我用TP5開發(fā)微信小程序登錄接口的時(shí)候����,在校驗(yàn)簽名signature那遇到了個(gè)坑,一直校驗(yàn)失敗��,找了很久才發(fā)現(xiàn)
原因是:tp的input方法會(huì)自動(dòng)轉(zhuǎn)移html字符��,比如’”’轉(zhuǎn)成了 "e; ,所以導(dǎo)致了失敗:
本來的rawData
{"nickName":"小小黑","gender":1,"language":"en","city":"Zhanjiang","province":"Guangdong","country":"CN","avatarUrl":"http://wx./mmopen/vi_32/iaFp2syscJNYgalastnQ3bnYt2l4cURSX7p7CeZ7SkNLa32yqBHsXITPibqrJl7z6mYYIibmCLlwtoOwCp0nMibIgA/0"}WYrl3b8xiPuJlOnY/zCXdw==
TP中input方法過濾過的rawData
{"nickName":"小小黑","gender":1,"language":"en","city":"Zhanjiang","province":"Guangdong","country":"CN","avatarUrl":"http://wx./mmopen/vi_32/iaFp2syscJNYgalastnQ3bnYt2l4cURSX7p7CeZ7SkNLa32yqBHsXITPibqrJl7z6mYYIibmCLlwtoOwCp0nMibIgA/0"}WYrl3b8xiPuJlOnY/zCXdw==
所以校驗(yàn)方法需要這樣寫:
$signature2 = sha1(htmlspecialchars_decode($rawData) . $session_key);
if ($signature2 !== $signature) return ret_message("signNotMatch");
后續(xù)會(huì)給一個(gè)完整的登錄流程代碼(前端+ThinkPHP5.0)
|
