Home >Backend Development >PHP Problem >What should I do if php token verification fails?

What should I do if php token verification fails?

coldplay.xixi
coldplay.xixiOriginal
2020-07-10 11:54:253703browse

Solution to the failure of php token verification: 1. Ensure that the added server is China Unicom and the URL is accessible; 2. The token cannot be repeated; 3. When the token on the server needs to be changed, it must be the same as the one on the configuration form. consistent.

What should I do if php token verification fails?

Solution to php token verification failure:

Attached here are the configuration form and information about token verification failure.

What should I do if php token verification fails?

Later I read the document, as follows

What should I do if php token verification fails?

To return parameters to WeChat, if the return is successful, it becomes Developer;

So I prepared the following code

respond.php:
<?php
/**
  * wechat php test
  */
 
//define your token
define("TOKEN", "hwqhwq");
$wechatObj = new wechatCallbackapiTest();
$wechatObj->valid();
 
class wechatCallbackapiTest
{
    public function valid()
    {
        $echoStr = $_GET["echostr"];
 
        //valid signature , option
        if($this->checkSignature()){
            echo $echoStr;
            exit;
        }
    }
 
    public function responseMsg()
    {
        //get post data, May be due to the different environments
        $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
 
          //extract post data
        if (!empty($postStr)){
                 
                  $postObj = simplexml_load_string($postStr, &#39;SimpleXMLElement&#39;, LIBXML_NOCDATA);
                $fromUsername = $postObj->FromUserName;
                $toUsername = $postObj->ToUserName;
                $keyword = trim($postObj->Content);
                $time = time();
                $textTpl = "<xml>
                            <ToUserName><![CDATA[%s]]></ToUserName>
                            <FromUserName><![CDATA[%s]]></FromUserName>
                            <CreateTime>%s</CreateTime>
                            <MsgType><![CDATA[%s]]></MsgType>
                            <Content><![CDATA[%s]]></Content>
                            <FuncFlag>0</FuncFlag>
                            </xml>";             
                if(!empty( $keyword ))
                {
                      $msgType = "text";
                    $contentStr = "Welcome to wechat world!";
                    $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);
                    echo $resultStr;
                }else{
                    echo "Input something...";
                }
 
        }else {
            echo "";
            exit;
        }
    }
         
    private function checkSignature()
    {
        $signature = $_GET["signature"];
        $timestamp = $_GET["timestamp"];
        $nonce = $_GET["nonce"];    
                 
        $token = TOKEN;
        $tmpArr = array($token, $timestamp, $nonce);
        sort($tmpArr);
        $tmpStr = implode( $tmpArr );
        $tmpStr = sha1( $tmpStr );
         
        if( $tmpStr == $signature ){
            return true;
        }else{
            return false;
        }
    }
}
 
?>

As long as there are two conditions, the verification can be successful

1. Your server must be Yes, it ensures that your URL can be accessed.

2. It is best not to duplicate the token with others;

3. The token on the server needs to be changed. It must be the same as the one on the configuration form, and they can correspond.

Related learning recommendations: PHP programming from entry to proficiency

The above is the detailed content of What should I do if php token verification fails?. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn