文章目录
- 准备阶段
- 申请QQ登录的权限
- 创建应用
- 最后上传qqlogin.php代码
准备阶段
- 国内服务器和备案域名
- 需要你有张独一无二本人的身份证
- 你正面手持身份证的图片
- 一张100px*100px的网站图标
申请QQ登录的权限
首先访问qq互联,点击我直接访问
登陆完成后我们点击面的应用管理
然后我们点击头像进入页面后填写相关的信息等待审核就好了(审核时间大概在一天左右吧)
创建应用
回到管理页面点击创建应用>创建网站应用
然后填写你的网站的相关信息
网站地址填你要用QQ登录的网址,回调地址填到你要登录的页面的目录下,再加/qqlogin.php 例如我要用www.xfabe.com进行QQ登录,登录页面在路径www.xfabe.com/user/login.php 那这个回调地址就填www.xfabe.com/user/qqlogin.php 提供方可以随意,然后再把备案号填完就行,最后上传下图标即可,然后等待审核(一天左右吧)
最后然后记录你的APP ID和APP Key,在你的登录页面加上QQ登录的按钮然后指向回调域
最后上传qqlogin.php代码
<?php
include '../includes/config.php';//这里你加载你网站程序的运行文件
//应用的APPID
$app_id = "你的APPID";
//应用的APPKEY
$app_secret = "你的APPKEY";
//【成功授权】后的回调地址,即此地址在腾讯的信息中有储存
$my_url = "你填写的回调地址";
//Step1:获取Authorization Code
session_start();
$code = $_REQUEST["code"];//存放Authorization Code
if(empty($code))
{
//state参数用于防止CSRF攻击,成功授权后回调时会原样带回
$_SESSION['state'] = md5(uniqid(rand(), TRUE));
//拼接URL
$dialog_url = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
. $_SESSION['state'];
if(isset($_GET['user'])){
$dialog_url = "https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "?user=".$_GET['user']."&state="
. $_SESSION['state'];
}
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
//Step2:通过Authorization Code获取Access Token
if($_REQUEST['state'] == $_SESSION['state'] || 1)
{
//拼接URL
$token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
if (strpos($response, "callback") !== false)//如果登录用户临时改变主意取消了,返回true!==false,否则执行step3
{
$lpos = strpos($response, "(");
$rpos = strrpos($response, ")");
$response = substr($response, $lpos + 1, $rpos - $lpos -1);
$msg = json_decode($response);
if (isset($msg->error))
{
echo "<h3>error:</h3>" . $msg->error;
echo "<h3>msg :</h3>" . $msg->error_description;
exit;
}
}
//Step3:使用Access Token来获取用户的OpenID
$params = array();
parse_str($response, $params);//把传回来的数据参数变量化
$graph_url = "https://graph.qq.com/oauth2.0/me?access_token=".$params['access_token'];
$str = file_get_contents($graph_url);
if (strpos($str, "callback") !== false)
{
$lpos = strpos($str, "(");
$rpos = strrpos($str, ")");
$str = substr($str, $lpos + 1, $rpos - $lpos -1);
}
$user = json_decode($str);//存放返回的数据 client_id ,openid
if (isset($user->error))
{
echo "<h3>error:</h3>" . $user->error;
echo "<h3>msg :</h3>" . $user->error_description;
exit;
}
if(isset($_GET['user'])){//这个if是我用来绑定Openid的,可以根据自己所需编写
$AT->query("UPDATE `act_user` SET `Openid` = '".$user->openid."' WHERE `Uid` = ".$_GET['user']);
exit ('<script>alert("绑定成功!");window.location.href = "./system.php";</script>');
}
//echo("Hello " . $user->openid);
//echo("Hello " . $params['access_token']);
//Step4:使用<span >openid,</span><span >access_token来获取所接受的用户信息。</span>
$user_data_url = "https://graph.qq.com/user/get_user_info?access_token={$params['access_token']}&oauth_consumer_key={$app_id}&openid={$user->openid}&format=json";
$user_data = file_get_contents($user_data_url);//此为获取到的user信息
$return = $AT->get_row("SELECT * FROM act_user where Openid = '".$user->openid."'");//这一块代码根据自己需要编写
if(!$return){
echo '<script>alert("授权站无此用户!");window.location.href = "./login.php";</script>';
}else{
setcookie("ACTuser",$return['token'],time() + 3600);
echo '<script>alert("登录成功!");window.location.href = "./index.php";</script>';
}
}
else
{
echo("The state does not match. You may be a victim of CSRF.");
}
?>
