Example #1
0
 /**
  * 检查签名
  * @param  String  $power_id  资源ID
  * @param  String  $signature 签名
  * @return bool
  */
 private function check_power_key()
 {
     $this->load->model('accessModel/Power_model', 'power');
     $power = $this->power->get($this->power_id);
     if (empty($power)) {
         log_message('debug', sprintf("%s---power_id:%s,signature:%s, power_id is not exists", $this->session_id, $this->power_id, $this->signature));
         return FALSE;
     }
     //组织签名数据
     $post = $this->input->post();
     unset($post['signature']);
     if (isset($post['callback'])) {
         $post['callback'] = urlencode($post['callback']);
     }
     if (isset($post['username'])) {
         $post['username'] = urlencode($post['username']);
     }
     //比对签名
     $this->load->helper('signature');
     $t_signature = get_signature($post, $power['power_key']);
     //var_dump($t_signature);
     log_message('debug', sprintf("%s--signature:%s,t_signature:%s", $this->session_id, $this->signature, $t_signature));
     $cmp_resut = strcmp($this->signature, $t_signature);
     if ($cmp_resut == 0) {
         return TRUE;
     } else {
         log_message('ERROR', sprintf("%s--signature:%s,t_signature:%s", $this->session_id, $this->signature, $t_signature));
         return FALSE;
     }
 }
Example #2
0
/**
 * @brief 请求临时token.请求需经过URL编码,编码时请遵循 RFC 1738
 *  
 * @param $appid
 * @param $appkey
 *
 * @return 返回字符串格式为:oauth_token=xxx&oauth_token_secret=xxx
 */
function get_request_token($appid, $appkey)
{
    //请求临时token的接口地址, 不要更改!!
    $url = "http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token?";
    //生成oauth_signature签名值。签名值生成方法详见(http://wiki.opensns.qq.com/wiki/【QQ登录】签名参数oauth_signature的说明)
    //(1) 构造生成签名值的源串(HTTP请求方式 & urlencode(uri) & urlencode(a=x&b=y&...))
    $sigstr = "GET" . "&" . rawurlencode("http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token") . "&";
    //必要参数
    $params = array();
    $params["oauth_version"] = "1.0";
    $params["oauth_signature_method"] = "HMAC-SHA1";
    $params["oauth_timestamp"] = time();
    $params["oauth_nonce"] = mt_rand();
    $params["oauth_consumer_key"] = $appid;
    //对参数按照字母升序做序列化
    $normalized_str = get_normalized_string($params);
    $sigstr .= rawurlencode($normalized_str);
    //(2)构造密钥
    $key = $appkey . "&";
    //(3)生成oauth_signature签名值。这里需要确保PHP版本支持hash_hmac函数
    $signature = get_signature($sigstr, $key);
    //构造请求url
    $url .= $normalized_str . "&" . "oauth_signature=" . rawurlencode($signature);
    //echo "$sigstr\n";
    //echo "$url\n";
    //echo $url;
    return file_get_contents($url);
}
Example #3
0
/**
 * @brief 获取access_token。请求需经过URL编码,编码时请遵循 RFC 1738
 *
 * @param $appid
 * @param $appkey
 * @param $request_token
 * @param $request_token_secret
 * @param $vericode
 *
 * @return 返回字符串格式为:oauth_token=xxx&oauth_token_secret=xxx&openid=xxx&oauth_signature=xxx&oauth_vericode=xxx&timestamp=xxx
 */
function get_access_token($appid, $appkey, $request_token, $request_token_secret, $vericode)
{
    global $global_arg;
    //请求具有Qzone访问权限的access_token的接口地址, 不要更改!!
    $url = "http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token?";
    //生成oauth_signature签名值。签名值生成方法详见(http://wiki.opensns.qq.com/wiki/【QQ登录】签名参数oauth_signature的说明)
    //(1) 构造生成签名值的源串(HTTP请求方式 & urlencode(uri) & urlencode(a=x&b=y&...))
    $sigstr = "GET" . "&" . QQConnect_urlencode("http://openapi.qzone.qq.com/oauth/qzoneoauth_access_token") . "&";
    //必要参数,不要随便更改!!
