代碼筆記 | 網站微信登錄

<?php
//處理並返回微信用戶信息類
class wx{
    //配置APP參數
    private $appid         = '';
    private $secret        = '';
    private $re_url        = '';
    private $state         = 'state';
    private $access_token  = '';
    private $openid        = '';
  
    public function __construct()
    {
    }
  
    public function get_code()
    {
        $this->get_state();
        $url = 'https://open.weixin.qq.com/connect/qrconnect?appid='.$this->appid.'&redirect_uri='.urlencode($this->re_url).'&response_type=code&scope=snsapi_login&state='.$_SESSION[$this->state].'#wechat_redirect';
        header('Location: '.$url);
    }
  
    public function get_info($code,$state){
        $this->get_access_token($code,$state);
        $userinfo = $this->get_user_info();
        return  $userinfo;
    }
  
    /**
         * [get_access_token 獲取access_token]
         * @param [string] $code [登陸後返回的$_GET['code']]
         * @return [array] [expires_in 爲有效時間 , access_token 爲授權碼 ; 失敗返回 error , error_description ]
         */
    public function get_access_token($code,$state)
    {
  
        //$this->is_state($state);
        //獲取access_token
        $token_url           = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.$this->appid.'&secret='.$this->secret.'&code='.$code.'&grant_type=authorization_code';
        $result              = json_decode($this->_curl_get_content($token_url),true);
        $this->access_token  = $result['access_token'];
        $this->openid        = $result['openid'];
    }
        /**
         * [get_user_info 獲取用戶信息]
         * @param [string] $token [授權碼]
         * @param [string] $openid [用戶唯一ID]
         * @return [array] [ret：返回碼，爲0時成功。msg爲錯誤信息,正確返回時爲空。...params]
         */
    public function get_user_info()
    {
  
        $url              = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$this->access_token.'&openid='.$this->openid;
        $info             = json_decode($this->_curl_get_content($url), TRUE);
        $info1['name']    = $info['nickname'];
        $info1['sex']     = $info['sex'];
        $info1['img']     = $info['headimgurl'];
        $info1['openid']  = $info['openid'];
        $info1['unid']    = $info['unionid'];
  
        return $info1;
    }
  
    private function _curl_get_content($url)
    {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_URL, $url);
        //設置超時時間爲3s
        curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 3);
        $result = curl_exec($ch);
        curl_close($ch);
        return $result;
    }
  
    //生成隨機參數
    private function get_state() {
        $str               = str_shuffle('qazxswedcvfrtgbnhyujmkiol123456789') . time();
        $_SESSION['state'] = md5(md5($str));
    }
  
    //判斷隨機數
    private function is_state($state) {
        if($state!==$_SESSION[$this->state]){
           exit('隨機數檢驗失敗，疑似csrf攻擊');
        }
    }
}