예제 #1
0
	/**
     * 生成要请求参数数组
     * @param $para_temp 请求前的参数数组
     * @return 要请求的参数数组
     */
	function buildRequestPara($para_temp) {
		//除去待签名参数数组中的空值和签名参数
		$para_filter = CacheParaFilter($para_temp);

		//对待签名参数数组排序
		$para_sort = CacheArgSort($para_filter);

		//生成签名结果
		$mysign = $this->buildRequestMysign($para_sort);
		
		//签名结果与签名方式加入请求提交参数组中
		$para_sort['sign'] = $mysign;
		//$para_sort['sign_type'] = strtoupper(trim($this->config['sign_type']));
		
		return $para_sort;
	}
예제 #2
0
  /**
   * 初始化验证
   */
  function _initialize() {
	if(!$_GET['nonce_str']){
	  ajaxErrReturn('随机字符串必须');
	}

	if(!$_GET['time_stamp']){
	  ajaxErrReturn('创建时间戳必须');
	}

	if(!IS_POST){
	  ajaxErrReturn('数据必须');
	}

	//判断是否内网ip
	if(!check_ip()){
	  ajaxErrReturn('非内网IP');
	}

	//3分钟有效期
	if($_REQUEST['time_stamp']+180<time()){
	  ajaxErrReturn('签名过期');
	}
	
	$model = D('Api');
	require_once(C('INTERFACE_PATH')."Cache/config.php");
	require_once(C('INTERFACE_PATH')."Cache/lib/core.function.php");
	require_once(C('INTERFACE_PATH')."Cache/lib/md5.function.php");
	require_once(C('INTERFACE_PATH')."Cache/lib/rsa.function.php");
	
	$appid = $_GET['appid'];
	$data['py_name'] = 'cache';
	$data['appid'] = $appid;
	$vo = $model->where($data)->find();
	if(!$vo){
	  ajaxErrReturn('无此应用');
	}
	$appkey = $vo['appkey'];
	//除去待签名参数数组中的空值和签名参数
	$para = $_GET;
	$para['c'] = CONTROLLER_NAME;
	$para['a'] = ACTION_NAME;
	$para_filter = CacheParaFilter($para);
	//对待签名参数数组排序
	$para_sort = CacheArgSort($para_filter);
	$prestr = CacheCreateLinkstring($para_sort);
	$timestamp = $_GET['time_stamp'];
	$sign = $_POST['sign'];
	switch ($_POST['sign_type']) {
		case 'RSA':
			$result = CacheRsaVerify($prestr, $config['public_key_path'], $sign);	
			break;
		case 'MD5':
			$result = CacheMd5Sign($appid, $appkey, $prestr, $timestamp, $sign);	
			break;
		case 2:
			$result = CacheMd5Sign($appid, $appkey, $prestr, $timestamp, $sign);	
			break;
	}	

	//dump($result);exit;
	if(!$result){
	  ajaxErrReturn('验证失败');
	}
  }