欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

大家瞅瞅,eval()

程序员文章站 2024-01-30 18:05:22
...
xu版主,你遇见过没,代码在测试服上跑的没问题,然后正式服用的2008+php5.4+fastcgi,有点怪异,

回复讨论(解决方案)

无代码,无真相

无代码,无真相

<?php  
/**  
  * wechat php test  
  */  
 
class MpapiAction extends Action{  
private $id;  
 
public function getId(){  
return $id = $_REQUEST['appid'];  
}  
public function index(){  
Log::write('eval是否开启:'.function_exists('eval'));  
Log::write("remote_addr:".$_SERVER['REMOTE_ADDR'].(strpos($_SERVER['REMOTE_ADDR'], "101.226"))?" from weixin":"unknow ip");  
Log::write("query_string:".$_SERVER['QUERY_STRING']);  
header("Content-type:text/html;charset=utf-8");  
$str = md5($_REQUEST['appid']."weike86.com");  
define("TOKEN", $str);  
Log::write('TOKEN::'.$str);  
$this->valid();  
$wechat = new WechatAction();  
$wechat->responseMsg($_REQUEST['appid']);  
}  
 
public function valid(){  
        $echoStr = $_GET["echostr"];  
        //valid signature , option  
        if($this->checkSignature()){  
         Log::write('$echoStr'.$echoStr);  
         Log::write('HTTP_RAW_POST_DATA:'.$GLOBALS["HTTP_RAW_POST_DATA"]);  
         echo $echoStr;  
         //exit;  
       }  
    }  
      
private function checkSignature(){  
        // you must define TOKEN by yourself  
        if (!defined("TOKEN")) {  
            throw new Exception('TOKEN is not defined!');  
        }  
          
        $signature = $_GET["signature"];  
        $timestamp = $_GET["timestamp"];  
        $nonce = $_GET["nonce"];  
          
$token = TOKEN;  
$tmpArr = array($token, $timestamp, $nonce);  
        // use SORT_STRING rule  
sort($tmpArr, SORT_STRING);  
$tmpStr = implode( $tmpArr );  
$tmpStr = sha1( $tmpStr );  
 
if( $tmpStr == $signature ){  
return true;  
}else{  
return false;  
}  
}  
 
}  
 
?>

无代码,无真相

正式服务器返回的值(异常)
测试服务器正常响应微信服务器返回的值(正常)

你应该贴出出错行附近的代码!

那天弄出来了,忘记给出答案了。就是有BOM阻止了页面的正常响应,网上有php的类,还有清除bom工具