public function QRcode() $url='https://ssl.ptlogin2.qq.com/ptqrshow?appid=549000912&e=2&l=M&s=4&d=72&v=4&t=0.5409099'.time().'&daid=5'; $arr=$this->get_curl_split($url); preg_match('/qrsig=(.*?);/',$arr['header'],$match); if($qrsig=$match[1]) return array('code'=>200,'qrsig'=>$qrsig,'data'=>base64_encode($arr['body'])); return array('code'=>400,'msg'=>'二维码获取失败'); public function ListenQR($qrsig) $qrsig = $qrsig[0]; if(empty($qrsig))return array('code'=>-1,'msg'=>'qrsig不能为空'); $url='https://ssl.ptlogin2.qq.com/ptqrlogin?u1=https%3A%2F%2Fqzs.qq.com%2Fqzone%2Fv5%2Floginsucc.html%3Fpara%3Dizone&ptqrtoken='.$this->getqrtoken($qrsig).'&login_sig=&ptredirect=0&h=1&t=1&g=1&from_ui=1&ptlang=2052&action=0-0-'.time().'0000&js_ver=10194&js_type=1&pt_uistyle=40&aid=549000912&daid=5&'; $ret = $this->get_curl($url,0,$url,'qrsig='.$qrsig.'; ',1); if(preg_match("/ptuiCB\('(.*?)'\)/", $ret, $arr)){ $r=explode("','",str_replace("', '","','",$arr[1])); if($r[0]==0){ preg_match('/uin=(\d+)&/',$ret,$uin); $uin=$uin[1]; preg_match('/skey=@(.{9});/',$ret,$skey); preg_match('/superkey=(.*?);/',$ret,$superkey); $data=$this->get_curl($r[2],0,0,0,1); if($data) { preg_match("/p_skey=(.*?);/", $data, $matchs); $pskey = $matchs[1]; if($pskey){ if(isset($_GET['findpwd'])){ $_SESSION['findpwd_qq']=$uin; return array('code'=>200,'uin'=>$uin,'skey'=>'@'.$skey[1],'pskey'=>$pskey,'superkey'=>$superkey[1],'nick'=>$r[5]); }else{ return array('code'=>201,'msg'=>'登录成功,获取相关信息失败!'.$r[2]); }elseif($r[0]==65){ return array('code'=>400,'msg'=>'二维码已失效。'); }elseif($r[0]==66){ return array('code'=>202,'msg'=>'二维码未失效。'); }elseif($r[0]==67){ return array('code'=>302,'msg'=>'正在验证二维码。'); }else{ return array('code'=>401,'msg'=>$r[4]); }else{ return array('code'=>403,'msg'=>$ret); private function getqrtoken($qrsig){ $len = strlen($qrsig); $hash = 0; for($i = 0; $i < $len; $i++){ $hash += (($hash << 5) & 2147483647) + ord($qrsig[$i]) & 2147483647; $hash &= 2147483647; return $hash & 2147483647; class Wechat extends Curl_Api //获取验证码 public function QRcode() $url = "https://login.weixin.qq.com/jslogin?appid=wx782c26e4c19acffb&fun=new&lang=zh_CN"; $uuid = $this->get_curl($url); // var_dump($uuid); $uuid = substr($uuid,strpos($uuid,'"')+1,-2); $url = "https://login.wx.qq.com/qrcode/{$uuid}?t=webwx"; $qrcode = file_get_contents($url); $result = ['code'=>200,'uuid'=>$uuid,'qrcode'=>base64_encode($qrcode)]; return $result; public function ListenQR($uuid) $paras['ctime'] = 1000; $paras['rtime'] = 1000; $paras['refer'] = 'https://wx2.qq.com/'; $api = 'https://login.wx2.qq.com/cgi-bin/mmwebwx-bin/login?loginicon=true&uuid=' . $uuid[0] . '&tip=0'; $body = $this->curl($api, $paras); preg_match('/(\d){3}/', $body, $code); preg_match('/redirect_uri="(.*?)"/', $body, $url); if ($code[0] == '200') { $body = $this->curl($url[1]); preg_match('/(\d*?)<\/wxuin>/', $body, $wxuin); $ret['code'] = 200; $ret['data']['uin'] = $wxuin[1]; $ret['data']['type'] = 'wx'; $ret['msg'] = '登录成功'; } else { $ret['code'] = 408; $ret['msg'] = '请使用手机微信扫码登录'; return $ret;

为了方便跳用,这里我又封装了一个类
动态传入QQ微信的类名字符串快速实例化
Tencent类:

Class Tencent{ protected $path = __DIR__ . '/'; private $cl; * 动态传入QQ或WX字符串,自动转换对应的api类登录 public function __construct($type) //注册自动加载函数 spl_autoload_register([$this,'Psr4Autoload']); //引入curl $this->cl = new $type(); public function Psr4Autoload($class) $class_file = $this->path .'/'. $class . '.php'; if (file_exists($class_file)) include "$class_file"; }else{ die('类文件'.$class_file .'不存在'); public function QRcode() return call_user_func([$this->cl,__FUNCTION__]); public function ListenQR(...$args) return call_user_func([$this->cl,__FUNCTION__],$args); public function __call($name, $arguments) call_user_func_array([$this->cl,$name],(array)$arguments);

