楼主现在在做一个小项目,特把项目中的文档分享给大家
<?php
/**
* encode by Charles Zhu
* hualuo@yinghualuo.cn
*/
//define your token
define("TOKEN", "weixin");
include_once("bae_db.php");
$wechatObj = new wechatCallbackapiTest();
if (!isset($_GET['echostr'])) {
$wechatObj->responseMsg();
} else {
$wechatObj->valid();
}
class wechatCallbackapiTest {
public function valid() {
$echoStr = $_GET["echostr"];
//valid signature , option
if ($this->checkSignature()) {
echo $echoStr;
exit;
}
}
public function responseMsg() {
//get post data, May be due to the different environments
$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];
//extract post data
if (!empty($postStr)) {
/* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,
the best way is to check the validity of xml by yourself */
libxml_disable_entity_loader(true);
$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);
$this->handlePostObj($postObj);
exit;
} else {
echo "";
exit;
}
}
private function checkSignature() {
// you must define TOKEN by yourself
if (!defined("TOKEN")) {
throw new Exception('TOKEN is not defined!');
}
$signature = $_GET["signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$token = TOKEN;
$tmpArr = array($token, $timestamp, $nonce);
// use SORT_STRING rule
sort($tmpArr, SORT_STRING);
$tmpStr = implode($tmpArr);
$tmpStr = sha1($tmpStr);
if ($tmpStr == $signature) {
return true;
} else {
return false;
}
}
// 区分接收到的消息类型,并导向不同目标函数
private function handlePostObj($postObj) {
$msgType = trim($postObj->MsgType);
// type : text,image,voice(recognition),video,shortvideo,location,link
switch ($msgType) {
case "event":
$this->receiveEvent($postObj);
break;
case "text":
$this->receiveTextMsg($postObj);
break;
case "image":
$this->receiveImageMsg($postObj);
break;
case "voice":
$this->receiveVoiceMsg($postObj);
break;
case "video":
$this->receiveVideoMsg($postObj);
break;
case "shortvideo":
$this->receiveShortvideoMsg($postObj);
break;
case "location":
$this->receiveLocationMsg($postObj);
break;
case "link":
$this->receiveLinkMsg($postObj);
break;
default :
$this->receiveOtherMsg($postObj);
}
// 更新最后一次操作时间
$this->update($postObj);
mysql_close($GLOBALS['db_link']);
exit;
}
// 接收事件函数
private function receiveEvent($postObj) {
$event = $postObj->Event;
switch ($event) {
case "subscribe":
$this->receiveSubscribeEvent($postObj);
break;
case "unsubscribe":
$this->receiveUnsubscribeEvent($postObj);
break;
case "SCAN":
$this->receiveScanEvent($postObj);
break;
case "LOCATION":
$this->receiveLocationEvent($postObj);
break;
case "CLICK":
$this->receiveClickEvent($postObj);
break;
case "VIEW":
$this->receiveViewEvent($postObj);
break;
default :
$this->receiveOtherEvent($postObj);
}
}
// 更新最后一次交互时间
private function update($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$sql_update ="UPDATE `{$GLOBALS['db_name']}`.`user` SET `last_interact_time` = '{$time}' WHERE `user`.`openid` = '{$openid}';";
mysql_query($sql_update, $GLOBALS['db_link']);
}
// 收到文本消息
private function receiveTextMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$content = trim($postObj->Content);
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord` (`time`,`openid`,`msg_id`,`msg_type`,`msg_text`) "
. "VALUES ('" . $time . "','" . $openid . "','" . $msg_id . "','text','" . $content . "');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("I have received your message:" . $postObj->Content, $postObj);
}
// 收到图片消息
private function receiveImageMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$pic_url = trim($postObj->PicUrl);
$media_id = trim($postObj->MediaId);
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord`(`time`,`openid`,`msg_id`,`msg_type`,`msg_image_id`,`msg_image_url`)"
. "VALUES ('" . $time . "','" . $openid . "','" . $msg_id . "','image','" . $media_id . "','" . $pic_url . "');";
mysql_query($sql_insert, $GLOBALS['db_link']);
// $this->responseTextMsg("I have received your pic,url:" . $pic_url . " ,media_id:" . $media_id, $postObj);
$this->responseImageMsg($media_id, $postObj);
}
// 收到语音消息
private function receiveVoiceMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$media_id = trim($postObj->MediaId);
$format = trim($postObj->Format);
$recognition = trim($postObj->Recognition);
if (empty($recognition) || !isset($recognition)) {
$recognition = "";
}
