Verification principle:
Signature: Encrypted signature, signature combined with the developer's token parameters and timestamp parameters in the request, nonce parameters.
which
Timestamp: Time stamp
Nonce: Random number
echostr: Random string
1. The token, timestamp, nonce three parameters are ordered in dictionary order.
2. Stitch three parameters into a string and use SHA1 encryption.
3. The developer compares the encrypted string to the signature, and if it is the same, the request comes from, and is trustworthy.
Valid (); Class Wechat{public function valid () {$echoStr = $_get[' Echostr '];if ($this->checksignature ()) {echo $ Echostr;exit;}} Calibration method Private Function Checksignature () {$signature = $_get[' signature '); $timestamp = $_get[' timestamp ']; $nonce = $_get [' nonce ']; $token = token; $tmpArr = Array ($token, $timestamp, $nonce); sort ($TMPARR); $tmpStr = implode ($TMPARR); $tmpStr = SHA1 ($TMPSTR); if ($tmpStr = = $signature) {return true;} Else{return false;}}}
The above describes the first bomb into the pit, including, the first aspect of the content, I hope that the PHP tutorial interested in a friend helpful.