伪代码:
public function get()
{
$salt = uniqid();
$seconds_of_minute = 60;
$expire_time = time() + 30 * $seconds_of_minute;
$create_time = time();
$res = $this->update($id) //更新数据库让老的失效
if ($res === false) {
return error(E_UPDATE_ITEM_FAILED);
} //else
//$res是受影响行数,数据库操作失败应给予提示
// 二维码的相关信息加入数据库
$data['contents'] = $contents; //有效信息
$data['salt'] = $salt;
$data['expire_time'] = $expire_time;
$data['create_time'] = $create_time;
$id = $this->add($data);
if ($id > 0) {
$json = array('id' => $id);
$json['hash'] = md5(json_encode($json) . $salt);
$contents = QRCODE_PREFIX . json_encode($json);
return success(base64_encode($contents));
} else {
return error(E_QRCODE_FAILED, '生成临时访问授权二维码失败');
}
}
解释:
整个接口返回数据如下:
base64_encode(QRCODE_PREFIX . md5(json_encode($json) . $salt)) $json['hash'] = md5(json_encode($json) . $salt) // 是为了防伪造
时效性判断
$data['expire_time'] = $expire_time; $data['create_time'] = $create_time;