/**
* 生成要请求参数数组
* @param $para_temp 请求前的参数数组
* @return 要请求的参数数组
*/
function buildRequestPara($para_temp) {
//除去待签名参数数组中的空值和签名参数
$para_filter = CacheParaFilter($para_temp);
//对待签名参数数组排序
$para_sort = CacheArgSort($para_filter);
//生成签名结果
$mysign = $this->buildRequestMysign($para_sort);
//签名结果与签名方式加入请求提交参数组中
$para_sort['sign'] = $mysign;
//$para_sort['sign_type'] = strtoupper(trim($this->config['sign_type']));
return $para_sort;
}
/**
* 初始化验证
*/
function _initialize() {
if(!$_GET['nonce_str']){
ajaxErrReturn('随机字符串必须');
}
if(!$_GET['time_stamp']){
ajaxErrReturn('创建时间戳必须');
}
if(!IS_POST){
ajaxErrReturn('数据必须');
}
//判断是否内网ip
if(!check_ip()){
ajaxErrReturn('非内网IP');
}
//3分钟有效期
if($_REQUEST['time_stamp']+180<time()){
ajaxErrReturn('签名过期');
}
$model = D('Api');
require_once(C('INTERFACE_PATH')."Cache/config.php");
require_once(C('INTERFACE_PATH')."Cache/lib/core.function.php");
require_once(C('INTERFACE_PATH')."Cache/lib/md5.function.php");
require_once(C('INTERFACE_PATH')."Cache/lib/rsa.function.php");
$appid = $_GET['appid'];
$data['py_name'] = 'cache';
$data['appid'] = $appid;
$vo = $model->where($data)->find();
if(!$vo){
ajaxErrReturn('无此应用');
}
$appkey = $vo['appkey'];
//除去待签名参数数组中的空值和签名参数
$para = $_GET;
$para['c'] = CONTROLLER_NAME;
$para['a'] = ACTION_NAME;
$para_filter = CacheParaFilter($para);
//对待签名参数数组排序
$para_sort = CacheArgSort($para_filter);
$prestr = CacheCreateLinkstring($para_sort);
$timestamp = $_GET['time_stamp'];
$sign = $_POST['sign'];
switch ($_POST['sign_type']) {
case 'RSA':
$result = CacheRsaVerify($prestr, $config['public_key_path'], $sign);
break;
case 'MD5':
$result = CacheMd5Sign($appid, $appkey, $prestr, $timestamp, $sign);
break;
case 2:
$result = CacheMd5Sign($appid, $appkey, $prestr, $timestamp, $sign);
break;
}
//dump($result);exit;
if(!$result){
ajaxErrReturn('验证失败');
}
}
