文章目录[隐藏]
实操指南:集成社交媒体登录分享的3个便捷方法(WordPress开发版)
引言:为什么需要社交媒体集成?
在当今数字时代,社交媒体已成为用户身份验证和内容分享的重要渠道。对于WordPress网站而言,集成社交媒体登录和分享功能不仅能提升用户体验,还能显著增加用户注册转化率和内容传播范围。据统计,提供社交媒体登录选项的网站,其注册转化率平均提升20%以上。
对于WordPress开发者和行业新人来说,实现这些功能有多种途径,从简单的插件集成到完全自定义的代码开发。本文将深入探讨三种不同复杂程度的实现方法,帮助您根据项目需求选择最合适的方案。
方法一:使用专业插件快速实现(适合新手)
1.1 插件选择与比较
对于刚接触WordPress开发的新手,使用专业插件是最快捷的实现方式。以下是几款优秀的社交媒体集成插件:
- Nextend Social Login:免费版支持Facebook、Google、Twitter等主流平台,界面友好,配置简单
- Super Socializer:提供登录、分享和评论集成,免费功能全面
- Social Login, Share, and Engagement:专注于社交媒体互动,提供丰富的自定义选项
1.2 Nextend Social Login详细配置步骤
- 安装与激活:通过WordPress后台插件库搜索安装,或上传插件文件
-
配置API密钥:
- 前往各社交媒体开发者平台创建应用
- 获取Client ID和Client Secret
- 在插件设置页面填入对应信息
-
基础配置示例:
// 插件通常提供短代码或小工具 // 登录按钮短代码 [social_login] // 分享按钮短代码 [social_share] - 样式自定义:通过插件设置调整按钮样式、位置和显示逻辑
1.3 优缺点分析
优点:
- 无需编码知识,快速部署
- 持续更新维护,兼容性好
- 提供详细文档和社区支持
缺点:
- 自定义程度有限
- 可能增加网站加载时间
- 高级功能通常需要付费
方法二:混合方案 - 插件结合自定义代码(适合中级开发者)
2.1 选择合适的框架插件
当需要更多自定义功能时,可以选择框架型插件作为基础:
- OAuth Client by DigitialPixies:提供OAuth基础框架
- WP OAuth Server:创建自己的OAuth服务器
- Custom Login/Register Plugin:自定义登录注册插件
2.2 自定义社交媒体登录功能
2.2.1 创建自定义登录页面模板
// 在主题的page模板中创建社交媒体登录区域
function custom_social_login_section() {
if (!is_user_logged_in()) {
ob_start(); ?>
<div class="social-login-container">
<h3>使用社交账号登录</h3>
<div class="social-buttons">
<!-- Facebook登录 -->
<a href="<?php echo wp_login_url(); ?>?action=facebook_login"
class="social-btn facebook-btn">
<i class="fab fa-facebook-f"></i> Facebook登录
</a>
<!-- Google登录 -->
<a href="<?php echo wp_login_url(); ?>?action=google_login"
class="social-btn google-btn">
<i class="fab fa-google"></i> Google登录
</a>
<!-- 微信登录(需要额外配置) -->
<a href="<?php echo wp_login_url(); ?>?action=wechat_login"
class="social-btn wechat-btn">
<i class="fab fa-weixin"></i> 微信登录
</a>
</div>
<div class="login-divider">
<span>或</span>
</div>
</div>
<?php
return ob_get_clean();
}
}
add_shortcode('custom_social_login', 'custom_social_login_section');2.2.2 处理OAuth回调
// 处理社交媒体回调
add_action('init', 'handle_social_login_callback');
function handle_social_login_callback() {
if (isset($_GET['action'])) {
$action = sanitize_text_field($_GET['action']);
switch ($action) {
case 'facebook_login':
handle_facebook_login();
break;
case 'google_login':
handle_google_login();
break;
case 'wechat_login':
handle_wechat_login();
break;
}
}
}
// Facebook登录处理示例
function handle_facebook_login() {
// 验证state参数防止CSRF攻击
if (!wp_verify_nonce($_GET['state'], 'facebook_login_nonce')) {
wp_die('安全验证失败');
}
// 获取授权码
$code = sanitize_text_field($_GET['code']);
if ($code) {
// 交换access_token
$token_response = wp_remote_post('https://graph.facebook.com/v12.0/oauth/access_token', [
'body' => [
'client_id' => FACEBOOK_APP_ID,
'client_secret' => FACEBOOK_APP_SECRET,
'redirect_uri' => home_url('/wp-login.php?action=facebook_login'),
'code' => $code
]
]);
if (!is_wp_error($token_response)) {
$tokens = json_decode(wp_remote_retrieve_body($token_response), true);
$access_token = $tokens['access_token'];
// 获取用户信息
$user_info_response = wp_remote_get(
"https://graph.facebook.com/me?fields=id,name,email&access_token=" . $access_token
);
if (!is_wp_error($user_info_response)) {
$user_info = json_decode(wp_remote_retrieve_body($user_info_response), true);
// 创建或登录用户
