?
/** ? * ? * qq登录 ? * @author http://www.heui.org ? * ? */ class Oauth_qq { ?? private static $_instance ; ?? private $config = array (); ? ?? private function __construct( $config ) ?? { ???? $this ->Oauth_qq( $config ); ?? } ? ?? public static function getInstance( $config ) ?? { ???? if (!isset(self:: $_instance )) ???? { ?????? $c = __CLASS__ ; ?????? self:: $_instance = new $c ( $config ); ???? } ???? return self:: $_instance ; ?? } ? ?? private function Oauth_qq( $config ) ?? { ???? $this ->config = $config ; ???? $_SESSION [ "appid" ]??? = $this ->config[ 'appid' ]; ???? $_SESSION [ "appkey" ]?? = $this ->config[ 'appkey' ]; ???? $_SESSION [ "callback" ] = $this ->config[ 'callback' ]; ???? $_SESSION [ "scope" ] = "get_user_info,add_share,list_album,add_album,upload_pic,add_topic,add_one_blog,add_weibo" ; ?? } ? ?? function login() ?? { ???? $_SESSION [ 'state' ] = md5(uniqid(rand(), TRUE)); //CSRF protection ???? $login_url = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=" ???? . $_SESSION [ "appid" ] . "&redirect_uri=" . urlencode( $_SESSION [ "callback" ]) ???? . "&state=" . $_SESSION [ 'state' ] ???? . "&scope=" . $_SESSION [ "scope" ]; ???? header( "Location:$login_url" ); ?? } ? ?? function callback() ?? { ???? if ( $_REQUEST [ 'state' ] == $_SESSION [ 'state' ]) //csrf ???? { ?????? $token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&" ?????? . "client_id=" . $_SESSION [ "appid" ]. "&redirect_uri=" . urlencode( $_SESSION [ "callback" ]) ?????? . "&client_secret=" . $_SESSION [ "appkey" ]. "&code=" . $_REQUEST [ "code" ]; ? ?????? $response = get_url_contents( $token_url ); ?????? if ( strpos ( $response , "callback" ) !== false) ?????? { ???????? $lpos = strpos ( $response , "(" ); ???????? $rpos = strrpos ( $response , ")" ); ???????? $response ? = substr ( $response , $lpos + 1, $rpos - $lpos -1); ???????? $msg = json_decode( $response ); ???????? if (isset( $msg ->error)) ???????? { ?????????? echo "<h3>error:</h3>" . $msg ->error; ?????????? echo "<h3>msg? :</h3>" . $msg ->error_description; ?????????? exit ; ???????? } ?????? } ? ?????? $params = array (); ?????? parse_str ( $response , $params ); ? ?????? $_SESSION [ "access_token" ] = $params [ "access_token" ]; ???? } ???? else ???? { ?????? echo ( "The state does not match. You may be a victim of CSRF." ); ???? } ?? } ? ?? function get_openid() ?? { ???? $graph_url = "https://graph.qq.com/oauth2.0/me?access_token=" ???? . $_SESSION [ 'access_token' ]; ? ???? $str ? = get_url_contents( $graph_url ); ???? if ( strpos ( $str , "callback" ) !== false) ???? { ?????? $lpos = strpos ( $str , "(" ); ?????? $rpos = strrpos ( $str , ")" ); ?????? $str ? = substr ( $str , $lpos + 1, $rpos - $lpos -1); ???? } ? ???? $user = json_decode( $str ); ???? if (isset( $user ->error)) ???? { ?????? echo "<h3>error:</h3>" . $user ->error; ?????? echo "<h3>msg? :</h3>" . $user ->error_description; ?????? exit ; ???? } ? ???? //set openid to session ???? return $_SESSION [ "openid" ] = $user ->openid; ?? } ? ?? function get_user_info() ?? { ???? $get_user_info = "https://graph.qq.com/user/get_user_info?" ???? . "access_token=" . $_SESSION [ 'access_token' ] ???? . "&oauth_consumer_key=" . $_SESSION [ "appid" ] ???? . "&openid=" . $_SESSION [ "openid" ] ???? . "&format=json" ; ? ???? $info = get_url_contents( $get_user_info ); ???? $arr = json_decode( $info , true); ? ???? return $arr ; ?? } ? ?? public function __clone() ?? { ???? trigger_error( 'Clone is not allow' ,E_USER_ERROR); ?? } ? } ? /* 公用函数 */ if (!function_exists( "do_post" )) { ?? function do_post( $url , $data ) ?? { ???? $ch = curl_init(); ???? curl_setopt( $ch , CURLOPT_RETURNTRANSFER, TRUE); ???? curl_setopt( $ch , CURLOPT_POST, TRUE); ???? curl_setopt( $ch , CURLOPT_POSTFIELDS, $data ); ???? curl_setopt( $ch , CURLOPT_URL, $url ); ???? $ret = curl_exec( $ch ); ? ???? curl_close( $ch ); ???? return $ret ; ?? } } if (!function_exists( "get_url_contents" )) { ?? function get_url_contents( $url ) ?? { ???? if ( ini_get ( "allow_url_fopen" ) == "1" ) ???? return file_get_contents ( $url ); ? ???? $ch = curl_init(); ???? curl_setopt( $ch , CURLOPT_RETURNTRANSFER, TRUE); ???? curl_setopt( $ch , CURLOPT_URL, $url ); ???? $result =? curl_exec( $ch ); ???? curl_close( $ch ); ? ???? return $result ; ?? } } |
使用实例:
$config [ 'appid' ]??? = '' ; $config [ 'appkey' ]?? = '' ; $config [ 'callback' ] = '' ; $o_qq = Oauth_qq::getInstance( $config ); ? //then $o_qq ->login(); //or $o_qq ->callback(); $o_qq ->get_openid(); $o_qq ->get_user_info(); |
原文:http://www.heui.org/archives/454