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord`"
. "(`time`,`openid`,`msg_id`,`msg_type`,`msg_voice_id`,`msg_voice_format`,`msg_voice_recognition`)values"
. "('" . $time . "','" . $openid . "','" . $msg_id . "','voice','" . $media_id . "','" . $format . "','" . $recognition . "');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("I have received your voice,format:" . $format . ",media_id:" . $media_id . ",recognition:" . $recognition, $postObj);
}
// 收到视频消息
private function receiveVideoMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$media_id = trim($postObj->MediaId);
$thumb_media_id = trim($postObj->ThumbMediaId);
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord`"
."(`time`,`openid`,`msg_id`,`msg_type`,`msg_video_id`,`msg_video_thumb_id`)values"
."('".$time."','".$openid."','".$msg_id."','video','$media_id','$thumb_media_id');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("I have received your video,media_id:".$media_id.",thumb_media_id:".$thumb_media_id,$postObj);
}
// 收到短视频消息
private function receiveShortvideoMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$media_id = trim($postObj->MediaId);
$thumb_media_id = trim($postObj->ThumbMediaId);
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord`"
."(`time`,`openid`,`msg_id`,`msg_type`,`msg_svideo_id`,`msg_svideo_thumb_id`)values"
."('".$time."','".$openid."','".$msg_id."','video','$media_id','$thumb_media_id');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("I have received your shortvideo,media_id:".$media_id.",thumb_media_id:".$thumb_media_id,$postObj);
}
// 收到位置消息
private function receiveLocationMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$location_x = trim($postObj->Location_X);
$location_y = trim($postObj->Location_Y);
$scale = trim($postObj->Scale);
$label = trim($postObj->Label);
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord`"
."(`time`,`openid`,`msg_id`,`msg_type`,`msg_location_x`,`msg_location_y`,`msg_location_scale`,`msg_location_label`)values"
."('".$time."','".$openid."','".$msg_id."','location','".$location_x."','".$location_y."','".$scale."','".$label."');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$sql_update = "UPDATE `{$GLOBALS['db_name']}`.`user` SET `last_longitude` = '{$location_y}',"
."`last_latitude` = '{$location_x}' ,`last_precision` = '{$scale}' WHERE `user`.`openid` = '{$openid}';";
mysql_query($sql_update, $GLOBALS['db_link']);
$this->responseTextMsg("I have received your location,x:".$location_x.",y:".$location_y.",scale:".$scale.",label:".$label,$postObj);
}
// 收到链接消息
private function receiveLinkMsg($postObj) {
$time = date("Y-m-d H:i:s", trim($postObj->CreateTime));
$openid = trim($postObj->FromUserName);
$msg_id = trim($postObj->MsgId);
$title = trim($postObj->Title);
$description = trim($postObj->Description);
$url = trim($postObj->Url);
$sql_insert = "INSERT INTO `" . $GLOBALS['db_name'] . "`.`msgRecord`"
."(`time`,`openid`,`msg_id`,`msg_type`,`msg_link_title`,`msg_link_description`,`msg_link_url`)values"
."('".$time."','".$openid."','".$msg_id."','link','".$title."','".$description."','".$url."');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("I have received your url,title:".$title.",description:".$description.",url:".$url,$postObj);
}
// 其他位置消息
private function receiveOtherMsg($postObj) {
$this->responseTextMsg("我还没学会这项技能,换个姿势吧!",$postObj);
}
// 收到关注事件 或者 含参数二维码关注
private function receiveSubscribeEvent($postObj) {
// 警告!重复关注的判断事件没有做
$openid = trim($postObj->FromUserName);
$time = date("Y-m-d H:i:s",trim($postObj->CreateTime));
$event_type = trim($postObj->Event);
$event_key = trim($postObj->EventKey);
$ticket = trim($postObj->Ticket);
$sql_query_openid = "SELECT COUNT( * ) from `user` where `openid` ='{$openid}'";
$count = mysql_query($sql_query_openid, $GLOBALS['db_link']);
$count = mysql_fetch_array($count);
$count = $count[0];
// 向事件表插入关注事件log
$sql_insert1 = "INSERT INTO `{$GLOBALS['db_name']}`.`eventRecord` (`time`, `openid`, `event_type`, `event_key`, `ticket`) "
. "VALUES ('{$time}', '{$openid}', '{$event_type}', '{$event_key}', '{$ticket}');";
mysql_query($sql_insert1, $GLOBALS['db_link']);
if($count == 0){
$sql_insert2 = "INSERT INTO `{$GLOBALS['db_name']}`.`user` (`openid`, `user_type`, `last_interact_time` ,`subscribe_time`) VALUES ".
