/**
*? QQ操作類
* $Author: shunzi $
* $Id: cls_qq.php 17171 2011-05-30 06:14:00Z shunzi $
*/
class qq_api
{
var?? $appid = ”;
var?? $appkey? = ”;
var?? $callback? = ”;
var?? $login_type = 1;
/**
* 構(gòu)造函數(shù)
*
* @access? public
* @param?? string????? $ver??????? 版本號(hào)
*
* @return? void
*/
function qq_api($appid, $appkey,$callback,$login_type)
{
$this->appid = $appid;
$this->appkey? = $appkey;
$this->callback? = $callback;
$this->login_type? = $login_type;
}
/**
* @brief 跳轉(zhuǎn)到QQ登錄頁面.請(qǐng)求需經(jīng)過URL編碼，編碼時(shí)請(qǐng)遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $callback
*
* @return 返回字符串格式為：oauth_token=xxx&openid=xxx&oauth_signature=xxx×tamp=xxx&oauth_vericode=xxx
*/
function redirect_to_login()
{
//跳轉(zhuǎn)到QQ登錄頁的接口地址, 不要更改!!
$redirect = “http://openapi.qzone.qq.com/oauth/qzoneoauth_authorize?oauth_consumer_key=”.$this->appid.”&”;
//調(diào)用get_request_token接口獲取未授權(quán)的臨時(shí)token
$result = array();
$request_token = $this->get_request_token();
parse_str($request_token, $result);
//request token, request token secret 需要保存起來
//在demo演示中，直接保存在全局變量中.
//為避免網(wǎng)站存在多個(gè)子域名或同一個(gè)主域名不同服務(wù)器造成的session無法共享問題
//請(qǐng)開發(fā)者按照本SDK中comm/session.php中的注釋對(duì)session.php進(jìn)行必要的修改，以解決上述2個(gè)問題，
$_SESSION["token"]??????? = $result["oauth_token"];
$_SESSION["secret"]?????? = $result["oauth_token_secret"];
//print_r($_SESSION);
if ($result["oauth_token"] == “”)
{
//示例代碼中沒有對(duì)錯(cuò)誤情況進(jìn)行處理。真實(shí)情況下網(wǎng)站需要自己處理錯(cuò)誤情況
exit;
}
////構(gòu)造請(qǐng)求URL
$redirect .= “oauth_token=”.$result["oauth_token"].”&oauth_callback=”.rawurlencode($this->callback);
header(“Location:$redirect”);
}
/**
* @brief 請(qǐng)求臨時(shí)token.請(qǐng)求需經(jīng)過URL編碼，編碼時(shí)請(qǐng)遵循 RFC 1738
*
* @param $appid
* @param $appkey
*
* @return 返回字符串格式為：oauth_token=xxx&oauth_token_secret=xxx
*/
function get_request_token()
{
//請(qǐng)求臨時(shí)token的接口地址, 不要更改!!
$url??? = “http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token?”;
//生成oauth_signature簽名值。簽名值生成方法詳見（http://wiki.opensns.qq.com/wiki/【QQ登錄】簽名參數(shù)oauth_signature的說明）
//（1） 構(gòu)造生成簽名值的源串（HTTP請(qǐng)求方式 & urlencode(uri) & urlencode(a=x&b=y&…)）
$sigstr = “GET”.”&”.rawurlencode(“http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token”).”&”;
//必要參數(shù)
$params = array();
$params["oauth_version"]????????? = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"]??????? = time();
$params["oauth_nonce"]??????????? = mt_rand();
$params["oauth_consumer_key"]???? = $this->appid;
//對(duì)參數(shù)按照字母升序做序列化
$normalized_str = $this->get_normalized_string($params);
$sigstr??????? .= rawurlencode($normalized_str);
//（2）構(gòu)造密鑰
$key = $this->appkey.”&”;
//（3）生成oauth_signature簽名值。這里需要確保PHP版本支持hash_hmac函數(shù)
$signature = $this->get_signature($sigstr, $key);
//構(gòu)造請(qǐng)求url
$url????? .= $normalized_str.”&”.”oauth_signature=”.rawurlencode($signature);
//echo “$sigstr\n”;
//echo “$url\n”;
return file_get_contents($url);
}
/*
* @brief 獲取用戶信息.請(qǐng)求需經(jīng)過URL編碼，編碼時(shí)請(qǐng)遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function get_user_info($access_token, $access_token_secret, $openid)
{
//獲取用戶信息的接口地址, 不要更改!!
