<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $fromUsername = $postObj-&gt;FromUserName;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $toUsername = $postObj-&gt;ToUserName;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $keyword = trim($postObj-&gt;Content);<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $time = time();<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $textTpl = &quot;&lt;xml&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;ToUserName&gt;&lt;![CDATA[%s]]&gt;&lt;\/ToUserName&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;FromUserName&gt;&lt;![CDATA[%s]]&gt;&lt;\/FromUserName&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;CreateTime&gt;%s&lt;\/CreateTime&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;MsgType&gt;&lt;![CDATA[%s]]&gt;&lt;\/MsgType&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;Content&gt;&lt;![CDATA[%s]]&gt;&lt;\/Content&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;FuncFlag&gt;0&lt;\/FuncFlag&gt;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&lt;\/xml&gt;&quot;;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;if(!empty( $keyword ))<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;if($keyword==99){<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp; $contentStr=&quot;\u67e5\u5b5899\u5143\u5347\u503c\uff0c\u683c\u5f0f\uff1a\u7537\u58eb\u59d3\u540d+\u5973\u58eb\u59d3\u540d\uff0c\u5982\uff1a\u5c0f\u660e+\u5c0f\u7ea2&quot;;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<strong>$msgType = &quot;text&quot;;<\/strong><br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;echo $resultStr;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;}else {<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$contentStr= &quot;\u67e5\u5b5899\u5143\u5347\u503c\uff0c\u683c\u5f0f\uff1a\u7537\u58eb\u59d3\u540d+\u5973\u58eb\u59d3\u540d\uff0cn\u5982\uff1a\u5c0f\u660e+\u5c0f\u7ea2&quot;;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$contentStr.= &quot;\u516c\u4f17\u53f7ibelove&quot;;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<strong>$msgType = &quot;text&quot;;<\/strong><br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;echo $resultStr;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;}<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br\/><br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }else {<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;echo &quot;&quot;;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;exit;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br\/>&nbsp;&nbsp;&nbsp; }<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<br\/>&nbsp;&nbsp; &nbsp;private function checkSignature()<br\/>&nbsp;&nbsp; &nbsp;{<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/\/ you must define TOKEN by yourself<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (!defined(&quot;TOKEN&quot;)) {<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; throw new Exception(&#39;TOKEN is not defined!&#39;);<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $signature = $_GET[&quot;signature&quot;];<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $timestamp = $_GET[&quot;timestamp&quot;];<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $nonce = $_GET[&quot;nonce&quot;];<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$token = TOKEN;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$tmpArr = array($token, $timestamp, $nonce);<br\/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; \/\/ use SORT_STRING rule<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;sort($tmpArr, SORT_STRING);<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$tmpStr = implode( $tmpArr );<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;$tmpStr = sha1( $tmpStr );<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;if( $tmpStr == $signature ){<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;return true;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;}else{<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;return false;<br\/>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;}<br\/>&nbsp;&nbsp; &nbsp;}<br\/>}<br\/><br\/>?&gt;<\/p>"}