"('{$openid}', 'unknown', '{$time}', '{$time}');";
mysql_query($sql_insert2, $GLOBALS['db_link']);
}else{
$sql_update = "UPDATE `{$GLOBALS['db_name']}`.`user` SET `last_interact_time` = '{$time}', `subscribe_time` = '{$time}' WHERE `user`.`openid` = '{$openid}'";
mysql_query($sql_update, $GLOBALS['db_link']);
}
// 判断是否为二维码来源
if(strlen($event_key) > 0 || strlen($ticket) > 0){
$this->responseTextMsg("欢迎关注,你的openid是:{$openid},ticketid:{$ticket}", $postObj);
}
else{
$this->responseTextMsg("欢迎关注,你的openid是:{$openid}", $postObj);
}
}
// 收到取消关注事件
private function receiveUnsubscribeEvent($postObj) {
$openid = trim($postObj->FromUserName);
$time = date("Y-m-d H:i:s",trim($postObj->CreateTime));
$event_type = trim($postObj->Event);
$sql_insert = "INSERT INTO `{$GLOBALS['db_name']}`.`eventRecord` (`time`, `openid`, `event_type`) "
. "VALUES ('{$time}', '{$openid}', '{$event_type}');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$sql_unsubscribe = "UPDATE `{$GLOBALS['db_name']}`.`user` SET `unsubscribe_time` = '{$time}' WHERE `user`.`openid` = '{$openid}'";
mysql_query($sql_unsubscribe, $GLOBALS['db_link']);
echo "";
}
// 收到已关注用户,扫描二维码事件 关键字段event_key 关键字SCAN
private function receiveScanEvent($postObj) {
$openid = trim($postObj->FromUserName);
$time = date("Y-m-d H:i:s",trim($postObj->CreateTime));
$event_type = trim($postObj->Event);
$event_key = trim($postObj->EventKey);
$ticket = trim($postObj->Ticket);
$sql_insert = "INSERT INTO `{$GLOBALS['db_name']}`.`eventRecord` (`time`, `openid`, `event_type`, `event_key`, `ticket`) "
. "VALUES ('{$time}', '{$openid}', '{$event_type}', '{$event_key}', '{$ticket}');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("你是从含参数二维码扫描的,二维码ticket:{$openid}", $postObj);
}
// 收到用户被动位置事件,需要用户同意公众号允许获取地理位置
private function receiveLocationEvent($postObj) {
$openid = trim($postObj->FromUserName);
$time = date("Y-m-d H:i:s",trim($postObj->CreateTime));
$event_type = trim($postObj->Event);
$latitude = trim($postObj->Latitude);
$longitude = trim($postObj->Longitude);
$precision = trim($postObj->Precision);
$sql_insert = "INSERT INTO `{$GLOBALS['db_name']}`.`eventRecord` (`time`, `openid`, `event_type`, `latitude`, `longitude`, `precision`) "
. "VALUES('{$time}', '{$openid}', '{$event_type}', '{$latitude}', '{$longitude}', '{$precision}');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$sql_update = "UPDATE `{$GLOBALS['db_name']}`.`user` SET `last_longitude` = '{$longitude}', `last_latitude` = '{$latitude}', `last_precision` = '{$precision}' WHERE `user`.`openid` = '{$openid}';";
mysql_query($sql_update, $GLOBALS['db_link']);
$this->responseTextMsg("收到你的位置被动事件,纬度:{$latitude},经度:{$longitude},精确度:{$precision}", $postObj);
}
// 收到菜单点击事件
private function receiveClickEvent($postObj) {
$openid = trim($postObj->FromUserName);
$time = date("Y-m-d H:i:s",trim($postObj->CreateTime));
$event_type = trim($postObj->Event);
$event_key = trim($postObj->EventKey);
$sql_insert = "INSERT INTO `{$GLOBALS['db_name']}`.`eventRecord` (`time`, `openid`, `event_type`, `event_key`) "
. "VALUES('{$time}', '{$openid}', '{$event_type}', '{$event_key}');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("收到你的菜单点击事件:key:{$event_key}", $postObj);
