<? php /* Plugin Name: WeChat public platform verification code view plug-in Plugin URI: https://gitcafe.net/ Description: WeChat public platform verification code visible plug-in, interface address: domain name? wxcaptcha , Actually, it's casual Version: 1.0 Author: Cloudfall Author URI: https://gitcafe.net/ */ //This token must be consistent with the settings in WeChat public platform define('WX_TOKEN', ''); define('WX_QR', '');// QR code of public account //The following contents do not need to be changed /***WeChat start***/ class Wechat_Captcha { function __construct($wx_captcha) { $this->captcha = $wx_captcha; } private function checkSignature() { $signature = $_GET["signature"]; $timestamp = $_GET["timestamp"]; $nonce = $_GET["nonce"]; $token = WX_TOKEN; $tmpArr = array($token, $timestamp, $nonce); sort($tmpArr, SORT_STRING); $tmpStr = implode($tmpArr); $tmpStr = sha1($tmpStr); if ($tmpStr == $signature) return true; else return false; } protected function valid() { $echoStr = $_GET["echostr"]; //valid signature , option if ($this->checkSignature()) { echo $echoStr; exit; } else { echo 'error signature'; } } public function responseMsg() { //If it is a verification request, perform signature verification and exit if (! empty($_GET["echostr"])) { $this->valid(); //Verify whether the signature is valid return; //Return to Exit } if ($_SERVER['REQUEST_METHOD'] != ' POST') { echo ''; return; } //If it is not a validation request, then //First, get the original POST data (XML format) //$postData = $GLOBALS["HTTP_RAW_POST_DATA"]; $postData = file_get_contents(' php://input '); if (empty($postData)) { echo ''; return; } //If there is no POST data, exit if (! empty($postData)) { //Parse POST data (XML format) $object = simplexml_load_string($postData, 'SimpleXMLElement', LIBXML_NOCDATA); $messgeType = trim($object->MsgType);// Get message type $this->fromUser = "" . $ object->FromUserName; $this->toUser = "" . $ object->ToUserName; $keyword = trim($object->Content); If ($messgeType=='text'&&$keyword=='verification code'){ $response_content='Your verification code is: ['. $this ->captcha. '], and the validity of the verification code is 2 minutes. Please use it quickly, and apply again after expiration'; $xmlTemplate = "<xml> <ToUserName><! [CDATA[%s]]></ToUserName> <FromUserName><! [CDATA[%s]]></FromUserName> <CreateTime>%s</CreateTime> <MsgType><! [CDATA[text]]></MsgType> <Content><! [CDATA[%s]]></Content> <FuncFlag>%d</FuncFlag> </xml>"; $xmlText = sprintf($xmlTemplate, $this->fromUser, $this->toUser, time(), $response_content, 0); echo $xmlText; } } else { echo ""; exit; } } } //class end //Generate WeChat verification code function wx_captcha(){ date_default_timezone_set('Asia/Shanghai'); $min = floor(date("i")/2); $day = date("d"); $day = ltrim($day,0); $url = home_url(); $captcha = sha1($min.$url.WX_TOKEN); $captcha = substr($captcha , $day , 6); return $captcha; } function wx_process() { global $object; $object = new Wechat_Captcha(wx_captcha()); $object->responseMsg(); return; } add_action('pre_get_posts', 'wx_process', 4); /***WeChat end***/ /***WP end start***/ //Password Visible function wx_captcha_view() { $action = $_POST['action']; $post_id = $_POST['id']; $pass = $_POST['pass']; $wxcaptcha = wx_captcha(); if(! isset( $action ) || ! isset( $post_id ) || ! isset( $pass ) ) exit('400'); if($pass == $wxcaptcha ) { $pass_content = get_post_meta($post_id, '_pass_content')[0]; exit($pass_content); }else{ exit('400'); } } add_action('wp_ajax_nopriv_gdk_pass_view', 'wx_captcha_view'); add_action('wp_ajax_gdk_pass_view', 'wx_captcha_view'); //Some contents are visible after entering the password function gdk_secret_view($atts, $content = null) { $pid = get_the_ID(); add_post_meta($pid, '_pass_content', $content, true) or update_post_meta($pid, '_pass_content', $content); if ( current_user_can( 'administrator' ) ) { return $content; }//admin show return '<link rel="stylesheet" id="pure_css-css" href=" https://cdn.jsdelivr.net/npm/css-mint @2.0.7/build/css-mint.min.css? ver=0.0.1" type="text/css"/> <div class="cm-grid cm-card pass_viewbox"> <div class="cm-row"> <div class="cm-col-md-4"> <img src="'.WX_QR.'" class="cm-resp-img"> </div> <div class="cm-col-md-8"> <div class="hide_content_info" style="margin:10px 0"> <div class="cm alert primary">The content of this section has been hidden. You need to scan the code to follow the WeChat official account to apply for verification code, and send [verification code] to obtain the verification code. The verification code is valid for 2 minutes</div> <input type="text" id="pass_view" placeholder="Enter the verification code and submit it" style="width: 70%"> & nbsp;<input id="submit_pass_view" class="cm-btn success" data-action="gdk_pass_view" data-id="'.$ Pid. '"type=" button "value=" Submit "> </div> </div> </div> </div> <script type="text/javascript" src=" https://cdn.jsdelivr.net/npm/jquery @2.1.0/dist/jquery.min.js? ver=2.1"></script> <script> function show_hide_content(a, b) { $(a).hide(); $(a).after("<div class=\"cm-alert success\">" + b + "</div>"); } /** *Click to open the password */ $("#submit_pass_view").click(function () { var ajax_data = { action: $("#submit_pass_view").data("action"), id: $("#submit_pass_view").data("id"), pass: $("#pass_view").val() }; $.post("'.admin_url( 'admin-ajax.php' ).'", ajax_data, function (c) { c = $.trim(c); if (c !== "400") { show_hide_content(".pass_viewbox", c); LocalStorage. setItem ("gdk_pass_"+ajax_data ["id"], c)*/ } else { Alert ("Your password is wrong, please apply again"); } }); }); /** *Automatically read content from browser if password is visible *And display that a delay processing is added here */ (function () { If ($("# submit_pass_view"). length>0) {/* * Execute if the password is visible on the website*/ setTimeout(function () { var id = "gdk_pass_" + $("#submit_pass_view").data("id"), length = localStorage.length; for (var i = 0; i < length; i++) { var key = localStorage.key(i), value = localStorage.getItem(key); If (key. indexOf (id)>=0) {/* Find target*/ show_hide_content(".pass_viewbox", value); break; } } }, 900); } }()); /**Password visible end*/ </script> '; } add_shortcode('wxcaptcha', 'gdk_secret_view'); //Buttons function wx_captcha_btn() { ?> <script type="text/javascript"> QTags. addButton ('wxcaptcha ',' WeChat official account verification code visible ',' [wxcaptcha] ',' [/wxcaptcha] n ')// Quick Input Label </script> <? php } add_action('after_wp_tiny_mce', 'wx_captcha_btn'); /***WP end***/
//This token must be consistent with the settings in WeChat public platform define('WX_TOKEN', ''); define('WX_QR', '');// QR code of public account