social_login_user($user_info, 'facebook');
}
}
}
}2.2.3 用户创建与登录逻辑
function social_login_user($user_data, $provider) {
$email = $user_data['email'];
$social_id = $user_data['id'];
// 检查用户是否已存在
$user = get_user_by('email', $email);
if (!$user) {
// 创建新用户
$username = sanitize_user(str_replace(' ', '_', strtolower($user_data['name'])), true);
$username = $username . '_' . substr($social_id, 0, 4);
// 确保用户名唯一
$counter = 1;
$original_username = $username;
while (username_exists($username)) {
$username = $original_username . '_' . $counter;
$counter++;
}
// 生成随机密码
$password = wp_generate_password(12, true, true);
// 创建用户
$user_id = wp_create_user($username, $password, $email);
if (!is_wp_error($user_id)) {
// 更新用户信息
wp_update_user([
'ID' => $user_id,
'display_name' => $user_data['name'],
'first_name' => isset($user_data['first_name']) ? $user_data['first_name'] : '',
'last_name' => isset($user_data['last_name']) ? $user_data['last_name'] : '',
]);
// 保存社交媒体ID
update_user_meta($user_id, $provider . '_id', $social_id);
$user = get_user_by('id', $user_id);
}
} else {
// 检查社交媒体ID是否匹配
$existing_social_id = get_user_meta($user->ID, $provider . '_id', true);
if (empty($existing_social_id)) {
// 首次使用此社交媒体登录,保存ID
update_user_meta($user->ID, $provider . '_id', $social_id);
} elseif ($existing_social_id != $social_id) {
// ID不匹配,可能是安全问题
wp_die('账户验证失败,请联系管理员');
}
}
// 登录用户
if ($user && !is_wp_error($user)) {
wp_clear_auth_cookie();
wp_set_current_user($user->ID);
wp_set_auth_cookie($user->ID, true);
// 重定向到指定页面
$redirect_to = home_url('/dashboard/');
wp_redirect($redirect_to);
exit;
}
}2.3 自定义社交媒体分享功能
2.3.1 创建分享按钮组件
// 在文章/页面中自动添加分享按钮
add_filter('the_content', 'add_social_share_buttons', 99);
function add_social_share_buttons($content) {
if (is_single() || is_page()) {
$share_buttons = generate_social_share_buttons();
$content .= $share_buttons;
}
return $content;
}
function generate_social_share_buttons() {
global $post;
$post_url = urlencode(get_permalink($post->ID));
$post_title = urlencode(get_the_title($post->ID));
$post_excerpt = urlencode(wp_trim_words(get_the_excerpt(), 20));
$featured_image = urlencode(get_the_post_thumbnail_url($post->ID, 'full'));
ob_start(); ?>
<div class="social-share-container">
<h4>分享这篇文章</h4>
<div class="share-buttons">
<!-- 微信分享(需要自定义实现) -->
<button class="share-btn wechat-share" data-title="<?php echo $post_title; ?>"
data-url="<?php echo $post_url; ?>" data-desc="<?php echo $post_excerpt; ?>">
<i class="fab fa-weixin"></i> 微信
</button>
<!-- 微博分享 -->
<a href="http://service.weibo.com/share/share.php?url=<?php echo $post_url; ?>&title=<?php echo $post_title; ?>"
target="_blank" class="share-btn weibo-share">
<i class="fab fa-weibo"></i> 微博
</a>
<!-- QQ分享 -->
<a href="http://connect.qq.com/widget/shareqq/index.html?url=<?php echo $post_url; ?>&title=<?php echo $post_title; ?>&source=<?php echo get_bloginfo('name'); ?>"
target="_blank" class="share-btn qq-share">
<i class="fab fa-qq"></i> QQ
</a>
<!-- Facebook分享 -->
<a href="https://www.facebook.com/sharer/sharer.php?u=<?php echo $post_url; ?>"
target="_blank" class="share-btn facebook-share">
<i class="fab fa-facebook-f"></i> Facebook
</a>
<!-- Twitter分享 -->