}
// 收到点击菜单跳转链接时的事件
private function receiveViewEvent($postObj) {
$openid = trim($postObj->FromUserName);
$time = date("Y-m-d H:i:s",trim($postObj->CreateTime));
$event_type = trim($postObj->Event);
$event_key = trim($postObj->EventKey);
$sql_insert = "INSERT INTO `{$GLOBALS['db_name']}`.`eventRecord` (`time`, `openid`, `event_type`, `event_key`) "
. "VALUES('{$time}', '{$openid}', '{$event_type}', '{$event_key}');";
mysql_query($sql_insert, $GLOBALS['db_link']);
$this->responseTextMsg("收到你的点击菜单跳转链接事件:key:{$event_key}", $postObj);
}
// 收到其他未知事件
private function receiveOtherEvent($postObj) {
$this->responseTextMsg("我还没学会这项技能,换个姿势吧!",$postObj);
}
// 回复文字消息
private function responseTextMsg($text, $postObj) {
$textTpl = "<xml>"
. "<ToUserName><![CDATA[%s]]></ToUserName>"
. "<FromUserName><![CDATA[%s]]></FromUserName>"
. "<CreateTime>%s</CreateTime>"
. "<MsgType><![CDATA[%s]]></MsgType>"
. "<Content><![CDATA[%s]]></Content>"
. "<FuncFlag>0</FuncFlag>"
. "</xml>";
$msgType = "text";
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$time = time();
if (!isset($text) || empty($text)) {
echo "";
exit;
}
// 这里的$fromUsername 和 $toUsername 是来自微信发来的,发回去就要相互对调一下!!!!
$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $text);
echo $resultStr;
}
// 回复图片消息 没有测试
private function responseImageMsg($image_media_id, $postObj)
{
$imageTpl = "<xml>"
. "<ToUserName><![CDATA[%s]]></ToUserName>"
. "<FromUserName><![CDATA[%s]]></FromUserName>"
. "<CreateTime>%s</CreateTime>"
. "<MsgType><![CDATA[%s]]></MsgType>"
. "<Image><MediaId><![CDATA[%s]]></MediaId></Image>"
. "</xml>";
$msgType = "image";
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$time = time();
// 这里的$fromUsername 和 $toUsername 是来自微信发来的,发回去就要相互对调一下!!!!
$resultStr = sprintf($imageTpl, $fromUsername, $toUsername, $time, $msgType, $image_media_id);
echo $resultStr;
}
// 回复语音消息 没有测试
private function responseVoiceMsg($voice_media_id, $postObj)
{
$voiceTpl = "<xml>"
. "<ToUserName><![CDATA[%s]]></ToUserName>"
. "<FromUserName><![CDATA[%s]]></FromUserName>"
. "<CreateTime>%s</CreateTime>"
. "<MsgType><![CDATA[%s]]></MsgType>"
. "<Voice><MediaId><![CDATA[%s]]></MediaId></Voice>"
. "</xml>";
$msgType = "voice";
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$time = time();
// 这里的$fromUsername 和 $toUsername 是来自微信发来的,发回去就要相互对调一下!!!!
$resultStr = sprintf($voiceTpl, $fromUsername, $toUsername, $time, $msgType, $voice_media_id);
echo $resultStr;
}
// 回复视频消息 没有测试 $video_title,$video_description这两个参数可以为空
private function responseVideoMsg($video_meida_id, $video_title, $video_description, $postObj)
{
$videoTpl = "<xml>"
. "<ToUserName><![CDATA[$s]]></ToUserName>"
. "<FromUserName><![CDATA[$s]]></FromUserName>"
. "<CreateTime>$s</CreateTime>"
. "<MsgType><![CDATA[$s]]></MsgType>"
. "<Video>"
. "<MediaId><![CDATA[$s]]></MediaId>"
. "<Title><![CDATA[$s]]></Title>"
. "<Description><![CDATA[$s]]></Description>"
. "</Video>"
. "</xml>";
$msgType = "video";
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$time = time();
// 这里的$fromUsername 和 $toUsername 是来自微信发来的,发回去就要相互对调一下!!!!
