微信验证服务器地址的有效性,加密/校验方法
1.将token timestamp nonce进行排序
2.将三个参数拼接成一个字符串,进行sha1加密
3.将拼接好的字符串和signature进行对比,标识该请求来源于微信,如果相等的话,返回一个参数echostr
代码如下:
$token = 'qiaoyu';
$timestamp = $_GET['timestamp'];
$nonce = $_GET['nonce'];
$signature = $_GET['signature'];
$arr = array($token,$timestamp,$nonce);
$arr = sort($arr);
$tmpstr = implode('',$arr);
$tmpstr = sha1($tmpstr);
if($tmpstr == $signature){
echo $_GET['echostr'];
exit;
}
1.将token timestamp nonce进行排序
2.将三个参数拼接成一个字符串,进行sha1加密
3.将拼接好的字符串和signature进行对比,标识该请求来源于微信,如果相等的话,返回一个参数echostr
代码如下:
$token = 'qiaoyu';
$timestamp = $_GET['timestamp'];
$nonce = $_GET['nonce'];
$signature = $_GET['signature'];
$arr = array($token,$timestamp,$nonce);
$arr = sort($arr);
$tmpstr = implode('',$arr);
$tmpstr = sha1($tmpstr);
if($tmpstr == $signature){
echo $_GET['echostr'];
exit;
}