<a href="https://twitter.com/intent/tweet?url=<?php echo $post_url; ?>&text=<?php echo $post_title; ?>"
target="_blank" class="share-btn twitter-share">
<i class="fab fa-twitter"></i> Twitter
</a>
</div>
</div>
<?php
return ob_get_clean();
}2.3.2 微信分享特殊处理
// 微信分享需要特殊处理(生成二维码)
add_action('wp_footer', 'add_wechat_share_modal');
function add_wechat_share_modal() {
?>
<div id="wechat-share-modal" class="modal">
<div class="modal-content">
<span class="close-modal">×</span>
<h3>微信分享</h3>
<p>使用微信扫描二维码分享给朋友</p>
<div id="wechat-qrcode"></div>
<p class="tip">二维码有效期5分钟</p>
</div>
</div>
<script>
// 使用QRCode.js生成二维码
jQuery(document).ready(function($) {
$('.wechat-share').on('click', function() {
var title = $(this).data('title');
var url = $(this).data('url');
var desc = $(this).data('desc');
// 显示模态框
$('#wechat-share-modal').show();
// 生成分享链接(这里需要后端API支持)
$.ajax({
url: '<?php echo admin_url("admin-ajax.php"); ?>',
type: 'POST',
data: {
action: 'generate_wechat_share_url',
title: title,
url: url,
desc: desc,
nonce: '<?php echo wp_create_nonce("wechat_share_nonce"); ?>'
},
success: function(response) {
if (response.success) {
// 生成二维码
$('#wechat-qrcode').empty();
new QRCode(document.getElementById("wechat-qrcode"), {
text: response.data.url,
width: 200,
height: 200
});
}
}
});
});
// 关闭模态框
$('.close-modal').on('click', function() {
$('#wechat-share-modal').hide();
});
});
</script>
<?php
}
// 处理AJAX请求
add_action('wp_ajax_generate_wechat_share_url', 'generate_wechat_share_url');
add_action('wp_ajax_nopriv_generate_wechat_share_url', 'generate_wechat_share_url');
function generate_wechat_share_url() {
// 验证nonce
if (!wp_verify_nonce($_POST['nonce'], 'wechat_share_nonce')) {
wp_die('安全验证失败');
}
// 这里需要接入微信JS-SDK或第三方服务
// 示例:使用草料API生成二维码
$title = sanitize_text_field($_POST['title']);
$url = esc_url_raw($_POST['url']);
$desc = sanitize_text_field($_POST['desc']);
// 创建短链接(可选)
$short_url = create_short_url($url);
// 返回数据
wp_send_json_success([
'url' => $short_url ?: $url,
'title' => $title,
'desc' => $desc
]);
}2.4 混合方案的优势与注意事项
优势:
- 平衡了开发效率与自定义需求
- 可以根据项目需求灵活调整
- 代码可控,便于维护和扩展
注意事项:
- 需要基本的PHP和JavaScript知识
- 必须正确处理安全验证(nonce、state参数)
- 需要定期更新OAuth集成代码
方法三:完全自定义开发(适合高级开发者)
3.1 构建完整的OAuth集成类
class WP_Social_Auth_Integration {
private $providers = [];
private $options = [];
public function __construct() {
$this->load_providers();
$this->init_hooks();
}
private function load_providers() {
// 加载社交媒体提供商类
require_once 'providers/class-facebook-provider.php';
require_once 'providers/class-google-provider.php';
require_once 'providers/class-wechat-provider.php';
$this->providers = [
'facebook' => new Facebook_Provider(),
'google' => new Google_Provider(),
'wechat' => new Wechat_Provider()
];
}
private function init_hooks() {
add_action('login_form', [$this, 'add_social_login_buttons']);
add_action('wp_ajax_social_auth', [$this, 'handle_auth_callback']);
add_action('wp_ajax_nopriv_social_auth', [$this, 'handle_auth_callback']);
add_action('wp_enqueue_scripts', [$this, 'enqueue_assets']);
}
public function add_social_login_buttons() {
foreach ($this->providers as $key => $provider) {
if ($provider->is_enabled()) {
echo $provider->get_login_button();
}
}
}
public function handle_auth_callback() {
$provider = sanitize_text_field($_GET['provider']);
