TypechoJoeTheme

Dcr163的博客

统计

网站页面
类目归类
标签搜索
日志

PHP生成sign验证接收的数据是否合法

2020-06-27
/
0 评论
/
1,149 阅读
/
正在检测是否收录...
06/27

下面的加密是使用的MD5的,也可以根据自己的需求随便更换加密方式做sign验签。
废话不多说,直接上代码:

<?php
//签名的密钥,可以换成自己的
$signKey = 'Dcr163!#!!.cn!!$$%&&xi.+';

if( isset($_POST['type']) ) {
    //这里获取数据
    $sendData = $_POST;
    //未传sign提示报错
    if( !isset($sendData['sign']) ) exit('sign不能为空!');
    //保存传过来的sign参数
    $sendSign = $sendData['sign'];
    //删除sign在传递中的数据,方便在下面的生成签名使用
    unset($sendData['sign']);
    //数据排序
    ksort($sendData);
    //生成签名,把传递的数据生成 a=1&c=2sss&=bb=jj  格式,加签名的密钥 用md5加密
    $sign = md5(http_build_query($sendData).$signKey);
    //默认提示信息
    $strMsg = '数据验证成功!';
    // 用新生成的 sign和传递过来的sign对比,如果一样就代表验证成功,否则就验证失败。或许是接受的数据和发送的的数据不一致,被篡改了;或许是双方加密的密钥不一致。
    if( $sign !== $sendSign ) $strMsg = 'sign验证失败!';
    exit('<br/>'.$strMsg.'<a href="?"> 返回 </a>');
}


///下面是模拟请求的数据
$time = time();
$data = array(
    'type'   => 'create',
    'name'=>'小红',
    'age'   => 16,
    'weigth'    => 100,
    'height'    => 160,
    'sex'   => '女',
    'remark'    => '备注信息',
    'time'      => $time
);

//排序
ksort($data);
// 变成字符串 a=1&c=2sss&=bb=jj
$req = http_build_query($data);
//生成sign
$sendSign = md5($req.$signKey);

//下面是模拟发送请求的HTML页面
$html = '<input type="hidden" name="sign" value="'.$sendSign.'"> ';
foreach ($data as $k=>$v) {
    $html .= '<p><input type="text" name="'.$k.'" value="'.$v.'" readonly/></p>';
}
echo <<<HTML
<form action="?" method="post">
    $html
    <input type="submit" value="提交">
</form>
HTML;


朗读
赞(0)
版权属于:

Dcr163的博客

本文链接:

http://dcr163.cn/251.html(转载时请注明本文出处及文章链接)

评论 (0)
503 文章数
60 评论量

人生倒计时

今日已经过去小时
这周已经过去
本月已经过去
今年已经过去个月

热门文章

最新回复

  1. slot mpo terbaru
    2025-02-08

    I believe everything said was very reasonable.
    However, think about this, what if you added a little information? I
    mean, I don't want to tell you how to run your website, however suppose you added a title that grabbed folk's attention? I mean 个人介绍 -
    Dcr163的博客 is kinda vanilla. You might peek at Yahoo's home page and watch how they create post titles to get people to open the links.
    You might try adding a video or a related picture or two
    to get readers excited about everything've got to say.
    In my opinion, it might bring your blog a little
    bit more interesting.
  2. Sherry Stockdill
    2025-01-28

    Hi Dcr 163

    We would love to talk to you about some sample leads for your company, please come and have a chat with us for Centos8 静态地址设置 - Dcr163的博客 and get an instant sample of clients..

    Generate your own samples!

    PCXLeads.com

    Sherry
  3. slot demo
    2025-01-13

    Thanks for finally writing about >个人介绍 - Dcr163的博客

  4. 陌天
    2025-01-09

    哟呵,上班还有空更新,还写那么多,是不是工作量不饱和
  5. Kerrie Bostick
    2024-12-28

    I think that what you wrote was very reasonable.
    But, consider this, what if you added a little information? I am not suggesting your content isn't solid, but suppose you added a post title that grabbed folk's attention? I mean Dcr163的博客 is kinda vanilla. You ought to peek at Yahoo's home page and note how they create post titles to get viewers to open the links.
    You might add a video or a pic or two to get people interested about everything've got to say. Just my opinion, it would make your posts a little bit more interesting.

标签云

CopyRight © Dcr163.cn 粤ICP备15066935号 2016 ~ 2025 35ms
RSS MAP