<?php
defined('BASEPATH') OR exit('No direct script access allowed');
/**
* 签名/验签
*
* 签名规则:
* 1,接收的参数名不限制大小写,但是在计算签名值的时候参数名一律转换为小写
* 2,按参数名从小到大排序
* 3,组合签名字符串的规则:para1=value1¶2=value2&.....paraN=valueN&key
* 4,time是必须的参数,取值为当前unix时间戳,验签时会验证time值与当前时间的差,超过两分钟的签名为无效
* 5,签名算法MD5
*/
class AuthModel extends CI_Model {
private $key = '32452345j23kjhasud89fulkjaksd89ufkqnj23rsdufkanwjk345';
/**
* 签名
*
* @param array $params
* @return array
*/
function signMd5($params=array()){
$pre_sign_str = $this->createSignString($params);
$sign = strtolower(md5($pre_sign_str));
return $this->MessageModel->successMessage($sign);
}
/**
* 验签
*
* @param array $params
* @return array
*/
function verifySignMd5($params=array()){
if(!isset($params['time']) OR (now()-$params['time']) > 120 ){
return $this->MessageModel->errorMessage('10001001');
}
if(!isset($params['sign']) OR empty($params['sign'])){
return $this->MessageModel->errorMessage('10001002');
}
$sign1 = strtolower($params['sign']);
unset($params['sign']);
$pre_sign_str = $this->createSignString($params);
$sign2 = strtolower(md5($pre_sign_str));
if($sign1 != $sign2){
return $this->MessageModel->errorMessage('10001003');
}
$this->MessageModel->successMessage();
}
/**
* 组合签名参数
*
* @param array $para
* @return string
*/
private function createSignString($para){
ksort($para);
reset($para);
$arg = "";
while (list ($key, $val) = each ($para)) {
$arg.=strtolower($key)."=".$val."&";
}
//连接加密KEY
$arg = $arg.$this->key;
//如果存在转义字符,那么去掉转义
if(get_magic_quotes_gpc()){$arg = stripslashes($arg);}
return $arg;
}
}