gaohang43
2016-05-27 15:56微信Token验证失败,用的SEA服务
10用微信官方代码,我修改了Token,同时也加了header('content-type:text');在
echo $echoStr;之前。但是还是验证失败
我又考虑了是不是没有在SEA官方认证的原因,我做了如下测试:
直接创建test.php内容为
<?php
$echoStr = $_GET["echostr"];
header('content-type:text');
echo $echoStr;
?>
直接就可以验证成功,所以说没有SEA实名认证这个原因说的有点牵强
求哪位大神可以解答一下为什么会认证失败:
<?php
/**
* wechat php test
*/
//define your token
define("TOKEN", "MyDaoHome");
$wechatObj = new wechatCallbackapiTest();
$wechatObj->valid();
class wechatCallbackapiTest
{
public function valid()
{
$echoStr = $_GET["echostr"];
//valid signature , option
if($this->checkSignature()){
header('content-type:text');
echo $echoStr;
exit;
}
}
public function responseMsg()
{
//get post data, May be due to the different environments
$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
//extract post data
if (!empty($postStr)){
/* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,
the best way is to check the validity of xml by yourself */
libxml_disable_entity_loader(true);
$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$keyword = trim($postObj->Content);
$time = time();
$textTpl = "<xml>
<ToUserName><![CDATA[%s]]></ToUserName>
<FromUserName><![CDATA[%s]]></FromUserName>
<CreateTime>%s</CreateTime>
<MsgType><![CDATA[%s]]></MsgType>
<Content><![CDATA[%s]]></Content>
<FuncFlag>0</FuncFlag>
</xml>";
if(!empty( $keyword ))
{
$msgType = "text";
$contentStr = "Welcome to wechat world!";
$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
echo $resultStr;
}else{
echo "Input something...";
}
}else {
echo "";
exit;
}
}
private function checkSignature()
{
// you must define TOKEN by yourself
if (!defined("TOKEN")) {
throw new Exception('TOKEN is not defined!');
}
$signature = $_GET["signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$token = TOKEN;
$tmpArr = array($token, $timestamp, $nonce);
// use SORT_STRING rule
sort($tmpArr, SORT_STRING);
$tmpStr = implode( $tmpArr );
$tmpStr = sha1( $tmpStr );
echo $tmpStr;
if( $tmpStr == $signature ){
return true;
}else{
return false;
}
}
}
?>
- 点赞
- 回答
- 收藏
- 复制链接分享
3条回答
为你推荐
- 用notepad++搭建后台服务器出现错误
- 小程序
- 微信公众平台
- 微信小程序
- 1个回答
- 发布操作失败,并显示“ CSRF令牌验证失败”错误
- sap
- csrf
- hybris
- 1个回答
- 用户Cookie验证随机失败
- cookies
- web
- 1个回答
- Symfony根据远程API对用户进行身份验证
- token
- authentication
- symfony
- php
- guard
- 2个回答
- 微信服务器二次修改的时候总是提示token验证失败
- 微信
- c#
- 2个回答
换一换