/** * 初始化验证 */ function _initialize() { if(!$_GET['nonce_str']){ ajaxErrReturn('随机字符串必须'); } if(!$_GET['time_stamp']){ ajaxErrReturn('创建时间戳必须'); } if(!IS_POST){ ajaxErrReturn('数据必须'); } //判断是否内网ip if(!check_ip()){ ajaxErrReturn('非内网IP'); } //3分钟有效期 if($_REQUEST['time_stamp']+180<time()){ ajaxErrReturn('签名过期'); } $model = D('Api'); require_once(C('INTERFACE_PATH')."Cache/config.php"); require_once(C('INTERFACE_PATH')."Cache/lib/core.function.php"); require_once(C('INTERFACE_PATH')."Cache/lib/md5.function.php"); require_once(C('INTERFACE_PATH')."Cache/lib/rsa.function.php"); $appid = $_GET['appid']; $data['py_name'] = 'cache'; $data['appid'] = $appid; $vo = $model->where($data)->find(); if(!$vo){ ajaxErrReturn('无此应用'); } $appkey = $vo['appkey']; //除去待签名参数数组中的空值和签名参数 $para = $_GET; $para['c'] = CONTROLLER_NAME; $para['a'] = ACTION_NAME; $para_filter = CacheParaFilter($para); //对待签名参数数组排序 $para_sort = CacheArgSort($para_filter); $prestr = CacheCreateLinkstring($para_sort); $timestamp = $_GET['time_stamp']; $sign = $_POST['sign']; switch ($_POST['sign_type']) { case 'RSA': $result = CacheRsaVerify($prestr, $config['public_key_path'], $sign); break; case 'MD5': $result = CacheMd5Sign($appid, $appkey, $prestr, $timestamp, $sign); break; case 2: $result = CacheMd5Sign($appid, $appkey, $prestr, $timestamp, $sign); break; } //dump($result);exit; if(!$result){ ajaxErrReturn('验证失败'); } }
public function rm($para,$data){ //应用的APP_ID $para['appid'] = $this->config['appid']; //客户端请求时间戳 $para['time_stamp'] = $this->timestamp; //API接口版本号 $para['version'] = $this->config['version']; //随机字符串 $para['nonce_str'] = rand_string(32,4); //授权签证 $sent_data = $this->buildRequestPara($para); $sent_url = $this->gateway.CacheCreateLinkstring($sent_data); $result = httpPOST($sent_url,$data); return $result; }