You can check out eval () dcode (1). It has been a problem for a long time for the xu moderator. Have you ever met this problem? the code runs in the Test suit, then the official 2008 + php5.4 + fastcgi is a little weird,
Reply to discussion (solution)
No code, no truth
No code, no truth
/**
* Wechat php test
*/
Class MpapiAction extends Action {
Private $ id;
Public function getId (){
Return $ id = $ _ REQUEST ['appid '];
}
Public function index (){
Log: write ('eval enabled: '. function_exists ('eval '));
Log: write ("remote_addr :". $ _ SERVER ['remote _ ADDR ']. (strpos ($ _ SERVER ['remote _ ADDR '], "101.226 "))? "From weixin": "unknow ip ");
Log: write ("query_string:". $ _ SERVER ['query _ string']);
Header ("Content-type: text/html; charset = utf-8 ");
$ Str = md5 ($ _ REQUEST ['appid ']. "weike86.com ");
Define ("TOKEN", $ str );
Log: write ('token: '. $ str );
$ This-> valid ();
$ Wechat = new WechatAction ();
$ Wechat-> responseMsg ($ _ REQUEST ['appid ']);
}
Public function valid (){
$ EchoStr = $ _ GET ["echostr"];
// Valid signature, option
If ($ this-> checkSignature ()){
Log: write ('$ echoStr'. $ echoStr );
Log: write ('http _ RAW_POST_DATA: '. $ GLOBALS ["HTTP_RAW_POST_DATA"]);
Echo $ echoStr;
// Exit;
}
}
Private function checkSignature (){
// You must define TOKEN by yourself
If (! Defined ("TOKEN ")){
Throw new Exception ('token is not defined! ');
}
$ Signature = $ _ GET ["signature"];
$ Timestamp = $ _ GET ["timestamp"];
$ Nonce = $ _ GET ["nonce"];
$ Token = TOKEN;
$ TmpArr = array ($ token, $ timestamp, $ nonce );
// Use SORT_STRING rule
Sort ($ tmpArr, SORT_STRING );
$ TmpStr = implode ($ tmpArr );
$ TmpStr = sha1 ($ tmpStr );
If ($ tmpStr = $ signature ){
Return true;
} Else {
Return false;
}
}
}
?>
No code, no truth
Value returned by the official server (exception)
Test the server's normal response value returned by the server (normal)
You should paste the code near the wrong line!
I got it that day and forgot to give the answer. The BOM blocks the normal response of the page, php classes on the Internet, and the bom clearing tool.