计算 vkontakte.ru iframe 应用程序的签名

发布于 2024-10-04 03:56:23 字数 1705 浏览 8 评论 0原文

为什么这个简短的 PHP 脚本:

<?php

$args = array(
        'api_id'    => $_GET['api_id'],
        'method'    => 'getProfiles',
        'sid'       => $_GET['sid'],
        'uids'      => $_GET['viewer_id'],
        'v'         => '3.0',
);

$req = $_GET['api_url'] . '?sig=' . 
    calc_sig($_GET['viewer_id'], $args, $_GET['secret']);

foreach ($args as $key => $val)
        $req .= "&$key=$val";

$page = file_get_contents($req);

header('Content-Type: text/plain');
print_r($_GET);
print("\n\n req: " . $req);
print("\n\n page: " . $page);

function calc_sig($viewer_id, $arr, $secret) {
        $kv = array();
        foreach ($arr as $key => $val) {
                if ($key != 'sid')
                        $kv[] = "$key=$val";
        }
        sort($kv);

        $str = $viewer_id . join('', $kv) . $secret;
        print("\n\n str: " . $str);
        return md5($str);
}
?>

打印错误:

str: 59751265api_id=1762950method=getProfilesuids=59751265v=3.0a551fa3416
req: http://api.vkontakte.ru/api.php?sig=490142d9c3eb65ee64045a2ea754266c&api_id=1762950&method=getProfiles&sid=1bc83d2ed0db52b8ad45d8ddf36780f52944d5f6340ffa47ad5fef9594&uids=59751265&v=3.0
page: <?xml version="1.0" encoding="utf-8"?>
<error>
 <error_code>4</error_code>
 <error_msg>Incorrect signature</error_msg>
......

?>

我继续阅读 文档< /a> 一次又一次...

Why does this short PHP script:

<?php

$args = array(
        'api_id'    => $_GET['api_id'],
        'method'    => 'getProfiles',
        'sid'       => $_GET['sid'],
        'uids'      => $_GET['viewer_id'],
        'v'         => '3.0',
);

$req = $_GET['api_url'] . '?sig=' . 
    calc_sig($_GET['viewer_id'], $args, $_GET['secret']);

foreach ($args as $key => $val)
        $req .= "&$key=$val";

$page = file_get_contents($req);

header('Content-Type: text/plain');
print_r($_GET);
print("\n\n req: " . $req);
print("\n\n page: " . $page);

function calc_sig($viewer_id, $arr, $secret) {
        $kv = array();
        foreach ($arr as $key => $val) {
                if ($key != 'sid')
                        $kv[] = "$key=$val";
        }
        sort($kv);

        $str = $viewer_id . join('', $kv) . $secret;
        print("\n\n str: " . $str);
        return md5($str);
}
?>

print the error:

str: 59751265api_id=1762950method=getProfilesuids=59751265v=3.0a551fa3416
req: http://api.vkontakte.ru/api.php?sig=490142d9c3eb65ee64045a2ea754266c&api_id=1762950&method=getProfiles&sid=1bc83d2ed0db52b8ad45d8ddf36780f52944d5f6340ffa47ad5fef9594&uids=59751265&v=3.0
page: <?xml version="1.0" encoding="utf-8"?>
<error>
 <error_code>4</error_code>
 <error_msg>Incorrect signature</error_msg>
......

?>

I keep reading the doc again and again...

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

梦幻的心爱 2024-10-11 03:56:23

好的,这有效:

<?php

define('VK_API_ID_TEST', 'XXX');
define('VK_AUTH_SECRET_TEST', 'YYY');

$args = array(
        'api_id'    => $_GET['api_id'],
        'format'    => 'json',
        'method'    => 'getProfiles',
        'uids'      => $_GET['viewer_id'],
        'v'         => '3.0',
);

$req = $_GET['api_url'] . '?sig=' . calc_sig($args);
foreach ($args as $key => $val)
        $req .= "&$key=$val";

$page = file_get_contents($req);
$data = json_decode($page, true);

header('Content-Type: text/plain');
print("\n\n _GET:");
print_r($_GET);
print("\n\n req: " . $req);
print("\n\n page: " . $page);
print("\n\n data:");
print_r($data);
print("\n\n city: " . $data['response'][0]['name']);

function calc_sig($arr) {
        $kv = array();
        foreach ($arr as $key => $val) {
                if ($key != 'sig')
                        $kv[] = "$key=$val";
        }
        sort($kv);

        $str = join('', $kv) . VK_AUTH_SECRET_TEST;
        print("\n\n str: " . $str);
        return md5($str);
}

?>

Ok, this works:

<?php

define('VK_API_ID_TEST', 'XXX');
define('VK_AUTH_SECRET_TEST', 'YYY');

$args = array(
        'api_id'    => $_GET['api_id'],
        'format'    => 'json',
        'method'    => 'getProfiles',
        'uids'      => $_GET['viewer_id'],
        'v'         => '3.0',
);

$req = $_GET['api_url'] . '?sig=' . calc_sig($args);
foreach ($args as $key => $val)
        $req .= "&$key=$val";

$page = file_get_contents($req);
$data = json_decode($page, true);

header('Content-Type: text/plain');
print("\n\n _GET:");
print_r($_GET);
print("\n\n req: " . $req);
print("\n\n page: " . $page);
print("\n\n data:");
print_r($data);
print("\n\n city: " . $data['response'][0]['name']);

function calc_sig($arr) {
        $kv = array();
        foreach ($arr as $key => $val) {
                if ($key != 'sig')
                        $kv[] = "$key=$val";
        }
        sort($kv);

        $str = join('', $kv) . VK_AUTH_SECRET_TEST;
        print("\n\n str: " . $str);
        return md5($str);
}

?>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文