if (isset($this->providers[$provider])) {
$this->providers[$provider]->handle_callback();
}
wp_die();
}
public function enqueue_assets() {
wp_enqueue_style('social-auth-style',
plugin_dir_url(__FILE__) . 'assets/css/social-auth.css');
wp_enqueue_script('social-auth-script',
plugin_dir_url(__FILE__) . 'assets/js/social-auth.js',
['jquery'], '1.0', true);
wp_localize_script('social-auth-script', 'social_auth', [
'ajax_url' => admin_url('admin-ajax.php'),
'nonce' => wp_create_nonce('social_auth_nonce')
]);
}
}
// 提供商基类
abstract class Social_Provider {
protected $client_id;
protected $client_secret;
protected $redirect_uri;
protected $scope;
abstract public function get_login_button();
abstract public function handle_callback();
abstract public function get_user_data($access_token);
public function is_enabled() {
return !empty($this->client_id) && !empty($this->client_secret);
}
protected function exchange_code_for_token($code, $token_url) {
$response = wp_remote_post($token_url, [
'body' => [
'code' => $code,
'client_id' => $this->client_id,
'client_secret' => $this->client_secret,
'redirect_uri' => $this->redirect_uri,
'grant_type' => 'authorization_code'
]
]);
if (!is_wp_error($response)) {
$body = json_decode(wp_remote_retrieve_body($response), true);
return isset($body['access_token']) ? $body['access_token'] : false;
}
return false;
}
protected function create_or_login_user($user_data, $provider_name) {
$email = $user_data['email'];
$social_id = $user_data['id'];
// 查找现有用户
$user = get_user_by('email', $email);
if (!$user) {
// 创建新用户
$user_id = $this->create_new_user($user_data, $provider_name, $social_id);
$user = get_user_by('id', $user_id);
} else {
// 验证并更新现有用户
$this->update_existing_user($user, $provider_name, $social_id);
}
// 执行登录
if ($user && !is_wp_error($user)) {
$this->perform_login($user);
return true;
}
return false;
}
private function create_new_user($user_data, $provider_name, $social_id) {
$username = $this->generate_unique_username($user_data['name'], $social_id);
$password = wp_generate_password(16, true, true);
$user_id = wp_create_user($username, $password, $user_data['email']);
if (!is_wp_error($user_id)) {
// 更新用户信息
wp_update_user([
'ID' => $user_id,
'display_name' => $user_data['name'],
'first_name' => $user_data['first_name'] ?? '',
'last_name' => $user_data['last_name'] ?? '',
'role' => 'subscriber' // 默认角色
]);
// 保存社交媒体信息
update_user_meta($user_id, $provider_name . '_id', $social_id);
update_user_meta($user_id, $provider_name . '_data', $user_data);
// 发送欢迎邮件
$this->send_welcome_email($user_id, $password);
}
return $user_id;
}
private function generate_unique_username($name, $social_id) {
$base_username = sanitize_user(str_replace(' ', '_', strtolower($name)), true);
$username = $base_username . '_' . substr($social_id, 0, 4);
$counter = 1;
$original_username = $username;
while (username_exists($username)) {
$username = $original_username . '_' . $counter;
$counter++;
}
return $username;
}}
// Facebook提供商实现
class Facebook_Provider extends Social_Provider {
public function __construct() {
$this->client_id = get_option('facebook_app_id');
$this->client_secret = get_option('facebook_app_secret');
$this->redirect_uri = home_url('/wp-json/social-auth/v1/facebook/callback');
