php使用新浪微博API开发用户授权功能-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

php使用新浪微博API开发用户授权功能

PHPz

Jun 13, 2016 am 10:30 AM

新浪微博API开发的资源比较多，新浪微博提供了一个开发者的平台，它里面有很全面的新浪微博开发的资料，包括开发者的使用和介绍，各种语言的API函数介绍文档，SDK等多种资料。

首先，在新浪微博开放平台下载基于PHP的SDK开发包，将下载包放到开发环境中并解压，在其中也包含了demo演示程序，可以参考其样例程序进行编写。

新浪微博API开发最重要的用户授权过程

1.首先，获取未授权的Request Token

<span style="font-family: 微软雅黑,Microsoft YaHei;"> $o = new WeiboOAuth( WB_AKEY , WB_SKEY ); <br/>$keys = $o->getRequestToken(); <br/>//echo($keys[&#39;oauth_token&#39;].&#39; : &#39;.$keys[&#39;oauth_token_secret&#39;]);</span>

需要在新浪微博开放平台中注册一个帐号，或直接使用新浪微博帐号登录，进入应用，然后按照提示创建属于自己的第三方应用，创建完成之后可以得到两个授权的App Key和App Secret值，这两个值就是开发应用的关键。
得到授权值后，就可以利用上面的代码获得未授权的Request Token值了，它们会保存在$key数组变量中。

2.请求用户授权Token

<span style="font-family: 微软雅黑,Microsoft YaHei;">$_SESSION[&#39;keys&#39;] = $keys; <br/>aurl = $o->getAuthorizeURL( $keys[&#39;oauth_token&#39;] ,false , &#39;http://localhost/callback.php&#39;);</span>

得到未授权的Request Token值后，就利用上面的代码可以开始准备去新浪微博授权页面进行授权，$aurl就是授权链接页面，得到$aurl后就可以利用header()直接跳转到该授权页面，然后用户输入新浪微博帐号和密码进行授权，授权完成后，自动跳回你在最后一个参数里面设置的回调页面：http://localhost/callback.php，该链接你可以设置为上一个页面，这样授权完成之后就会自动又跳转回去了。

注意：设置session的keys的值是必须的，它在下面获取到授权的Access Token中是需要用到的。很多的朋友可能会参考其开放平台上面的说明来进行授权时，可发现总是出错，一般都是这个问题，你并未设置session的keys值，在下面当然取不到Access Token的值了，这个一定要记住了。

3.得到用户授权的Access Token

<span style="font-family: 微软雅黑,Microsoft YaHei;"><?php<br/>$o = new WeiboOAuth( WB_AKEY , <br/>WB_SKEY , <br/>$_SESSION[&#39;keys&#39;][&#39;oauth_token&#39;] , <br/>$_SESSION[&#39;keys&#39;][&#39;oauth_token_secret&#39;] ); <br/>$last_key = $o->getAccessToken( $_REQUEST[&#39;oauth_verifier&#39;] ) ; <br/>echo($last_key[&#39;oauth_token&#39;]); </span>

以上代码，最终获得了用户授权的Access Token，共两个值，它们保存在$last_key数组变量里面，也可以看到，后面的两个参数就是前面设置的session值。到此就基本完成了，这就是新浪微博用户授权的一个完整的过程。

授权完成后的工作

在授权完成之后，就可以开始调用新浪微博提供的各类API函数接口进行实际应用的开发了，在这里对获取最新微博记录这个接口作下简单说明，其他都类似。
获取最新新浪微博信息的API接口函数是：public_timeline()，样例代码看下面：

<span style="font-family: 微软雅黑,Microsoft YaHei;"> <?php<br/>//获取前20条最新更新的公共微博消息 <br/>$c = new WeiboClient( WB_AKEY , <br/>WB_SKEY , <br/>$oauth_token , <br/>$oauth_token_secret ); <br/>$msg = $c->public_timeline(); <br/>if ($msg === false || $msg === null){ <br/>echo "Error occured"; <br/>return false; <br/>} <br/>if (isset($msg[&#39;error_code&#39;]) && isset($msg[&#39;error&#39;])){ <br/>echo (&#39;Error_code: &#39;.$msg[&#39;error_code&#39;].&#39;; Error: &#39;.$msg[&#39;error&#39;] ); <br/>return false; <br/>} <br/>print_r($msg);<br/></span>