    $params = array();
    $params["oauth_version"] = "1.0";
    $params["oauth_signature_method"] = "HMAC-SHA1";
    $params["oauth_timestamp"] = time();
    $params["oauth_nonce"] = mt_rand();
    $params["oauth_consumer_key"] = $appid;
    $params["oauth_token"] = $request_token;
    $params["oauth_vericode"] = $vericode;
    //对参数按照字母升序做序列化
    $normalized_str = get_normalized_string($params);
    $sigstr .= QQConnect_urlencode($normalized_str);
    //echo "sigstr = $sigstr";
    //(2)构造密钥
    $key = $appkey . "&" . $request_token_secret;
    //(3)生成oauth_signature签名值。这里需要确保PHP版本支持hash_hmac函数
    $signature = get_signature($sigstr, $key);
    //构造请求url
    $url .= $normalized_str . "&" . "oauth_signature=" . QQConnect_urlencode($signature);
    $global_arg = $url;
    return file_get_contents($url);
}
Example #4
0
/**
 * @brief 所有post 请求都可以使用这个方法
 *
 * @param $url
 * @param $appid
 * @param $appkey
 * @param $access_token
 * @param $access_token_secret
 * @param $openid
 *
 */
function do_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid)
{
    //构造签名串.源串:方法[GET|POST]&uri&参数按照字母升序排列
    $sigstr = "POST" . "&" . rawurlencode($url) . "&";
    //必要参数,不要随便更改!!
    $params = $_POST;
    $params["oauth_version"] = "1.0";
    $params["oauth_signature_method"] = "HMAC-SHA1";
    $params["oauth_timestamp"] = time();
    $params["oauth_nonce"] = mt_rand();
    $params["oauth_consumer_key"] = $appid;
    $params["oauth_token"] = $access_token;
    $params["openid"] = $openid;
    unset($params["oauth_signature"]);
    //对参数按照字母升序做序列化
    $sigstr .= rawurlencode(get_normalized_string($params));
    //签名,需要确保php版本支持hash_hmac函数
    $key = $appkey . "&" . $access_token_secret;
    $signature = get_signature($sigstr, $key);
    $params["oauth_signature"] = $signature;
    $postdata = get_urlencode_string($params);
    //echo "$sigstr******\n";
    //echo "$postdata\n";
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    curl_setopt($ch, CURLOPT_POST, TRUE);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
    curl_setopt($ch, CURLOPT_URL, $url);
    $ret = curl_exec($ch);
    curl_close($ch);
    return $ret;
}
Example #5
0
?>
<!--PRINT CIRTIFICATE   -->
<div id="printForm" style="display: none;" >
<img src="<?php 
echo Yii::app()->baseUrl;
?>
/cert/<?php 
echo $model[0]['cert_picture'];
?>
">
<?php 
$cname = $model[0]['firstname'] . " " . $model[0]['lastname'];
$grade = $model[0]['cirtificate_grade'];
$gno = $model[0]['cirtificate_no'];
$signature1 = get_signature($model[0]['signature1'], $signature);
$signature2 = get_signature($model[0]['signature2'], $signature);
$model[0]['course_cirtificate'] = str_replace("[SIGNATURE1]", $signature1, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[SIGNATURE2]", $signature2, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[NAME]", $name, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[GRADE]", $grade, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[GNO]", $gno, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[CERTNO]", 'MECT/' . $course_abbr . '-' . $cert_no, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[DOB]", $dob, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[CDC]", $CDCNO, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[INDOS]", $INDOSNO, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[PASSPORT]", $passportno, $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[STRTDT]", date("d-m-Y", strtotime($model[0]['start_date'])), $model[0]['course_cirtificate']);
$model[0]['course_cirtificate'] = str_replace("[ENDDT]", date("d-m-Y", strtotime($model[0]['end_date'])), $model[0]['course_cirtificate']);
echo $model[0]['course_cirtificate'];
function get_signature($id, $signature)
{
Example #6
0
/**
 * @brief get a request token by appid and appkey
 *        rfc1738 urlencode
 * @param $appid
 * @param $appkey
 *
 * @return a string, the format as follow: 
 *      oauth_token=xxx&oauth_token_secret=xxx
 */
function get_request_token($appid, $appkey)
{
    //获取request token接口, 不要随便更改!!
    $url = "http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token?";
    //构造签名串.源串:方法[GET|POST]&uri&参数按照字母升序排列
    $sigstr = "GET" . "&" . rawurlencode("http://openapi.qzone.qq.com/oauth/qzoneoauth_request_token") . "&";
    //必要参数,不要随便更改!!