$this->scope = 'email,public_profile';
}
public function get_login_button() {
$auth_url = 'https://www.facebook.com/v12.0/dialog/oauth?' . http_build_query([
'client_id' => $this->client_id,
'redirect_uri' => $this->redirect_uri,
'scope' => $this->scope,
'state' => $this->generate_state_token(),
'response_type' => 'code'
]);
return sprintf(
'<a href="%s" class="social-login-btn facebook-btn">%s</a>',
esc_url($auth_url),
'<i class="fab fa-facebook-f"></i> 使用Facebook登录'
);
}
public function handle_callback() {
// 验证state参数
if (!isset($_GET['state']) || !$this->verify_state_token($_GET['state'])) {
wp_die('无效的请求');
}
if (isset($_GET['code'])) {
$code = sanitize_text_field($_GET['code']);
$access_token = $this->exchange_code_for_token($code,
'https://graph.facebook.com/v12.0/oauth/access_token');
if ($access_token) {
$user_data = $this->get_user_data($access_token);
if ($user_data) {
$this->create_or_login_user($user_data, 'facebook');
wp_redirect(home_url('/'));
exit;
}
}
}
wp_redirect(wp_login_url());
exit;
}
public function get_user_data($access_token) {
$response = wp_remote_get(
"https://graph.facebook.com/me?" . http_build_query([
'fields' => 'id,name,email,first_name,last_name,picture',
'access_token' => $access_token
])
);
if (!is_wp_error($response)) {
$data = json_decode(wp_remote_retrieve_body($response), true);
return [
'id' => $data['id'],
'email' => $data['email'],
'name' => $data['name'],
'first_name' => $data['first_name'],
'last_name' => $data['last_name'],
'avatar' => $data['picture']['data']['url'] ?? ''
];
}
return false;
}
private function generate_state_token() {
$state = wp_generate_password(32, false);
set_transient('facebook_state_' . $state, time(), HOUR_IN_SECONDS);
return $state;
}
private function verify_state_token($state) {
$transient = get_transient('facebook_state_' . $state);
return $transient !== false;
}}
### 3.2 实现REST API端点
// 注册REST API端点用于处理OAuth回调
add_action('rest_api_init', 'register_social_auth_endpoints');
function register_social_auth_endpoints() {
// Facebook回调端点
register_rest_route('social-auth/v1', '/facebook/callback', [
'methods' => 'GET',
'callback' => 'handle_facebook_callback',
'permission_callback' => '__return_true'
]);
// Google回调端点
register_rest_route('social-auth/v1', '/google/callback', [
'methods' => 'GET',
'callback' => 'handle_google_callback',
'permission_callback' => '__return_true'
]);
// 获取分享统计
register_rest_route('social-auth/v1', '/share-stats/(?P<id>d+)', [
'methods' => 'GET',
'callback' => 'get_share_statistics',
'permission_callback' => function() {
return current_user_can('edit_posts');
}
]);}
function handle_facebook_callback(WP_REST_Request $request) {
$code = $request->get_param('code');
$state = $request->get_param('state');
// 验证state
if (!$state || !get_transient('facebook_state_' . $state)) {
return new WP_Error('invalid_state', '无效的state参数', ['status' => 400]);
}
// 处理登录逻辑
$result = process_facebook_login($code);
if (is_wp_error($result)) {
return $result;
}
// 重定向到前端页面
$redirect_url = home_url('/?social_login=success');
wp_redirect($redirect_url);
exit;}
### 3.3 高级分享功能实现
class Advanced_Social_Share {
private $post_types = ['post', 'page'];
private $providers = ['wechat', 'weibo', 'qq', 'facebook', 'twitter'];
