1 <?php 2 3 $appKey = "xxxxxxxxxxx";//密钥 4 $paths = ‘GET&%2Fjob.php&‘; //假如回调文件为根目录下/job.php 5 $result = $_GET; 6 ksort($result);//排序 7 $step = $_GET[‘step‘];//第几步 8 $str = ""; 9 10 $md5pkey = $_GET[‘pkey‘];//pkey 11 $md5Str = md5($_GET[‘openid‘].$appKey.$_GET[‘ts‘]);//验证pkey签名 12 13 foreach($result as $key=>$val){ 14 if($key != "sig"){ 15 $array_str = str_split($val); 16 foreach($array_str as $key2=>$val2){ 17 if(!ereg("^([a-zA-Z0-9!*()])",$val2)){ 18 $array_str[$key2] = "%".strtoupper(bin2hex($val2)); 19 } 20 } 21 $val = implode(‘‘,$array_str); 22 if($str == ""){ 23 $str = $key."=".$val; 24 }else{ 25 $str = $str."&".$key."=".$val; 26 } 27 } 28 } 29 $str = urlencode($str); 30 $sig2 = base64_encode(custom_hmac(‘sha1‘, $paths.$str, $appKey)); 31 32 33 if($sig2 == $_GET[‘sig‘] && $md5Str == $md5pkey){ 34 //验证通过 35 if($step == 1){ 36 //处理代码 37 $data = array("ret"=>0,"msg"=>"OK","zoneid"=>"1"); 38 echo mjson($data); 39 }elseif($step == 2){ 40 //处理代码 41 $data = array("ret"=>0,"msg"=>"OK2","zoneid"=>"1"); 42 echo mjson($data); 43 }elseif($step == 3){ 44 //处理代码 45 $data = array("ret"=>0,"msg"=>"OK3","zoneid"=>"1"); 46 echo mjson($data); 47 } 48 }else{ 49 //验证不通过 50 $data = array("ret"=>200,"msg"=>‘参数错误‘,"zoneid"=>"1"); 51 echo mjson($data); 52 } 53 54 function mjson($data) 55 { 56 if (!headers_sent()) header("Content-Type: application/json; charset=utf-8"); 57 echo json_encode($data); 58 } 59 function custom_hmac($algo, $data, $key, $raw_output = true) 60 { 61 $key = $key."&"; 62 $algo = strtolower($algo); 63 $pack = ‘H‘.strlen($algo(‘test‘)); 64 $size = 64; 65 $opad = str_repeat(chr(0x5C), $size); 66 $ipad = str_repeat(chr(0x36), $size); 67 68 if (strlen($key) > $size) { 69 $key = str_pad(pack($pack, $algo($key)), $size, chr(0x00)); 70 } else { 71 $key = str_pad($key, $size, chr(0x00)); 72 } 73 74 for ($i = 0; $i < strlen($key) - 1; $i++) { 75 $opad[$i] = $opad[$i] ^ $key[$i]; 76 $ipad[$i] = $ipad[$i] ^ $key[$i]; 77 } 78 79 $output = $algo($opad.pack($pack, $algo($ipad.$data))); 80 81 return ($raw_output) ? pack($pack, $output) : $output; 82 } 83 ?>