token 验证,微信服务器地址配置要写到具体的文件或方法,该地址就是微信返回数据的地方,
难证通过后,即可把内容换成自己的业务逻辑。如扫码获取 openid,
public function valid()
{
//valid signature , option
if($this->checkSignature()){
echo '验证通过';
exit;
}
}
private function checkSignature()
{
$signature = $_GET["signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$token = 'wbjhpl';
$tmpArr = array($token, $timestamp, $nonce);
sort($tmpArr);
$tmpStr = implode( $tmpArr );
$tmpStr = sha1( $tmpStr );
if( $tmpStr == $signature ){
return true;
}else{
return false;
}
}