Sina Weibo OAuth certification and storage of the main process detailed _php tutorial

The main process of Sina Weibo OAuth authentication and storage

This article introduces the main process of Sina Weibo OAuth authentication and storage based on Twitter's certification process.

There are many articles on OAuth on the web, but including the Sina itself is not covered in detail, including the verification process and the storage of validated data, so refer to the Twitter certification process to write down some detailed comment code.

Before we start, let's set up a database to hold user information, here's a basic example of Mysql:

?

1 2 3 4 5 6 7 8 9

CREATE TABLE ' Oauth_users ' ( ' ID ' INT (Ten) UNSIGNED not NULL auto_increment, ' Oauth_provider ' VARCHAR (10), ' Oauth_uid ' text, ' Oauth_token ' text, ' Oauth_secret ' text, ' Username ' text, PRIMARY KEY (' id ') ) Engine=myisam DEFAULT Charset=utf8;

Note the two fields Oauth_token and Oauth_secret. Sina's OAuth certification requires token and Token_secret two parameters to complete the certification, so we need to reserve two fields to record them.

Then we need to do the following in turn:

Initiate an authentication application to SINAAPI registration/or login, save the relevant data in Session if the user already has an account

The OAuth-based authentication process starts with generating a web address. The user is redirected to the URL to require authentication, and after the authentication is passed, it redirects to our application server and passes the two authenticated parameters back to the URL.

Establish index.php

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Session_Start (); if (Isset ($_session[' Last_key ')) Header ("Location:weibolist.php"); Include_once (' config.php '); Include_once (' weibooauth.php '); Creating an Sinaoauth object instance $sinaOAuth = new Weibooauth (Wb_akey, Wb_skey); $keys = $sinaOAuth->getrequesttoken (); Requesting authentication tokens, the parameter is the URL we'll be redirected to $aurl = $sinaOAuth->getauthorizeurl ($keys [' Oauth_token '], false, ' http://t.yourtion.com/sina/callback.php '); Save to session $_session[' keys '] = $keys; ?> ">use Oauth to login

Next, we need to do the following three things in this file:

Validating data in a URL
Verify token data in Session
Verify the secret data in the Session

If all the databases are legitimate, we need to create a new instance of the Sinaoauth object, which, unlike before, is going to pass the token data to the object as a parameter. After that, we should be able to get to an access token, which should be an array, and this access token is the only data we need to save.

Establish callback.php

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21st 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61

Session_Start (); Include_once (' config.php '); Include_once (' weibooauth.php '); if (!empty ($_get[' oauth_verifier ')) &&!empty ($_session[' Keys ' [' Oauth_token ']) && !empty ($_session[' Keys ' [' Oauth_token '])) { Sinaoauth object instance, note the newly added two parameters $sinaOAuth = new Weibooauth (Wb_akey, Wb_skey, $_session[' Keys ' [' Oauth_token '], $_session[' Keys ' [' Oauth_token_secret ']); Get access token $access _token = $sinaOAuth->getaccesstoken ($_request[' oauth_verifier '); Save the acquired access token to the Session $_session[' access_token '] = $access _token; Get user Information $user _info = $sinaOAuth->get (' account/verify_credentials '); Print user Information Mysql_connect (Database_host, Database_user, Database_pssword); mysql_select_db (Database_db_name); Change to your database connection, in config.php if (Isset ($user _info->error) or empty ($user _info[' id ')) { Something ' s wrong, go back to Square 1 Header (' Location:index.php '); } else { Let's find the user by its ID $sql = "SELECT * from Oauth_users WHERE oauth_provider= ' Sina ' and oauth_uid=". $user _info[' id ']; $query = mysql_query ($sql); $result = Mysql_fetch_array ($query); If not, let's add it to the database if (empty ($result)) { $sql = "INSERT into Oauth_users (Oauth_provider, Oauth_uid, username, Oauth_token, Oauth_secret) VALUES (' Sina ', '". $user _info[' id ']. "', '" . $user _info[' Screen_name '). "', '" . $access _token[' Oauth_token '). "', '" . $access _token[' Oauth_token_secret '). "')"; $query = mysql_query ($sql); $query = mysql_query ("select * from oauth_users WHERE id =". mysql_insert_id ()); $result = Mysql_fetch_array ($query); } else { Update The Tokens $query = mysql_query ("UPDATE oauth_users SET oauth_token = '".) $access _token[' Oauth_token '). "', Oauth_secret = '". $access _token[' Oauth_token_secret '). "' WHERE oauth_provider = ' sina ' and Oauth_uid =". $user _info[' id ']); } $_session[' id ']= $result [' id ']; $_session[' username ']= $result [' username ']; $_session[' Oauth_uid ']= $result [' Oauth_uid ']; $_session[' Oauth_provider ']= $result [' Oauth_provider ']; $_session[' Oauth_token ']= $result [' Oauth_token ']; $_session[' Oauth_secret ']= $result [' Oauth_secret ']; Header (' Location:update.php '); } } else { The data is incomplete, go to the previous step Header (' Location:index.php '); } ?>

You can get the user's ID by $user _info->id, $user _info->screen_name to get the user name, and so on, other information can be obtained in the same way.

It is important to point out that oauth_verifier this returned parameter can not be reused, if the above code has correctly output the user information, you can try to re-refresh the page, you should see the page will throw an error message, because Oauth_verifier We've already used it once. To use again, you need to re-launch an authentication request to the index.php page.

User Registration

Once the user information has been obtained, we will now start to register the user information in our own database, if the user is not registered in the local database.

The database link information in the above code should be changed to your own. If the user already exists in our database, we need to update the user's tokens field, because it means that Twitter has generated a new tokens, and the tokens in the database has expired. If the user does not exist, we need to add a new record and save the relevant data in the session, and then redirect back to the update.php page.

Where the update.php code is as follows:

It is important to note that the SQL in the above code is not validated and you may have to modify it when you actually use it. Before connecting to the database, we need to verify that the user is logged in. With the user name, we can show a personalized welcome message:

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

Include_once (' config.php '); Include_once (' weibooauth.php '); Session_Start (); if (!empty ($_session[' username ')) { User is logged in, redirect Header (' index.php '); } ?> Authenticating with OAuth--yourtion Hello

This is the main process of OAuth authentication and storage, which I hope will help you. Code Download: Sinaoauth

The above is the whole content of this article, I hope you can enjoy.

http://www.bkjia.com/PHPjc/975131.html www.bkjia.com true http://www.bkjia.com/PHPjc/975131.html techarticle Sina Weibo OAuth authentication and storage of the main process of the introduction of this article is to refer to the Twitter certification process to achieve the Sina Weibo OAuth authentication and storage of the main process of a lot of online ...

