<?php
/**
* QQ操作類
* $Author: shunzi $
* $Id: cls_qq.php 17171 2011-05-30 06:14:00Z shunzi $
*/
class qq_api
{
var $appid = ”;
var $appkey = ”;
var $callback = ”;
var $login_type = 1;
/**
* 構造函數
*
* @access public
* @param string $ver 版本號
*
* @return void
*/
function qq_api($appid, $appkey,$callback,$login_type)
{
$this->appid = $appid;
$this->appkey = $appkey;
$this->callback = $callback;
$this->login_type = $login_type;
}
/**
* @brief 跳轉到QQ登錄頁面.請求需經過URL編碼,編碼時請遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式為:oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login()
{
//跳轉到QQ登錄頁的接口地址, 不要更改!!
$redirect = “http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=”.$this->appid.”&”;
//調用get_request_token接口獲取未授權的臨時token
$result = array();
$request_token = $this->get_request_token();
parse_str($request_token, $result);
//request token, request token secret 需要保存起來
//在demo演示中,直接保存在全局變量中.
//為避免網站存在多個子域名或同一個主域名不同服務器造成的session無法共享問題
//請開發者按照本SDK中comm/session.php中的注釋對session.php進行必要的修改,以解決上述2個問題,
$_SESSION["token"] = $result["oauth_token"];
$_SESSION["secret"] = $result["oauth_token_secret"];
//print_r($_SESSION);
if ($result["oauth_token"] == “”)
{
//示例代碼中沒有對錯誤情況進行處理。真實情況下網站需要自己處理錯誤情況
exit;
}
////構造請求URL
$redirect .= “oauth_token=”.$result["oauth_token"].”&oauth_callback=”.rawurlencode($this->callback);
header(“Location:$redirect”);
}
/**
* @brief 請求臨時token.請求需經過URL編碼,編碼時請遵循 RFC 1738
*
* @param $appid
* @param $appkey
*
* @return 返回字符串格式為:oauth_token=xxx&oauth_token_secret=xxx
*/
function get_request_token()
{
//請求臨時token的接口地址, 不要更改!!
$url = “http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token?”;
//生成oauth_signature簽名值。簽名值生成方法詳見(http://wiki.opensns.qq.com/wiki/【QQ登錄】簽名參數oauth_signature的說明)
//(1) 構造生成簽名值的源串(HTTP請求方式 & urlencode(uri) & urlencode(a=x&b=y&…))
$sigstr = “GET”.”&”.rawurlencode(“http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token”).”&”;
//必要參數
$params = array();
$params["oauth_version"] = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $this->appid;
//對參數按照字母升序做序列化
$normalized_str = $this->get_normalized_string($params);
$sigstr .= rawurlencode($normalized_str);
//(2)構造密鑰
$key = $this->appkey.”&”;
//(3)生成oauth_signature簽名值。這裡需要確保PHP版本支持hash_hmac函數
$signature = $this->get_signature($sigstr, $key);
//構造請求url
$url .= $normalized_str.”&”.”oauth_signature=”.rawurlencode($signature);
//echo “$sigstr\n”;
//echo “$url\n”;
return file_get_contents($url);
}
/*
* @brief 獲取用戶信息.請求需經過URL編碼,編碼時請遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function get_user_info($access_token, $access_token_secret, $openid)
{
//獲取用戶信息的接口地址, 不要更改!!
$url = “http://openapi.qzone.qq.com/user/get_user_info”;
$info = $this->do_get($url, $access_token, $access_token_secret, $openid);
$arr = array();
$arr = json_decode($info, true);
return $arr;
}
/**
* @brief 獲取access_token。請求需經過URL編碼,編碼時請遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $request_token
* @param $request_token_secret
* @param $vericode
*
* @return 返回字符串格式為:oauth_token=xxx&oauth_token_secret=xxx&openid=xxx&oauth_signature=xxx&oauth_vericode=xxx×tamp=xxx
*/
function get_access_token($request_token, $request_token_secret, $vericode)
{
//請求具有Qzone訪問權限的access_token的接口地址, 不要更改!!
$url = “http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token?”;
//生成oauth_signature簽名值。簽名值生成方法詳見(http://wiki.opensns.qq.com/wiki/【QQ登錄】簽名參數oauth_signature的說明)
//(1) 構造生成簽名值的源串(HTTP請求方式 & urlencode(uri) & urlencode(a=x&b=y&…))
$sigstr = “GET”.”&”.rawurlencode(“http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token”).”&”;
//必要參數,不要隨便更改!!