通常在得到用户授权的Access Token值之后，就把它们保存在的用户表中，与的应用中的帐号进行对应，之后在调用新浪微博各api接口时就不用每次都去认证了。

实例化WeiboClient对象，然后直接调用接口函数public_timeline就可以得到返回的信息，如果没有错误的话。通常新浪微博api接口返回的数据格式一般为Json格式或xml格式，而在此是用php进行开发，则使用Json格式的数据就有先天的优势，如果返回Json格式数据的话，直接使用php函数json_decode()就可以转换为php常用的array数组格式了。

更多相关教程请访问 php编程从入门到精通全套视频教程

Statement

This article is reproduced at:CSDN博客. If there is any infringement, please contact admin@php.cn delete

What are the advantages of using a database to store sessions?Apr 24, 2025 am 12:16 AM

The main advantages of using database storage sessions include persistence, scalability, and security. 1. Persistence: Even if the server restarts, the session data can remain unchanged. 2. Scalability: Applicable to distributed systems, ensuring that session data is synchronized between multiple servers. 3. Security: The database provides encrypted storage to protect sensitive information.

How do you implement custom session handling in PHP?Apr 24, 2025 am 12:16 AM

Implementing custom session processing in PHP can be done by implementing the SessionHandlerInterface interface. The specific steps include: 1) Creating a class that implements SessionHandlerInterface, such as CustomSessionHandler; 2) Rewriting methods in the interface (such as open, close, read, write, destroy, gc) to define the life cycle and storage method of session data; 3) Register a custom session processor in a PHP script and start the session. This allows data to be stored in media such as MySQL and Redis to improve performance, security and scalability.

What is a session ID?Apr 24, 2025 am 12:13 AM

SessionID is a mechanism used in web applications to track user session status. 1. It is a randomly generated string used to maintain user's identity information during multiple interactions between the user and the server. 2. The server generates and sends it to the client through cookies or URL parameters to help identify and associate these requests in multiple requests of the user. 3. Generation usually uses random algorithms to ensure uniqueness and unpredictability. 4. In actual development, in-memory databases such as Redis can be used to store session data to improve performance and security.

How do you handle sessions in a stateless environment (e.g., API)?Apr 24, 2025 am 12:12 AM

Managing sessions in stateless environments such as APIs can be achieved by using JWT or cookies. 1. JWT is suitable for statelessness and scalability, but it is large in size when it comes to big data. 2.Cookies are more traditional and easy to implement, but they need to be configured with caution to ensure security.

How can you protect against Cross-Site Scripting (XSS) attacks related to sessions?Apr 23, 2025 am 12:16 AM

To protect the application from session-related XSS attacks, the following measures are required: 1. Set the HttpOnly and Secure flags to protect the session cookies. 2. Export codes for all user inputs. 3. Implement content security policy (CSP) to limit script sources. Through these policies, session-related XSS attacks can be effectively protected and user data can be ensured.

How can you optimize PHP session performance?Apr 23, 2025 am 12:13 AM

Methods to optimize PHP session performance include: 1. Delay session start, 2. Use database to store sessions, 3. Compress session data, 4. Manage session life cycle, and 5. Implement session sharing. These strategies can significantly improve the efficiency of applications in high concurrency environments.

What is the session.gc_maxlifetime configuration setting?Apr 23, 2025 am 12:10 AM

Thesession.gc_maxlifetimesettinginPHPdeterminesthelifespanofsessiondata,setinseconds.1)It'sconfiguredinphp.iniorviaini_set().2)Abalanceisneededtoavoidperformanceissuesandunexpectedlogouts.3)PHP'sgarbagecollectionisprobabilistic,influencedbygc_probabi

How do you configure the session name in PHP?Apr 23, 2025 am 12:08 AM

In PHP, you can use the session_name() function to configure the session name. The specific steps are as follows: 1. Use the session_name() function to set the session name, such as session_name("my_session"). 2. After setting the session name, call session_start() to start the session. Configuring session names can avoid session data conflicts between multiple applications and enhance security, but pay attention to the uniqueness, security, length and setting timing of session names.

See all articles