After applying for an account in Sina sae, I created an application to use as a test interface. The code is in the official tutorial. However, when submitting the server configuration, the token verification fails if the connection fails, I am sure I have not entered the correct address and token. I can't find the reason. {Code .....
After applying for an account in Sina sae, I created an application to use as a test interface. The code is in the official tutorial. However, when submitting the server configuration, the token verification fails if the connection fails, I am sure I have not entered the correct address and token. I can't find the reason.
So I tested it locally and copied the get request sent by the Sina sae log center, which is followed by the local address to simulate the request ,!!! [Image description] [2] The result shows that the timestamp and nonce strings received in the program are sorted as required and the signature in the link is not the same .!!! [Image description] [3] Have you ever encountered this problem? Or where do I perform this operation? The program copies official documents. Please advise! '
/**
// Define your token
Define ("TOKEN", "weixin ");
$ WechatObj = new wechatCallbackapiTest ();
$ WechatObj-> valid ();
Class wechatCallbackapiTest
{
Public function valid () {$ echoStr = $ _ GET ["echostr"]; // valid signature, option if ($ this-> checkSignature () {echo $ echoStr; exit ;}} public function responseMsg () {// get post data, May be due to the different environments $ postStr = $ GLOBALS ["HTTP_RAW_POST_DATA"]; // extract post data if (! Empty ($ postStr) {$ postObj = simplexml_load_string ($ postStr, 'simplexmlelement', LIBXML_NOCDATA); $ fromUsername = $ postObj-> FromUserName; $ toUsername = $ postObj-> ToUserName; $ keyword = trim ($ postObj-> Content); $ time = time (); $ textTpl ="
%s
%s
% S
%s
%s
0
"; If (! Empty ($ keyword) {$ msgType = "text"; $ contentStr = "Welcome to wechat world! "; $ ResultStr = sprintf ($ textTpl, $ fromUsername, $ toUsername, $ time, $ msgType, $ contentStr); echo $ resultStr;} else {echo" Input something... ";}} else {echo" "; exit ;}} private function checkSignature () {$ signature =$ _ GET [" signature "]; $ timestamp = $ _ GET ["timestamp"]; $ nonce = $ _ GET ["nonce"]; $ token = TOKEN; $ tmpArr = array ($ token, $ timestamp, $ nonce); print_r ($ tmpArr); echo ""; sort ($ tmpArr, SORT_STRING); print_r ($ tmpArr); echo ""; $ tmpStr = implode ('', $ tmpArr); echo $ tmpStr; echo ""; $ tmpStr = sha1 ($ tmpStr); echo "after sha1 encryption :". $ tmpStr; echo ""; echo 'signature :'. $ signature; if ($ tmpStr ==$ signature) {return true;} else {return false ;}}
}
`
Reply content:
After applying for an account in Sina sae, I created an application to use as a test interface. The code is in the official tutorial. However, when submitting the server configuration, the token verification fails if the connection fails, I am sure I have not entered the correct address and token. I can't find the reason.
So I tested it locally and copied the get request sent by the Sina sae log center, which is followed by the local address to simulate the request ,!!! [Image description] [2] The result shows that the timestamp and nonce strings received in the program are sorted as required and the signature in the link is not the same .!!! [Image description] [3] Have you ever encountered this problem? Or where do I perform this operation? The program copies official documents. Please advise! '
/**
// Define your token
Define ("TOKEN", "weixin ");
$ WechatObj = new wechatCallbackapiTest ();
$ WechatObj-> valid ();
Class wechatCallbackapiTest
{
Public function valid () {$ echoStr = $ _ GET ["echostr"]; // valid signature, option if ($ this-> checkSignature () {echo $ echoStr; exit ;}} public function responseMsg () {// get post data, May be due to the different environments $ postStr = $ GLOBALS ["HTTP_RAW_POST_DATA"]; // extract post data if (! Empty ($ postStr) {$ postObj = simplexml_load_string ($ postStr, 'simplexmlelement', LIBXML_NOCDATA); $ fromUsername = $ postObj-> FromUserName; $ toUsername = $ postObj-> ToUserName; $ keyword = trim ($ postObj-> Content); $ time = time (); $ textTpl ="
%s
%s
% S
%s
%s
0
"; If (! Empty ($ keyword) {$ msgType = "text"; $ contentStr = "Welcome to wechat world! "; $ ResultStr = sprintf ($ textTpl, $ fromUsername, $ toUsername, $ time, $ msgType, $ contentStr); echo $ resultStr;} else {echo" Input something... ";}} else {echo" "; exit ;}} private function checkSignature () {$ signature =$ _ GET [" signature "]; $ timestamp = $ _ GET ["timestamp"]; $ nonce = $ _ GET ["nonce"]; $ token = TOKEN; $ tmpArr = array ($ token, $ timestamp, $ nonce); print_r ($ tmpArr); echo ""; sort ($ tmpArr, SORT_STRING); print_r ($ tmpArr); echo ""; $ tmpStr = implode ('', $ tmpArr); echo $ tmpStr; echo ""; $ tmpStr = sha1 ($ tmpStr); echo "after sha1 encryption :". $ tmpStr; echo ""; echo 'signature :'. $ signature; if ($ tmpStr ==$ signature) {return true;} else {return false ;}}
}
`
It is best not to use sae for this purpose. It seems that real-name authentication is required for sae to normally access some messages.
You directly
Sae requires real-name authentication. If real-name authentication is not performed, SAE will include interfering html content in the reply content, resulting in failed Token verification or the public account is temporarily unable to provide services, please try again later.
Only after real-name authentication is required for ase