$url??? = “http://openapi.qzone.qq.com/user/get_user_info”;
$info?? = $this->do_get($url, $access_token, $access_token_secret, $openid);
$arr = array();
$arr = json_decode($info, true);
return $arr;
}
/**
* @brief 獲取access_token。請(qǐng)求需經(jīng)過URL編碼，編碼時(shí)請(qǐng)遵循 RFC 1738
*
* @param $appid
* @param $appkey
* @param $request_token
* @param $request_token_secret
* @param $vericode
*
* @return 返回字符串格式為：oauth_token=xxx&oauth_token_secret=xxx&openid=xxx&oauth_signature=xxx&oauth_vericode=xxx×tamp=xxx
*/
function get_access_token($request_token, $request_token_secret, $vericode)
{
//請(qǐng)求具有Qzone訪問權(quán)限的access_token的接口地址, 不要更改!!
$url??? = “http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token?”;
//生成oauth_signature簽名值。簽名值生成方法詳見（http://wiki.opensns.qq.com/wiki/【QQ登錄】簽名參數(shù)oauth_signature的說明）
//（1） 構(gòu)造生成簽名值的源串（HTTP請(qǐng)求方式 & urlencode(uri) & urlencode(a=x&b=y&…)）
$sigstr = “GET”.”&”.rawurlencode(“http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token”).”&”;
//必要參數(shù)，不要隨便更改!!
$params = array();
$params["oauth_version"]????????? = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"]??????? = time();
$params["oauth_nonce"]??????????? = mt_rand();
$params["oauth_consumer_key"]???? = $this->appid;
$params["oauth_token"]??????????? = $request_token;
$params["oauth_vericode"]???????? = $vericode;
//對(duì)參數(shù)按照字母升序做序列化
$normalized_str = $this->get_normalized_string($params);
$sigstr??????? .= rawurlencode($normalized_str);
//echo “sigstr = $sigstr”;
//（2）構(gòu)造密鑰
$key = $this->appkey.”&”.$request_token_secret;
//（3）生成oauth_signature簽名值。這里需要確保PHP版本支持hash_hmac函數(shù)
$signature = $this->get_signature($sigstr, $key);
//構(gòu)造請(qǐng)求url
$url????? .= $normalized_str.”&”.”oauth_signature=”.rawurlencode($signature);
return file_get_contents($url);
}
/**
* @brief 對(duì)參數(shù)進(jìn)行字典升序排序
*
* @param $params 參數(shù)列表
*
* @return 排序后用&鏈接的key-value對(duì)（key1=value1&key2=value2…)
*/
function get_normalized_string($params)
{
ksort($params);
$normalized = array();
foreach($params as $key => $val)
{
$normalized[] = $key.”=”.$val;
}
return implode(“&”, $normalized);
}
/**
* @brief 使用HMAC-SHA1算法生成oauth_signature簽名值
*
* @param $key? 密鑰
* @param $str? 源串
*
* @return 簽名值
*/
function get_signature($str, $key)
{
$signature = “”;
if (function_exists(‘hash_hmac’))
{
$signature = base64_encode(hash_hmac(“sha1″, $str, $key, true));
}
else
{
$blocksize = 64;
$hashfunc = ‘sha1′;
if (strlen($key) > $blocksize)
{
$key = pack(‘H*’, $hashfunc($key));
}
$key = str_pad($key,$blocksize,chr(0×00));
$ipad = str_repeat(chr(0×36),$blocksize);
$opad = str_repeat(chr(0x5c),$blocksize);
$hmac = pack(
‘H*’,$hashfunc(
($key^$opad).pack(
‘H*’,$hashfunc(
($key^$ipad).$str
)
)
)
);
$signature = base64_encode($hmac);
}
return $signature;
}
/**
* @brief 對(duì)字符串進(jìn)行URL編碼，遵循rfc1738 urlencode
*
* @param $params
*
* @return URL編碼后的字符串
*/
function get_urlencode_string($params)
{
ksort($params);
$normalized = array();
foreach($params as $key => $val)
{
$normalized[] = $key.”=”.rawurlencode($val);
}
return implode(“&”, $normalized);
}
/**
* @brief 檢查openid是否合法
*
* @param $openid? 與用戶QQ號(hào)碼一一對(duì)應(yīng)
* @param $timestamp　時(shí)間戳
* @param $sig　　簽名值
*
* @return true or false
*/
function is_valid_openid($openid, $timestamp, $sig)
{
$key = $this->appkey;
$str = $openid.$timestamp;
$signature = $this->get_signature($str, $key);
//echo “sig:$sig\n”;
//echo “str:$str\n”;
return $sig == $signature;
}
/**
* @brief 所有Get請(qǐng)求都可以使用這個(gè)方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
* @return true or false
*/
function do_get($url, $access_token, $access_token_secret, $openid)
{
$sigstr = “GET”.”&”.rawurlencode(“$url”).”&”;
//必要參數(shù), 不要隨便更改!!
