微信验证流程
- 将timestamp,nonce,token按字典序排序
- 将排序后的三个参数拼接之后用sha1加密
- 将加密后的字符串与signature进行对比,判断该请求是否来自微信
private function checkSignature() {
$signature = $_GET["signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$token = TOKEN;
$tmpArr = array($token, $timestamp, $nonce);
sort($tmpArr, SORT_STRING);
$tmpStr = implode( $tmpArr );
$tmpStr = sha1( $tmpStr );
if( $tmpStr == $signature {
return true;
} else {
return false;
}
}