实现QQ登录ecshop

你是否也经常看到有些网站上有QQ登录、分享到QQ空间、关注等组件,这些都是腾讯推出的开放平台应用。腾讯开放平台包括两部分,一个是QQ互联开放平台,另一个是微博开放平台。这些开放平台应用对草根来说可是巨大福利,因为它可能给网站带来不可预想的回访机会,IP嗖嗖就上来了。

在这里我就简单说一下QQ互联网站介入。

QQ互联开放平台为第三方网站提供了丰富的API。第三方网站接入QQ互联开放平台后,即可通过调用平台提供的API实现用户使用QQ账号登录网站功能,且可以获取到腾讯QQ用户的相关信息。

一. 开发者注册

1. 在QQ互联开放平台首页 http://connect.qq.com/ ,点击右上角的“登录”按钮,使用QQ账号登录

2. 登录成功后会跳转到开发者注册页面,在注册页面需要提交公司或个人的基本资料

二. 网站接入申请

1.网站接入前,需首先进行申请,获得对应的appid与appkey,以保证后续流程中可正确对网站与用户进行验证与授权。

开发者注册成功后,会跳转到“管理中心”页面。点击创建应用,填写相应的信息,如下图所示:

应用信息填写完成,点击“创建应用”后,应用注册完成,进入管理中心,在管理中心可以查看到网站获取的appid和appkey,如下图所示:

在管理中心,点击申请的网站下的“编辑信息”,进入编辑页面,点击右上角的“编辑”按钮,页面进入编辑状态,即可对网站信息进行修改和完善,如下图所示:

现在就可以开发了网站了。
以下代码就是实现qq登录ecshop的代码
php文件(ecshop根目录下)
<?php
session_start();
define(“IN_ECS”, true);
require(dirname(__FILE__) . “/includes/init.php”);
include_once(dirname(__FILE__) . “/includes/lib_base.php”);
include_once(ROOT_PATH . “includes/lib_transaction.php”);
include_once(ROOT_PATH . “includes/lib_passport.php”);
//应用的APPID
$app_id = “xxxxxxx”;
//应用的APPKEY
$app_secret = “xxxxxxxxxxxxxxxxxxxxxxxxxx”;
//成功授权后的回调地址
$my_url = “http://www.XXXXXX.com/qq.php“;
/*第一步*/
$code = $_REQUEST[“code”];
if(empty($code))
{
   $_SESSION[“state”] = md5(uniqid(rand(), TRUE));   
   $dialog_url = “https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=”.$app_id.”&redirect_uri=”.urlencode($my_url).”&state=”.$_SESSION[“state”];
    header(“Location: “.$dialog_url.”\n”);
}
/*第二部*/
if($_REQUEST[“state”] == $_SESSION[“state”])
{
    $token_url = “https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&”.”client_id=”.$app_id.”&redirect_uri=”.urlencode($my_url).”&client_secret=”.$app_secret.”&code=”.$code;
         $response = file_get_contents($token_url);
         if (strpos($response, “callback”) !== false)
         {
                   $lpos = strpos($response, “(“);
                   $rpos = strrpos($response, “)”);
                   $response  = substr($response, $lpos 1, $rpos – $lpos -1);
                   $msg = json_decode($response);
                   if (isset($msg->error))
                   {
                              echo “<h3>error:</h3>” . $msg->error;
                              echo “<h3>msg  :</h3>” . $msg->error_description;
                              exit;
                     }
             }
         /*第三步*/
        $params = array();
        parse_str($response, $params);
        $graph_url = “https://graph.qq.com/oauth2.0/me?access_token=”.$params[“access_token”];
        $str  = file_get_contents($graph_url);
        if (strpos($str, “callback”) !== false)
        {
                 $lpos = strpos($str, “(“);
                 $rpos = strrpos($str, “)”);
                 $str  = substr($str, $lpos 1, $rpos – $lpos -1);
         }
        $user_info = json_decode($str);
         if (isset($user_info->error))
         {
                  echo “<h3>error:</h3>” . $user_info->error;
                  echo “<h3>msg  :</h3>” . $user_info->error_description;
                  exit;
           }

           /*第四部 数据处理*/
          $openid = “qq-” . $user_info->openid;
          $sql = “SELECT user_id, user_name, password, email FROM ” . $GLOBALS[“ecs”]->table(“users”) . ” WHERE openid=”$openid” LIMIT 1″;
           $row = $GLOBALS[“db”]->getRow($sql);
           $_SESSION[“fromqq”] = “”;
           if (!empty($row))
          {
                 //openid存在
                 $user->set_session($row[“user_name”]);
                 $user->set_cookie($row[“user_name”]);
                 if(!empty($row[“email”]))
                  {
                        //邮箱存在
                       header(“Location: index.html\n”); 
                   }
                   else
                   {
                            $_SESSION[“fromqq”] = “fromqq”;
                            //邮箱不存在
                             header(“Location: regbind.php\n”);
                    }
              }
             else
              {
                      $_SESSION[“fromqq”] = “fromqq”;
                       //openid不存在
                      $user_name = time() . “-” . $user_info->openid;
                      $reg_date  = time();
                      $password  = md5(time());
                      $ip = real_ip();
                      $GLOBALS[“db”]->query(“INSERT INTO ” . $GLOBALS[“ecs”]->table(“users”) . “(`user_name`, `password`, `reg_time`, `last_login`,`last_ip`, `openid`) VALUES (“$user_name”, “$password”, “$reg_date”, “$reg_date”,”$ip”, “$openid”)”); 
                      $user->set_session($user_name);
                      $user->set_cookie($user_name); 
                     header(“Location: regbind.php\n”); 
             }
}
else
{
    echo(“The state does not match. You may be a victim of CSRF.”);
}

regbind文件(ecshop根目录下)
<?php
session_start();
define(“IN_ECS”, true);
require(dirname(__FILE__) . “/includes/init.php”);
/* 载入语言文件 */
require_once(ROOT_PATH . “languages/” .$_CFG[“lang”]. “/regbind.php”);
if($_SESSION[“user_name”] && $_SESSION[“fromqq”] == “fromqq”)
{
       if($_POST[“username”])
       {
                 $username = isset($_POST[“username”]) ? trim($_POST[“username”]) : “”;
                 $email = isset($_POST[“email”]) ? trim($_POST[“email”]) : “”;
                 $pwd = isset($_POST[“password”]) ? trim(md5($_POST[“password”])) : “”;
                 $sql = “UPDATE ” . $ecs->table(“users”) . ” SET `email`=”$email”, `user_name`=”$username”,`password`=”$pwd”  WHERE `user_name`=”” . $_SESSION[“user_name”] . “””;
                $db->query($sql);
                $_SESSION[“fromqq”] == “”;
                $user->set_session($username);
                $user->set_cookie($username);
                header(“Location: index.html\n”);
       }
}
else
{
         header(“Location: index.html\n”);
}
$smarty->assign(“lang”, $_LANG);
$smarty->display(“regbind.dwt”);