<?php /** * wechat php test *///define your tokendefine( "TOKEN", "weixin" );$wechatObj = new wechatCallbackapiTest();if ( !isset( $_GET['echostr'] ) ) { $wechatObj->responseMsg();}else { $wechatObj->valid();}class wechatCallbackapiTest { public function valid() { $echoStr = $_GET["echostr"]; //valid signature , option if ( $this->checkSignature() ) { echo $echoStr; exit; } } public function responseMsg() { //get post data, May be due to the different environments $postStr = $GLOBALS["HTTP_RAW_POST_DATA"]; //extract post data if ( !empty( $postStr ) ) { /* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection, the best way is to check the validity of xml by yourself */ libxml_disable_entity_loader( true ); $postObj = simplexml_load_string( $postStr, 'SimpleXMLElement', LIBXML_NOCDATA ); $RX_TYPE = trim( $postObj->MsgType ); switch ( $RX_TYPE ) { case "text": $resultStr = $this->receiveText( $postObj ); break; case "event": $resultStr = $this->receiveEvent( $postObj ); break; default: $resultStr = ""; break; } echo $resultStr; } else { echo ""; exit; } } private function receiveText( $object ) { $getkeyword = $object->Content; switch ( $getkeyword ) { case '产品': $funcFlag = 0; $contentStr = "产品链接:"; $resultStr = $this->transmitText( $object, $contentStr, $funcFlag ); break; case '新闻': $funcFlag = 0; $contentStr ="新闻链接:"; $resultStr = $this->transmitText( $object, $contentStr, $funcFlag ); break; case '方案': $funcFlag = 0; $contentStr ="方案链接:"; $resultStr = $this->transmitText( $object, $contentStr, $funcFlag ); break; case '我们': $funcFlag = 0; $contentStr ="我们链接:"; $resultStr = $this->transmitText( $object, $contentStr, $funcFlag ); break; default: break; } return $resultStr; } private function receiveEvent( $object ) { $contentStr = ""; switch ( $object->Event ) { case "subscribe": $contentStr = "欢迎您关注xxx"; case "unsubscribe": break; case "CLICK": switch ( $object->EventKey ) { case "V1001_GETCODE": $contentStr = "xxx"; break; case "V1002_HISTORY": $contentStr[] = array( "Title" =>"最后一条历史记录", "Description" =>"xxx", "PicUrl" =>"xxx", "Url" =>"xxx" ); break; case "V2001_INTERDUCE": $contentStr[] = array( "Title" =>"xxx", "Description" =>"xxx", "Url" =>"" ); break; case "V3001_JOIN": $getuid = $this->getUid( $object ); if ( $getuid==1 ) { $contentStr = 'Could not connect: '.mysql_error(); }else { $contentStr = "唯一码:".$getuid; } break; default: $contentStr[] = array( "Title" =>"默认菜单回复", "Description" =>"xxx", "PicUrl" =>"xxx", "Url" =>"xxx" ); break; } break; default: break; } if ( is_array( $contentStr ) ) { $resultStr = $this->transmitNews( $object, $contentStr ); }else { $resultStr = $this->transmitText( $object, $contentStr ); } return $resultStr; } private function transmitText( $object, $content, $funcFlag = 0 ) { $textTpl = "<xml> <tousername></tousername> <fromusername></fromusername> <createtime>%s</createtime> <msgtype></msgtype> <content></content> <funcflag>%d</funcflag> </xml>"; $resultStr = sprintf( $textTpl, $object->FromUserName, $object->ToUserName, time(), $content, $funcFlag ); return $resultStr; } private function transmitNews( $object, $arr_item, $funcFlag = 0 ) { if ( !is_array( $arr_item ) ) return; $itemTpl = "<item> <title></title> <description></description> <picurl></picurl> <url></url> </item>"; $item_str = ""; foreach ( $arr_item as $item ) $item_str .= sprintf( $itemTpl, $item['Title'], $item['Description'], $item['PicUrl'], $item['Url'] ); $newsTpl = "<xml> <tousername></tousername> <fromusername></fromusername> <createtime>%s</createtime> <msgtype></msgtype> <content></content> <articlecount>%s</articlecount> <articles>$item_str</articles> <funcflag>%s</funcflag> </xml>"; $resultStr = sprintf( $newsTpl, $object->FromUserName, $object->ToUserName, time(), count( $arr_item ), $funcFlag ); return $resultStr; } /* 生成唯一码*/ public function getUid( $object ) { $getOpenid = $object->FromUserName; $con = mysql_connect( "localhost", "root", "xxx" ); mysql_select_db( "xxx", $con ); if ( !$con ) { return 1; } $flag = true; $getUserresult = mysql_query( "SELECT * FROM loginuser WHERE openid = '".$getOpenid."'" ); $getuserrow = mysql_num_rows( $getUserresult ); if ( $getuserrow>0 ) { $userrow = mysql_fetch_array( $getUserresult ); if ( $userrow['state']==0 ) { return $userrow['userPassword']."[未完成考试]"; $flag = false; }else { return $userrow['userPassword']."[已完成考试]"; $flag = false; } } /* 循环确定唯一性 */ while ( $flag ) { $uid = uniqid( true ); $uid = substr( $uid, -8 ); $result = mysql_query( "SELECT * FROM loginuser where userPassword = '".$uid."'" ); $row = mysql_num_rows( $result ); if ( $row == 0 ) { mysql_query( "INSERT INTO loginuser (userPassword,state,openid) VALUES ('".$uid."','0','".$getOpenid."')" ); mysql_close( $con ); return $uid; $flag =false; } } } private function getUidtest( $object ) { return $object->FromUserName; } private function checkSignature() { // you must define TOKEN by yourself if ( !defined( "TOKEN" ) ) { throw new Exception( 'TOKEN is not defined!' ); } $signature = $_GET["signature"]; $timestamp = $_GET["timestamp"]; $nonce = $_GET["nonce"]; $token = TOKEN; $tmpArr = array( $token, $timestamp, $nonce ); // use SORT_STRING rule sort( $tmpArr, SORT_STRING ); $tmpStr = implode( $tmpArr ); $tmpStr = sha1( $tmpStr ); if ( $tmpStr == $signature ) { return true; }else { return false; } }}?>