$resultStr = sprintf($videoTpl, $fromUsername, $toUsername, $time, $msgType, $video_meida_id, $video_title, $video_description);
echo $resultStr;
}
// 回复音乐消息 没有测试 $music_title、$music_description、$music_url、$hdmusic_url可以省略
private function responseMusicMsg($music_title, $music_description, $music_url, $hdmusic_url, $music_thumb_media_id, $postObj)
{
$musicTpl = "<xml>"
."<ToUserName><![CDATA[%s]]></ToUserName>"
."<FromUserName><![CDATA[%s]]></FromUserName>"
."<CreateTime>%s</CreateTime>"
."<MsgType><![CDATA[%s]]></MsgType>"
."<Music>"
."<Title><![CDATA[%s]]></Title>"
."<Description><![CDATA[%s]]></Description>"
."<MusicUrl><![CDATA[%s]]></MusicUrl>"
."<HQMusicUrl><![CDATA[%s]]></HQMusicUrl>"
."<ThumbMediaId><![CDATA[%s]]></ThumbMediaId>"
."</Music>"
."</xml>";
$msgType = "music";
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$time = time();
$resultStr = sprintf($musicTpl, $fromUsername, $toUsername, $time, $msgType,
$music_title, $music_description, $music_url, $hdmusic_url ,$music_thumb_media_id);
echo $resultStr;
}
// 回复图文消息 没有测试
private function resposeArticlesMsg($articlesObj,$postObj)
{
// 判断$articlesObj是否为数组
if(!is_array($articlesObj))
{
echo "";
exit ;
} else {
$msgType = "news";
$fromUsername = $postObj->FromUserName;
$toUsername = $postObj->ToUserName;
$time = time();
$count = count($articlesObj);
// 图文item模板
$itemTpl = "<Music>
<Title><![CDATA[%s]]></Title>
<Description><![CDATA[%s]]></Description>
<MusicUrl><![CDATA[%s]]></MusicUrl>
<HQMusicUrl><![CDATA[%s]]></HQMusicUrl>
</Music>";
// 整体模板
$articleTpl = "<xml>
<ToUserName><![CDATA[%s]]></ToUserName>
<FromUserName><![CDATA[%s]]></FromUserName>
<CreateTime>%s</CreateTime>
<MsgType><![CDATA[%s]]></MsgType>
<ArticleCount>%s</ArticleCount>
<Articles>%s</Articles>
</xml>";
$item_str = "";
foreach ($articlesObj as $item){
$item_str .= sprintf($itemTpl, $item['Title'], $item['Description'], $item['PicUrl'], $item['Url']);
}
$resultStr = sprintf($articleTpl, $fromUsername, $toUsername, $time, $msgType, $count, $item_str);
echo $resultStr;
}
}
// 发送消息用的,以后可以在这里添加加密的东西
private function resposeMsg($content)
{
echo $content;
}
}?>
<span style="font-family: Arial, Helvetica, sans-serif; background-color: rgb(255, 255, 255);">已经调试过了,之前楼主使用方倍工作室的SDK有问题,他没有测试调试好,蛋疼。。。附上db_bae.php</span>
<?php
// 写死到文件里面,如果放到数据库中,每次查询会增加数据库压力
define("appID", "wxc87a9c73536?????");
define("appsecret","6036ad004cbaa1b1ef5079ffee4?????");
/*替换为你自己的数据库名*/
$db_name = 'gvGAiDLkiAoflA?????';
/*填入数据库连接信息*/
$db_host = 'sqld.duapp.com';
$db_port = 4050;
$db_user = '192abbcce33a469dae61bbb05??????';//用户AK
$db_pwd = '73b83a3facc046eea5b7f9266??????';//用户SK
/*以上信息都可以在数据库详情页查找到*/
/*接着调用mysql_connect()连接服务器*/
$db_link = @mysql_connect("{$db_host}:{$db_port}",$db_user,$db_pwd,true);
if(!$db_link) {
die("Connect Server Failed: " . mysql_error());
}
/*连接成功后立即调用mysql_select_db()选中需要连接的数据库*/
if(!mysql_select_db($db_name,$db_link)) {
die("Select Database Failed: " . mysql_error($link));
}
?>