微信公众平台示例代码分析-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

微信公众平台示例代码分析

PHP中文网

Mar 29, 2017 pm 04:33 PM

phpMicro-channel public platform

这篇文章主要为大家详细介绍了php微信公众平台示例代码,具有一定的参考价值，感兴趣的小伙伴们可以参考一下

一、摘要

微信公众平台提供了一个简单的php示例代码，在做进一步开发之前，我们有必要将其详细了解一下。

二、获取代码

三、分析代码

完整代码如下：

<?php
/**
 * wechat php test
 */

//define your token
define("TOKEN", "weixin");
$wechatObj = new wechatCallbackapiTest();
$wechatObj->valid();

class wechatCallbackapiTest
{
 public function valid()
 {
  $echoStr = $_GET["echostr"];

  //valid signature , option
  if($this->checkSignature()){
   echo $echoStr;
   exit;
  }
 }

 public function responseMsg()
 {
  //get post data, May be due to the different environments
  $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

  //extract post data
  if (!empty($postStr)){
    
    $postObj = simplexml_load_string($postStr, &#39;SimpleXMLElement&#39;, LIBXML_NOCDATA);
    $fromUsername = $postObj->FromUserName;
    $toUsername = $postObj->ToUserName;
    $keyword = trim($postObj->Content);
    $time = time();
    $textTpl = "<xml>
       <ToUserName><![CDATA[%s]]></ToUserName>
       <FromUserName><![CDATA[%s]]></FromUserName>
       <CreateTime>%s</CreateTime>
       <MsgType><![CDATA[%s]]></MsgType>
       <Content><![CDATA[%s]]></Content>
       <FuncFlag>0</FuncFlag>
       </xml>";    
    if(!empty( $keyword ))
    {
     $msgType = "text";
     $contentStr = "Welcome to wechat world!";
     $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
     echo $resultStr;
    }else{
     echo "Input something...";
    }

  }else {
   echo "";
   exit;
  }
 }
  
 private function checkSignature()
 {
  $signature = $_GET["signature"];
  $timestamp = $_GET["timestamp"];
  $nonce = $_GET["nonce"]; 
    
  $token = TOKEN;
  $tmpArr = array($token, $timestamp, $nonce);
  sort($tmpArr);
  $tmpStr = implode( $tmpArr );
  $tmpStr = sha1( $tmpStr );
  
  if( $tmpStr == $signature ){
   return true;
  }else{
   return false;
  }
 }
}

?>

3.1 整体分析

原始示例代码大致分为四个部分：

定义TOKEN
声明一个类 wechatCallbackapiTest
创建类wechatCallbackapiTest 的一个实例对象 $wechatObj
调用类的 valid() 方法。

3.2 详细分析

3.2.1 定义TOKEN

define("TOKEN", "weixin");

define 是用来给常量赋值的函数，这句话的意思是赋予“TOKEN”这个常量值为“weixin”。

TOKEN 是用来进行交互安全认证的，开发者可以随意定义，要和公众平台里设置的一样。

3.2.2 声明一个类

class wechatCallbackapiTest{
}

声明一个类 wechatCallbackapiTest，该类中包含有三个方法（函数）。

a. public function valid()

用于申请成为开发者时向微信发送验证信息。

b. public function responseMsg()

处理并回复用户发送过来的消息，也是用的最多的一个函数，几乎所有的功能都在这里实现。

responseMsg 函数详解：

$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];

接收微信公众平台发送过来的用户消息，该消息数据结构为XML，不是php默认的识别数据类型，因此这里用了$GLOBALS['HTTP_RAW_POST_DATA']来接收，同时赋值给了$postStr

if (!empty($postStr))
判断$postStr是否为空，如果不为空（接收到了数据），就继续执行下面的语句;如果为空，则跳转到与之相对应的else语句。

$postObj = simplexml_load_string($postStr, &#39;SimpleXMLElement&#39;, LIBXML_NOCDATA);

使用simplexml_load_string() 函数将接收到的XML消息数据载入对象$postObj中。这个严谨的写法后面还得加个判断是否载入成功的条件语句，不过不写也没事。

$fromUsername = $postObj->FromUserName;

将对象$postObj中的发送消息用户的OPENID赋值给$fromUsername变量

$toUsername = $postObj->ToUserName;

将对象$postObj中的公众账号的ID赋值给$toUsername变量

$keyword = trim($postObj->Content);

trim() 函数从字符串的两端删除空白字符和其他预定义字符，这里就可以得到用户输入的关键词

$time = time();

time() 函数返回当前时间的 Unix 时间戳，即自从 Unix 纪元（格林威治时间 1970 年 1 月 1 日 00:00:00）到当前时间的秒数。

$textTpl = "<xml>
　　　　　　　<ToUserName><![CDATA[%s]]></ToUserName>
　　　　　　　<FromUserName><![CDATA[%s]]></FromUserName>
　　　　　　 <CreateTime>%s</CreateTime>
　　　　　　　<MsgType><![CDATA[%s]]></MsgType>
　　　　　　　<Content><![CDATA[%s]]></Content>
　　　　　　　<FuncFlag>0</FuncFlag>
　　　　　　　</xml>";

存放微信输出内容的模板

if(!empty( $keyword ))

判断$keyword是否为空，不为空则继续执行下面的语句;如果为空，则跳转到与之相对应的else语句，即 echo "Input something...";

$msgType = "text";