以及最后一个curl类:

class Curl_Api public $ua = "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36"; public function get_curl($url,$post=0,$referer=0,$cookie=0,$header=0,$ua=0,$nobaody=0){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); $httpheader[] = "Accept: application/json"; $httpheader[] = "Accept-Encoding: gzip,deflate,sdch"; $httpheader[] = "Accept-Language: zh-CN,zh;q=0.8"; $httpheader[] = "Connection: keep-alive"; curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheader); if($post){ curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); if($header){ curl_setopt($ch, CURLOPT_HEADER, TRUE); if($cookie){ curl_setopt($ch, CURLOPT_COOKIE, $cookie); if($referer){ curl_setopt($ch, CURLOPT_REFERER, $referer); if($ua){ curl_setopt($ch, CURLOPT_USERAGENT,$ua); }else{ curl_setopt($ch, CURLOPT_USERAGENT,$this->ua); if($nobaody){ curl_setopt($ch, CURLOPT_NOBODY,1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_ENCODING, "gzip"); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); $ret = curl_exec($ch); curl_close($ch); return $ret; function curl($url, $paras = array()) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); $httpheader[] = "Accept:*/*"; $httpheader[] = "Accept-Encoding:gzip,deflate,sdch"; $httpheader[] = "Accept-Language:zh-CN,zh;q=0.8"; $httpheader[] = "Connection:close"; curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheader); if ($paras['ctime']) { // 连接超时 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT_MS, $paras['ctime']); if ($paras['rtime']) { // 读取超时 curl_setopt($ch, CURLOPT_TIMEOUT_MS, $paras['rtime']); if ($paras['post']) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $paras['post']); if ($paras['header']) { curl_setopt($ch, CURLOPT_HEADER, true); if ($paras['cookie']) { curl_setopt($ch, CURLOPT_COOKIE, $paras['cookie']); if ($paras['refer']) { if ($paras['refer'] == 1) { curl_setopt($ch, CURLOPT_REFERER, 'http://m.qzone.com/infocenter?g_f='); } else { curl_setopt($ch, CURLOPT_REFERER, $paras['refer']); if ($paras['ua']) { curl_setopt($ch, CURLOPT_USERAGENT, $paras['ua']); } else { curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"); if ($paras['nobody']) { curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_ENCODING, "gzip"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $ret = curl_exec($ch); curl_close($ch); return $ret; public function get_curl_split($url){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); $httpheader[] = "Accept: */*"; $httpheader[] = "Accept-Encoding: gzip,deflate,sdch"; $httpheader[] = "Accept-Language: zh-CN,zh;q=0.8"; $httpheader[] = "Connection: keep-alive"; curl_setopt($ch, CURLOPT_HTTPHEADER, $httpheader); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_USERAGENT,$this->ua); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_ENCODING, "gzip"); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); $ret = curl_exec($ch); $headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE); $header = substr($ret, 0, $headerSize); $body = substr($ret, $headerSize); $ret=array(); $ret['header']=$header; $ret['body']=$body; curl_close($ch); return $ret;

大致调用的流程
1、保存四个类到文件里面
2、引入文件
3、单独写两个接口,一个生成qr码(base64),一个轮询二维码扫码状态
4、用户扫码成功后、会返回一个QQ号火微信唯一id
5、这里我只演示一个微信扫码登陆的例子


生成二维码并轮询检测二维码状态 login.php :

//我这里只引入了一个文件的原因是因为Wechat和QQ类不用引入、只需要把Curl_Api请求类引入进来就好,但我Tencent类内已经引入了。所以这里我只需要引入一个文件就好 include "Lib/Tencent/Tencent.php"; $wx = new Tencent("Wechat"); $ret = $wx->QRcode(); <!--直接生成QR码、记得把uuid给带上--> <img id="wx" src="data:text/html;base64,<?=$ret['qrcode']?>" uuid="<?=$ret['uuid']?>"> <script src="https://cdn.bootcss.com/jquery/3.4.1/jquery.js"></script> <script> // setTimeout(function () { // var uuid = document.getElementById('wx').getAttribute("uuid"); // var url ="/ajax.php?uuid="+uuid; // console.log(url); // },1000); //每秒去查询一次二维码状态 $(document).ready(function () { setInterval(function () { var uuid = document.getElementById('wx').getAttribute("uuid"); var url ="/ajax.php?uuid="+uuid; $.ajax({type:"GET",url:url,success:function (data) { if (data.code == 200) alert("登陆成功,uin为:"+data.uid); },1000); </script>

ajax.php :

include "Lib/Tencent/Tencent.php"; $wx = new Tencent("Wechat"); //直接获取到uuid后,监听就好了 $ret = $wx->ListenQR($_GET['uuid']); //var_dump($ret); echo json_encode($ret,true);exit;

这个例子是微信的,QQ同样的代码一样可以运行

  • 数据库用户表多一个qq和wxuin字段、用于保存用户绑定的QQ和微信
  • 上面那个仅仅只是个例子,可能写的不是很好。大佬勿喷
  • 有什么疑问可在帖子下方发表一下
  •