微信开发中验证 基本配置 的token验证 及自动回复代码（PHP）

<?php

/**
* wechat php test
*/

//define your token
define(“TOKEN”, “demo”);
$wechatObj = new wechatCallbackapiTest();

$wechatObj->valid();
//这个地方只需要验证一次就够了

//$wechatObj->responseMsg();

class wechatCallbackapiTest
{
public function valid()
{
$echoStr = $_GET[“echostr”];

    //valid signature , option    if($this->checkSignature()){        echo $echoStr;        exit;    }}public function responseMsg(){    //get post data, May be due to the different environments    if (PHP_VERSION >= 7) {        $postStr = file_get_contents('php://input');    } else {        $postStr = $GLOBALS["HTTP_RAW_POST_DATA"];    }    //file_put_contents('999.txt', $postStr);    //extract post data    if (!empty($postStr)){            /* libxml_disable_entity_loader is to prevent XML eXternal Entity Injection,               the best way is to check the validity of xml by yourself */            libxml_disable_entity_loader(true);            $postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);            $fromUsername = $postObj->FromUserName;            $toUsername = $postObj->ToUserName;            $keyword = trim($postObj->Content);            $time = time();            $textTpl = "<xml>                        <ToUserName><![CDATA[%s]]></ToUserName>                        <FromUserName><![CDATA[%s]]></FromUserName>                        <CreateTime>%s</CreateTime>                        <MsgType><![CDATA[%s]]></MsgType>                        <Content><![CDATA[%s]]></Content>                        <FuncFlag>0</FuncFlag>                        </xml>";                         if(!empty( $keyword ))            {                $msgType = "text";                $contentStr = "自动回复中你想输出的内容";                $resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);                echo $resultStr;            }else{                echo "Input something...";            }    }else {        echo "";        exit;    }}private function checkSignature(){    // you must define TOKEN by yourself    if (!defined("TOKEN")) {        throw new Exception('TOKEN is not defined!');    }    $signature = $_GET["signature"];    $timestamp = $_GET["timestamp"];    $nonce = $_GET["nonce"];    $token = TOKEN;    $tmpArr = array($token, $timestamp, $nonce);    // use SORT_STRING rule    sort($tmpArr, SORT_STRING);    $tmpStr = implode( $tmpArr );    $tmpStr = sha1( $tmpStr );    if( $tmpStr == $signature ){        return true;    }else{        return false;    }}

}