public function __construct() {
add_action('wp_head', [$this, 'add_open_graph_tags']);
add_action('wp_footer', [$this, 'add_share_scripts']);
add_filter('the_content', [$this, 'add_share_buttons_to_content']);
add_action('wp_ajax_track_share', [$this, 'track_share_action']);
add_action('wp_ajax_nopriv_track_share', [$this, 'track_share_action']);
}
public function add_open_graph_tags() {
if (is_single()) {
global $post;
$image = get_the_post_thumbnail_url($post->ID, 'large') ?:
get_site_icon_url() ?:
'';
echo '<meta property="og:title" content="' . esc_attr(get_the_title()) . '" />' . "n";
echo '<meta property="og:description" content="' . esc_attr(wp_trim_words(get_the_excerpt(), 30)) . '" />' . "n";
echo '<meta property="og:url" content="' . esc_url(get_permalink()) . '" />' . "n";
echo '<meta property="og:image" content="' . esc_url($image) . '" />' . "n";
echo '<meta property="og:type" content="article" />' . "n";
echo '<meta property="og:site_name" content="' . esc_attr(get_bloginfo('name')) . '" />' . "n";
// Twitter Card
echo '<meta name="twitter:card" content="summary_large_image" />' . "n";
echo '<meta name="twitter:title" content="' . esc_attr(get_the_title()) . '" />' . "n";
echo '<meta name="twitter:description" content="' . esc_attr(wp_trim_words(get_the_excerpt(), 30)) . '" />' . "n";
echo '<meta name="twitter:image" content="' . esc_url($image) . '" />' . "n";
}
}
public function add_share_buttons_to_content($content) {
if (is_single() && in_array(get_post_type(), $this->post_types)) {
$share_buttons = $this->generate_share_buttons();
$content .= $share_buttons;
}
return $content;
}
private function generate_share_buttons() {
global $post;
$post_url = urlencode(get_permalink());
$post_title = urlencode(get_the_title());
$post_excerpt = urlencode(wp_trim_words(get_the_excerpt(), 20));
ob_start(); ?>
<div class="advanced-share-container" data-post-id="<?php echo $post->ID; ?>">
<div class="share-header">
<h4>分享到</h4>
<div class="share-stats">
<span class="share-count" data-provider="total">
<i class="fas fa-share-alt"></i>
<span class="count"><?php echo $this->get_share_count($post->ID, 'total'); ?></span>
</span>
</div>
</div>
<div class="share-buttons-grid">
<?php foreach ($this->providers as $provider): ?>
<button class="share-btn <?php echo $provider; ?>-share"
data-provider="<?php echo $provider; ?>"
data-url="<?php echo $post_url; ?>"
data-title="<?php echo $post_title; ?>"
data-desc="<?php echo $post_excerpt; ?>">
<i class="fab fa-<?php echo $provider; ?>"></i>
<span class="btn-text"><?php echo $this->get_provider_name($provider); ?></span>
<span class="count-badge"><?php echo $this->get_share_count($post->ID, $provider); ?></span>
</button>
<?php endforeach; ?>
<!-- 更多分享选项 -->
<div class="share-more-dropdown">
<button class="share-btn more-share">
<i class="fas fa-ellipsis-h"></i>
<span class="btn-text">更多</span>
</button>
<div class="dropdown-content">
<a href="#" class="copy-link" data-clipboard-text="<?php echo get_permalink(); ?>">
<i class="fas fa-link"></i> 复制链接
</a>
<a href="mailto:?subject=<?php echo $post_title; ?>&body=<?php echo $post_url; ?>">
<i class="fas fa-envelope"></i> 邮件分享
</a>
<a href="#" class="generate-qr">
