From 74beaf5fa1169a812ae0d988466257a6892db4e3 Mon Sep 17 00:00:00 2001 From: Chaim Date: Mon, 13 Jul 2020 10:35:46 +0800 Subject: [PATCH] =?UTF-8?q?-=20=E4=BC=98=E5=8C=96=E6=A0=87=E5=87=86Api?= =?UTF-8?q?=E6=8E=A7=E5=88=B6=E5=99=A8=E5=9F=BA=E7=B1=BB=E7=AD=BE=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/ApiController.php | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/ApiController.php b/src/ApiController.php index 9218695..73746d3 100644 --- a/src/ApiController.php +++ b/src/ApiController.php @@ -128,7 +128,7 @@ class ApiController extends stdClass $arr = request()->post(); $timestamp = request()->get('timestamp', 0); // 判断是否有时间 - if (empty($timestamp)) $this->error('数据不匹配', 666); + if (empty($timestamp)) $this->error('数据异常!', 666); $arr['timestamp'] = $timestamp; // 删除sign foreach ($arr as $k => $v) if ('sign' == $k) unset($arr[$k]); @@ -136,14 +136,12 @@ class ApiController extends stdClass $arr = $this->argSort($arr, $name); // 服务器签名对比 $sign = $this->md5Sign($arr); - if ($sign != request()->header('sign', '')) $this->error('数据不匹配', 666); - // 计算时间差 - $time = time() - $timestamp; + if ($sign != request()->header('sign', '')) $this->error('验证不匹配!', 666); // 判断是不是小于服务器时间 - if ($time < 0) $this->error('数据不匹配', 666); - // 判断是不是超过时间 - if ($time > 200) $this->error('请重新尝试!'); - return true; + $before = strtotime('-2minute'); + $rear = strtotime('+2minute'); + if ($timestamp <= $rear && $timestamp >= $before) return true; + else $this->error('已超时,请重新尝试!'); } /** -- GitLab