Token is set up in the basic configuration of official account.

Keywords: PHP xml SHA1

WeChat official account / development / basic setup / server configuration page

URL fill in your server address

The Token value is the value set by response.php

The content of the response.php file is as follows:

<?php
traceHttp();

define("TOKEN", "kiking");
$wechatObj = new wechatCallbackapi();
if (isset($_GET['echostr'])) {
    $wechatObj->valid();
} else {
    $wechatObj->responseMsg();
}

class wechatCallbackapi
{
    public function valid()
    {
        $echoStr = $_GET["echostr"];
        if ($this->checkSignature()) {
            echo $echoStr;
            exit;
        }
    }

    private function checkSignature()
    {
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];

        $token = TOKEN;
        $tmpArr = array($token, $timestamp, $nonce);
        sort($tmpArr);
        $tmpStr = implode($tmpArr);
        $tmpStr = sha1($tmpStr);

        if ($tmpStr == $signature) {
            return true;
        } else {
            return false;
        }
    }

    public function responseMsg()
    {
        $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

        if (!empty($postStr)) {
            $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
            $fromUsername = $postObj->FromUserName;
            $toUsername = $postObj->ToUserName;
            $keyword = trim($postObj->Content);
            $time = time();
            $textTpl = "<xml>
                        <ToUserName><![CDATA[%s]]></ToUserName>
                        <FromUserName><![CDATA[%s]]></FromUserName>
                        <CreateTime>%s</CreateTime>
                        <MsgType><![CDATA[%s]]></MsgType>
                        <Content><![CDATA[%s]]></Content>
                        <FuncFlag>0</FuncFlag>
                        </xml>";
            if ($keyword == "?" || $keyword == "?") {
                $msgType = "text";
                $contentStr = date("Y-m-d H:i:s", time());
                $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
                echo $resultStr;
            }
        } else {
            echo "";
            exit;
        }
    }
}

function traceHttp()
{
    logger("\n\nREMOTE_ADDR:" . $_SERVER["REMOTE_ADDR"] . (strstr($_SERVER["REMOTE_ADDR"], '101.226') ? " FROM WeiXin" : "Unknown IP"));
    logger("QUERY_STRING:" . $_SERVER["QUERY_STRING"]);
}
function logger($log_content)
{
    if (isset($_SERVER['HTTP_APPNAME'])) { //SAE
        sae_set_display_errors(false);
        sae_debug($log_content);
        sae_set_display_errors(true);
    } else { //LOCAL
        $max_size = 500000;
        $log_filename = "log.xml";
        if (file_exists($log_filename) and (abs(filesize($log_filename)) > $max_size)) {unlink($log_filename);}
        file_put_contents($log_filename, date('Y-m-d H:i:s') . $log_content . "\r\n", FILE_APPEND);
    }
}

Submit failed solution:

1. Or directly access the address you fill in the URL in the address bar.

2. Or add ob_clean() before echo of the valid() method;

public function valid()
{
    $echoStr = $_GET["echostr"];
    if ($this->checkSignature()) {
    	ob_clean();
        echo $echoStr;
        exit;
    }
}

3. Or set php header information

header("Content-Type:text/plain; charset=utf-8");

 

Published 10 original articles, won praise 13, visited 8116
Private letter follow

Posted by catnip_uk on Sat, 07 Mar 2020 06:13:21 -0800