消息类型是文本类型

$contentStr = "Welcome to wechat world!";

回复的消息内容

$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);

使用sprintf() 函数将格式化的数据写入到变量中去;
$fromUsername, $toUsername, $time, $msgType, $contentStr 分别顺序替换模板里“%s”位置，也即是“$resultStr”这个变量最后实际为：

<xml>
<ToUserName><![CDATA[$toUsername]]></ToUserName>
<FromUserName><![CDATA[$fromUsername]]></FromUserName>
<CreateTime>$time</CreateTime>
<MsgType><![CDATA[$msgType]]></MsgType>
<Content><![CDATA[$contentStr]]></Content>
<FuncFlag>0</FuncFlag>  //位0x0001被标志时，星标刚收到的消息。
</xml>

echo $resultStr; //把回复的消息输出

c. private function checkSignature()

开发者通过检验signature对请求进行校验（下面有校验方式）。若确认此次GET请求来自微信服务器，请求原样返回echostr参数内容，则接入生效，否则接入失败。

signature结合了开发者填写的token参数和请求中的timestamp参数、nonce参数。

加密/校验流程：
1. 将token、timestamp、nonce三个参数进行字典序排序
2. 将三个参数字符串拼接成一个字符串进行sha1加密
3. 开发者获得加密后的字符串可与signature对比，标识该请求来源于微信
3.2.3 创建实例对象

$wechatObj = new wechatCallbackapiTest();

3.2.4 调用类方法验证

$wechatObj->valid();

调用类的valid()方法执行接口验证，接口设置成功后将其注释掉。

四、总结

以上是对微信官方示例代码的一个分析，有解释不对的地方，还请高手指出。另外，该代码只是官方给出的简单示例代码，如果要做复杂的开发，还是要求开发者按照严谨的开发模式改写该段代码，会在后续教程中娓娓道来。

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

PHP Performance Tuning for High Traffic WebsitesMay 14, 2025 am 12:13 AM

ThesecrettokeepingaPHP-poweredwebsiterunningsmoothlyunderheavyloadinvolvesseveralkeystrategies:1)ImplementopcodecachingwithOPcachetoreducescriptexecutiontime,2)UsedatabasequerycachingwithRedistolessendatabaseload,3)LeverageCDNslikeCloudflareforservin

Dependency Injection in PHP: Code Examples for BeginnersMay 14, 2025 am 12:08 AM

You should care about DependencyInjection(DI) because it makes your code clearer and easier to maintain. 1) DI makes it more modular by decoupling classes, 2) improves the convenience of testing and code flexibility, 3) Use DI containers to manage complex dependencies, but pay attention to performance impact and circular dependencies, 4) The best practice is to rely on abstract interfaces to achieve loose coupling.

PHP Performance: is it possible to optimize the application?May 14, 2025 am 12:04 AM

Yes,optimizingaPHPapplicationispossibleandessential.1)ImplementcachingusingAPCutoreducedatabaseload.2)Optimizedatabaseswithindexing,efficientqueries,andconnectionpooling.3)Enhancecodewithbuilt-infunctions,avoidingglobalvariables,andusingopcodecaching

PHP Performance Optimization: The Ultimate GuideMay 14, 2025 am 12:02 AM

ThekeystrategiestosignificantlyboostPHPapplicationperformanceare:1)UseopcodecachinglikeOPcachetoreduceexecutiontime,2)Optimizedatabaseinteractionswithpreparedstatementsandproperindexing,3)ConfigurewebserverslikeNginxwithPHP-FPMforbetterperformance,4)

PHP Dependency Injection Container: A Quick StartMay 13, 2025 am 12:11 AM

APHPDependencyInjectionContainerisatoolthatmanagesclassdependencies,enhancingcodemodularity,testability,andmaintainability.Itactsasacentralhubforcreatingandinjectingdependencies,thusreducingtightcouplingandeasingunittesting.

Dependency Injection vs. Service Locator in PHPMay 13, 2025 am 12:10 AM

Select DependencyInjection (DI) for large applications, ServiceLocator is suitable for small projects or prototypes. 1) DI improves the testability and modularity of the code through constructor injection. 2) ServiceLocator obtains services through center registration, which is convenient but may lead to an increase in code coupling.

PHP performance optimization strategies.May 13, 2025 am 12:06 AM

PHPapplicationscanbeoptimizedforspeedandefficiencyby:1)enablingopcacheinphp.ini,2)usingpreparedstatementswithPDOfordatabasequeries,3)replacingloopswitharray_filterandarray_mapfordataprocessing,4)configuringNginxasareverseproxy,5)implementingcachingwi

PHP Email Validation: Ensuring Emails Are Sent CorrectlyMay 13, 2025 am 12:06 AM

PHPemailvalidationinvolvesthreesteps:1)Formatvalidationusingregularexpressionstochecktheemailformat;2)DNSvalidationtoensurethedomainhasavalidMXrecord;3)SMTPvalidation,themostthoroughmethod,whichchecksifthemailboxexistsbyconnectingtotheSMTPserver.Impl

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

How to fix KB5055612 fails to install in Windows 10?

4 weeks agoByDDD

Roblox: Grow A Garden - Complete Mutation Guide

3 weeks agoByDDD

Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Nordhold: Fusion System, Explained

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Mandragora: Whispers Of The Witch Tree - How To Unlock The Grappling Hook

3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

SublimeText3 English version

Recommended: Win version, supports code prompts!

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.