$params = $_GET;
$params["oauth_version"]????????? = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"]??????? = time();
$params["oauth_nonce"]??????????? = mt_rand();
$params["oauth_consumer_key"]???? = $this->appid;
$params["oauth_token"]??????????? = $access_token;
$params["openid"]???????????????? = $openid;
unset($params["oauth_signature"]);
//參數(shù)按照字母升序做序列化
$normalized_str = $this->get_normalized_string($params);
$sigstr??????? .= rawurlencode($normalized_str);
//簽名,確保php版本支持hash_hmac函數(shù)
$key = $this->appkey.”&”.$access_token_secret;
$signature = $this->get_signature($sigstr, $key);
$url????? .= “?”.$normalized_str.”&”.”oauth_signature=”.rawurlencode($signature);
//echo “$url\n”;
return file_get_contents($url);
}
/**
* @brief 所有multi-part post 請(qǐng)求都可以使用這個(gè)方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function do_multi_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid)
{
//構(gòu)造簽名串.源串:方法[GET|POST]&uri&參數(shù)按照字母升序排列
$sigstr = “POST”.”&”.”$url”.”&”;
//必要參數(shù),不要隨便更改!!
$params = $_POST;
$params["oauth_version"]????????? = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"]??????? = time();
$params["oauth_nonce"]??????????? = mt_rand();
$params["oauth_consumer_key"]???? = $appid;
$params["oauth_token"]??????????? = $access_token;
$params["openid"]???????????????? = $openid;
unset($params["oauth_signature"]);
//獲取上傳圖片信息
foreach ($_FILES as $filename => $filevalue)
{
if ($filevalue["error"] != UPLOAD_ERR_OK)
{
//echo “upload file error $filevalue['error']\n”;
//exit;
}
$params[$filename] = file_get_contents($filevalue["tmp_name"]);
}
//對(duì)參數(shù)按照字母升序做序列化
$sigstr .= $this->get_normalized_string($params);
//簽名,需要確保php版本支持hash_hmac函數(shù)
$key = $appkey.”&”.$access_token_secret;
$signature = $this->get_signature($sigstr, $key);
$params["oauth_signature"] = $signature;
//處理上傳圖片
foreach ($_FILES as $filename => $filevalue)
{
$tmpfile = dirname($filevalue["tmp_name"]).”/”.$filevalue["name"];
move_uploaded_file($filevalue["tmp_name"], $tmpfile);
$params[$filename] = “@$tmpfile”;
}
/*
echo “l(fā)en: “.strlen($sigstr).”\n”;
echo “sig: $sigstr\n”;
echo “key: $appkey&\n”;
*/
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_URL, $url);
$ret = curl_exec($ch);
//$httpinfo = curl_getinfo($ch);
//print_r($httpinfo);
curl_close($ch);
//刪除上傳臨時(shí)文件
unlink($tmpfile);
return $ret;
}
/**
* @brief 所有post 請(qǐng)求都可以使用這個(gè)方法
*
* @param $url
* @param $appid
* @param $appkey
* @param $access_token
* @param $access_token_secret
* @param $openid
*
*/
function do_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid)
{
//構(gòu)造簽名串.源串:方法[GET|POST]&uri&參數(shù)按照字母升序排列
$sigstr = “POST”.”&”.rawurlencode($url).”&”;
//必要參數(shù),不要隨便更改!!
$params = $_POST;
$params["oauth_version"]????????? = “1.0″;
$params["oauth_signature_method"] = “HMAC-SHA1″;
$params["oauth_timestamp"]??????? = time();
$params["oauth_nonce"]??????????? = mt_rand();
$params["oauth_consumer_key"]???? = $appid;
$params["oauth_token"]??????????? = $access_token;
$params["openid"]???????????????? = $openid;
unset($params["oauth_signature"]);
//對(duì)參數(shù)按照字母升序做序列化
$sigstr .= rawurlencode($this->get_normalized_string($params));
//簽名,需要確保php版本支持hash_hmac函數(shù)
$key = $appkey.”&”.$access_token_secret;
$signature = $this->get_signature($sigstr, $key);
$params["oauth_signature"] = $signature;
$postdata = $this->get_urlencode_string($params);
//echo “$sigstr******\n”;
//echo “$postdata\n”;
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt($ch, CURLOPT_URL, $url);
$ret = curl_exec($ch);
curl_close($ch);
return $ret;
}
}
?>
暫時(shí)只有登錄功能，后期項(xiàng)目中方法繼續(xù)更新

摘自 順子網(wǎng)絡(luò) PHP網(wǎng)站建設(shè)