웹사이트 위챗 로그인

<?php
//处理并返回微信用户信息类
class wx{
    //配置APP参数
    private $appid         = &#39;&#39;;
    private $secret        = &#39;&#39;;
    private $re_url        = &#39;&#39;;
    private $state         = &#39;state&#39;;
    private $access_token  = &#39;&#39;;
    private $openid        = &#39;&#39;;
 
    public function __construct()
    {
    }
 
    public function get_code()
    {
        $this->get_state();
        $url = &#39;https://open.weixin.qq.com/connect/qrconnect?appid=&#39;.$this->appid.&#39;&redirect_uri=&#39;.urlencode($this->re_url).&#39;&response_type=code&scope=snsapi_login&state=&#39;.$_SESSION[$this->state].&#39;#wechat_redirect&#39;;
        header(&#39;Location: &#39;.$url);
    }
 
    public function get_info($code,$state){
        $this->get_access_token($code,$state);
        $userinfo = $this->get_user_info();
        return  $userinfo;
    }
 
    /**
         * [get_access_token 获取access_token]
         * @param [string] $code [登陆后返回的$_GET[&#39;code&#39;]]
         * @return [array] [expires_in 为有效时间 , access_token 为授权码 ; 失败返回 error , error_description ]
         */
    public function get_access_token($code,$state)
    {
 
        //$this->is_state($state);
        //获取access_token
        $token_url           = &#39;https://api.weixin.qq.com/sns/oauth2/access_token?appid=&#39;.$this->appid.&#39;&secret=&#39;.$this->secret.&#39;&code=&#39;.$code.&#39;&grant_type=authorization_code&#39;;
        $result              = json_decode($this->_curl_get_content($token_url),true);
        $this->access_token  = $result[&#39;access_token&#39;];
        $this->openid        = $result[&#39;openid&#39;];
    }
        /**
         * [get_user_info 获取用户信息]
         * @param [string] $token [授权码]
         * @param [string] $openid [用户唯一ID]
         * @return [array] [ret：返回码，为0时成功。msg为错误信息,正确返回时为空。...params]
         */
    public function get_user_info()
    {
 
        $url              = &#39;https://api.weixin.qq.com/sns/userinfo?access_token=&#39;.$this->access_token.&#39;&openid=&#39;.$this->openid;
        $info             = json_decode($this->_curl_get_content($url), TRUE);
        $info1[&#39;name&#39;]    = $info[&#39;nickname&#39;];
        $info1[&#39;sex&#39;]     = $info[&#39;sex&#39;];
        $info1[&#39;img&#39;]     = $info[&#39;headimgurl&#39;];
        $info1[&#39;openid&#39;]  = $info[&#39;openid&#39;];
        $info1[&#39;unid&#39;]    = $info[&#39;unionid&#39;];
 
        return $info1;
    }
 
    private function _curl_get_content($url)
    {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        //设置超时时间为3s
        curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 3);
        $result = curl_exec($ch);
        curl_close($ch);
        return $result;
    }
 
    //生成随机参数
    private function get_state() {
        $str               = str_shuffle(&#39;qazxswedcvfrtgbnhyujmkiol123456789&#39;) . time();
        $_SESSION[&#39;state&#39;] = md5(md5($str));
    }
 
    //判断随机数
    private function is_state($state) {
        if($state!==$_SESSION[$this->state]){
           exit(&#39;随机数检验失败，疑似csrf攻击&#39;);
        }
    }
}