    $params = array();
    $params["oauth_version"] = "1.0";
    $params["oauth_signature_method"] = "HMAC-SHA1";
    $params["oauth_timestamp"] = time();
    $params["oauth_nonce"] = mt_rand();
    $params["oauth_consumer_key"] = $appid;
    //对参数按照字母升序做序列化
    $normalized_str = get_normalized_string($params);
    $sigstr .= rawurlencode($normalized_str);
    //签名,需要确保php版本支持hash_hmac函数
    $key = $appkey . "&";
    $signature = get_signature($sigstr, $key);
    //构造请求url
    $url .= $normalized_str . "&" . "oauth_signature=" . rawurlencode($signature);
    //echo "$sigstr\n";
    //echo "$url\n";
    return file_get_contents($url);
}
Example #7
0
function topTen($nodeId, $rGroup)
{
    global $cg;
    $request = 'AWSAccessKeyId=' . $cg['AWSAccessKeyId'];
    $request .= '&AssociateTag=' . $cg['AssociateTag'];
    $request .= '&Version=2011-08-01';
    $request .= '&Operation=BrowseNodeLookup';
    $request .= '&ResponseGroup=' . $rGroup;
    $request .= '&BrowseNodeId=' . $nodeId;
    // url encode the comma and colon
    $request = str_replace(',', '%2C', $request);
    $request = str_replace(':', '%3A', $request);
    // explode the query string
    $x = explode("&", $request);
    // requirement when building a signature is to sort by byte value
    sort($x);
    // sort on byte value;
    // reconstruct the query string, should now be sorted
    $string_to_sign = implode("&", $x);
    $signature = get_signature($string_to_sign);
    $request = $cg['amazonUrl'] . '?' . $string_to_sign;
    $request .= "&Signature=" . $signature;
    $response = curl_string($request);
    if ($response) {
        $xml = array();
        $res = simplexml_load_string($response);
        echo '<pre>';
        print_r($res);
        exit;
    }
}
Example #8
0
    //$displaySI = $searchIndex;
    if (!in_array($searchIndex, $categories)) {
        $keyword .= ' ' . $searchIndex;
        $searchIndex = 'All';
        // reassign All
    }
    $keyword = str_replace(" ", "+", $keyword);
    $keyword = urlencode($keyword);
    $operation = 'ItemSearch';
    //$searchIndex = 'All';
    $service = 'AWSECommerceService';
    $version = '2011-08-01';
    $responseGroup = 'ItemAttributes,Images';
    $browseNode = $nodeID;
    $string_to_sign = build_request($keyword, $searchIndex, $operation, $service, $version, $responseGroup, 0, $browseNode);
    $signature = get_signature($string_to_sign);
    $request = $cg['amazonUrl'] . '?' . $string_to_sign;
    $request .= "&Signature=" . $signature;
    $maxPage = $searchIndex == 'All' ? 5 : 10;
    //$response = file_get_contents($request);
    $response = curl_string($request);
} else {
    $response = false;
}
if ($response) {
    $xml = array();
    $res = simplexml_load_string($response);
    //echo '<meta charset="utf-8">';
    //echo $string_to_sign . '<br/>';
    //echo '<pre>';
    //print_r($res);
Example #9
0
    $algo = strtolower($algo);
    $pack = 'H' . strlen($algo('test'));
    $size = 64;
    $opad = str_repeat(chr(0x5c), $size);
    $ipad = str_repeat(chr(0x36), $size);
    if (strlen($key) > $size) {
        $key = str_pad(pack($pack, $algo($key)), $size, chr(0x0));
    } else {
        $key = str_pad($key, $size, chr(0x0));
    }
    for ($i = 0; $i < strlen($key) - 1; $i++) {
        $opad[$i] = $opad[$i] ^ $key[$i];
        $ipad[$i] = $ipad[$i] ^ $key[$i];
    }
    $output = $algo($opad . pack($pack, $algo($ipad . $data)));
    return $raw_output ? pack($pack, $output) : $output;
}
function get_signature($str, $key)
{
    $signature = "";
    if (function_exists('hash_hmac')) {
        $signature = hash_hmac("sha1", $str, $key);
    } else {
        $signature = custom_hmac("sha1", $str, $key);
    }
    return $signature;
}
echo get_signature("img_url=http://s1.bdstatic.com/r/www/cache/xmas2012/images/car.png&nickname=anything&profile_url=http://3g.ganji.com&user_id=500011302", "bd9c83161441a1e68fa309455f09bf59");
?>