<i class="fas fa-qrcode"></i> 生成二维码
</a>
</div>
</div>
</div>
<!-- 分享提示 -->
<div class="share-tips">
<p><i class="fas fa-lightbulb"></i> 提示:分享后可以查看分享统计</p>
</div>
</div>
<?php
return ob_get_clean();
}
public function track_share_action() {
// 验证nonce
if (!wp_verify_nonce($_POST['nonce'], 'track_share_nonce')) {
wp_send_json_error('验证失败');
}
$post_id = intval($_POST['post_id']);
$provider = sanitize_text_field($_POST['provider']);
$user_id = get_current_user_id();
// 记录分享
$this->record_share($post_id, $provider, $user_id);
// 更新分享计数
$count = $this->increment_share_count($post_id, $provider);
wp_send_json_success([
'count' => $count,
'message' => '分享记录成功'
]);
}
private function record_share($post_id, $provider, $user_id) {
global $wpdb;
$table_name = $wpdb->prefix . 'social_shares';
$wpdb->insert(
$table_name,
[
'post_id' => $post_id,
'provider' => $provider,
'user_id' => $user_id ?: 0,
'ip_address' => $_SERVER['REMOTE_ADDR'],
'user_agent' => $_SERVER['HTTP_USER_AGENT'],
'shared_at' => current_time('mysql')
],
['%d', '%s', '%d', '%s', '%s', '%s']
);
}
private function increment_share_count($post_id, $provider) {
$counts = get_post_meta($post_id, '_social_share_counts', true);
if (!is_array($counts)) {
$counts = [];
}
if (!isset($counts[$provider])) {
$counts[$provider] = 0;
}
$counts[$provider]++;
$counts['total'] = array_sum($counts);
update_post_meta($post_id, '_social_share_counts', $counts);
return $counts[$provider];
}
private function get_share_count($post_id, $provider) {
$counts = get_post_meta($post_id, '_social_share_counts', true);
if (is_array($counts) && isset($counts[$provider])) {
return intval($counts[$provider]);
}
return 0;
}
private function get_provider_name($provider) {
$names = [
'wechat' => '微信',
'weibo' => '微博',
'qq' => 'QQ',
'facebook' => 'Facebook',
'twitter' => 'Twitter'
];
return $names[$provider] ?? ucfirst($provider);
}}
### 3.4 数据库表结构
// 创建分享记录表
register_activation_hook(__FILE__, 'create_social_share_table');
function create_social_share_table() {
global $wpdb;
$table_name = $wpdb->prefix . 'social_shares';
$charset_collate = $wpdb->get_charset_collate();
$sql = "CREATE TABLE IF NOT EXISTS $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
post_id bigint(20) NOT NULL,
provider varchar(50) NOT NULL,
user_id bigint(20) DEFAULT 0,
ip_address varchar(45) DEFAULT NULL,
user_agent text,
shared_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY post_id (post_id),
KEY provider (provider),
KEY user_id (user_id),
KEY shared_at (shared_at)
) $charset_collate;";
require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
dbDelta($sql);}
## 四、安全最佳实践
### 4.1 OAuth安全注意事项
1. **State参数验证**:必须使用state参数防止CSRF攻击
2. **HTTPS强制**:所有OAuth回调必须使用HTTPS
3. **令牌安全存储**:access_token不应存储在客户端
4. **范围最小化**:只请求必要的权限范围
### 4.2 数据保护措施
// 安全验证函数
function validate_social_login_request($provider, $code, $state) {
// 验证state
if (!$this->verify_state_token($state)) {
return new WP_Error('invalid_state', '无效的state参数');
}
// 验证provider
if (!in_array($provider, ['facebook', 'google', 'wechat'])) {
return new WP_Error('invalid_provider', '不支持的登录提供商');
}
// 防止重放攻击
if ($this->is_replay_attack($code, $provider)) {
return new WP_Error('replay_attack', '检测到重放攻击');
}
return true;