$params = array();
$params["oauth_version"] = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $this->appid;
$params["oauth_token"] = $request_token;
$params["oauth_vericode"] = $vericode;
//對參數按照字母升序做序列化
$normalized_str = $this->get_normalized_string($params);
$sigstr .= rawurlencode($normalized_str);
//echo “sigstr = $sigstr”;
//(2)構造密鑰
$key = $this->appkey.”&”.$request_token_secret;
//(3)生成oauth_signature簽名值。這裡需要確保PHP版本支持hash_hmac函數
$signature = $this->get_signature($sigstr, $key);
//構造請求url
$url .= $normalized_str.”&”.”oauth_signature=”.rawurlencode($signature);
return file_get_contents($url);
}
/**
* @brief 對參數進行字典升序排序
*
* @param $params 參數列表
*
* @return 排序後用&鏈接的key-value對(key1=value1&key2=value2…)
*/
function get_normalized_string($params)
{
ksort($params);
$normalized = array();
foreach($params as $key => $val)
{
$normalized[] = $key.”=”.$val;
}
return implode(“&”, $normalized);
}
/**
* @brief 使用HMAC-SHA1算法生成oauth_signature簽名值
*
* @param $key 密鑰
* @param $str 源串
*
* @return 簽名值
*/
function get_signature($str, $key)
{
$signature = “”;
if (function_exists(‘hash_hmac’))
{
$signature = base64_encode(hash_hmac(“sha1″, $str, $key, true));
}
else
{
$blocksize = 64;
$hashfunc = ‘sha1′;
if (strlen($key) > $blocksize)
{
$key = pack(‘H*’, $hashfunc($key));
}
$key = str_pad($key,$blocksize,chr(0×00));
$ipad = str_repeat(chr(0×36),$blocksize);
$opad = str_repeat(chr(0x5c),$blocksize);
$hmac = pack(
‘H*’,$hashfunc(
($key^$opad).pack(
‘H*’,$hashfunc(
($key^$ipad).$str
)
)
)
);
$signature = base64_encode($hmac);
}
return $signature;
}
/**
* @brief 對字符串進行URL編碼,遵循rfc1738 urlencode
*
* @param $params
*
* @return URL編碼後的字符串
*/
function get_urlencode_string($params)
{
ksort($params);
$normalized = array();
foreach($params as $key => $val)
{
$normalized[] = $key.”=”.rawurlencode($val);
}
return implode(“&”, $normalized);
}
/**
* @brief 檢查openid是否合法
*
* @param $openid 與用戶QQ號碼一一對應
* @param $timestamp 時間戳
* @param $sig 簽名值
*
* @return true or false
*/
function is_valid_openid($openid, $timestamp, $sig)
{
$key = $this->appkey;
$str = $openid.$timestamp;
$signature = $this->get_signature($str, $key);
//echo “sig:$sig\n”;
//echo “str:$str\n”;
return $sig == $signature;
}
/**
* @brief 所有Get請求都可以使用這個方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
* @return true or false
*/
function do_get($url, $access_token, $access_token_secret, $openid)
{
$sigstr = “GET”.”&”.rawurlencode(“$url”).”&”;
//必要參數, 不要隨便更改!!
$params = $_GET;
$params["oauth_version"] = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $this->appid;
$params["oauth_token"] = $access_token;
$params["openid"] = $openid;
unset($params["oauth_signature"]);
//參數按照字母升序做序列化
$normalized_str = $this->get_normalized_string($params);
$sigstr .= rawurlencode($normalized_str);
//簽名,確保php版本支持hash_hmac函數
$key = $this->appkey.”&”.$access_token_secret;
$signature = $this->get_signature($sigstr, $key);
$url .= “?”.$normalized_str.”&”.”oauth_signature=”.rawurlencode($signature);
//echo “$url\n”;
return file_get_contents($url);
}
/**
* @brief 所有multi-part post 請求都可以使用這個方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function do_multi_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid)
{
//構造簽名串.源串:方法[GET|POST]&uri&參數按照字母升序排列
$sigstr = “POST”.”&”.”$url”.”&”;
//必要參數,不要隨便更改!!
$params = $_POST;
$params["oauth_version"] = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $appid;
$params["oauth_token"] = $access_token;
$params["openid"] = $openid;
unset($params["oauth_signature"]);
//獲取上傳圖片信息
foreach ($_FILES as $filename => $filevalue)
{
if ($filevalue["error"] != UPLOAD_ERR_OK)
{
//echo “upload file error $filevalue['error']\n”;
//exit;
}
$params[$filename] = file_get_contents($filevalue["tmp_name"]);
}
//對參數按照字母升序做序列化
$sigstr .= $this->get_normalized_string($params);
//簽名,需要確保php版本支持hash_hmac函數
$key = $appkey.”&”.$access_token_secret;
$signature = $this->get_signature($sigstr, $key);
$params["oauth_signature"] = $signature;
//處理上傳圖片
foreach ($_FILES as $filename => $filevalue)
{
$tmpfile = dirname($filevalue["tmp_name"]).”/”.$filevalue["name"];
move_uploaded_file($filevalue["tmp_name"], $tmpfile);
$params[$filename] = “@$tmpfile”;
}
/*
echo “len: “.strlen($sigstr).”\n”;
echo “sig: $sigstr\n”;
echo “key: $appkey&\n”;
*/
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_URL, $url);
$ret = curl_exec($ch);
//$httpinfo = curl_getinfo($ch);
//print_r($httpinfo);
curl_close($ch);
//刪除上傳臨時文件
unlink($tmpfile);
return $ret;
}
/**
* @brief 所有post 請求都可以使用這個方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function do_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid)
{
//構造簽名串.源串:方法[GET|POST]&uri&參數按照字母升序排列
$sigstr = “POST”.”&”.rawurlencode($url).”&”;
//必要參數,不要隨便更改!!
$params = $_POST;
$params["oauth_version"] = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"] = time();
$params["oauth_nonce"] = mt_rand();
$params["oauth_consumer_key"] = $appid;
$params["oauth_token"] = $access_token;
$params["openid"] = $openid;
unset($params["oauth_signature"]);
//對參數按照字母升序做序列化
$sigstr .= rawurlencode($this->get_normalized_string($params));
//簽名,需要確保php版本支持hash_hmac函數
$key = $appkey.”&”.$access_token_secret;
$signature = $this->get_signature($sigstr, $key);
$params["oauth_signature"] = $signature;
$postdata = $this->get_urlencode_string($params);
//echo “$sigstr******\n”;
//echo “$postdata\n”;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_URL, $url);
$ret = curl_exec($ch);
curl_close($ch);
return $ret;
}
}
?>
暫時只有登錄功能,後期項目中方法繼續更新
摘自 順子網絡 PHP網站建設
