Formhash.class.php
1.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
/**
* Formhash.class.php
* $Author$
* $Id$
*/
namespace Com;
class Formhash
{
/**
* __secret
* 加密用的 secret
*
* @var string
*/
private $__secret = 'vchangyi, to be best.';
// 实例化
public static function &instance()
{
static $instance;
if (empty($instance)) {
$instance = new self();
}
return $instance;
}
// 构造方法
public function __construct()
{
$secret = cfg('FORMHASH_SECRET');
if (! empty($secret)) {
$this->__secret = $secret;
}
}
/**
* generate
* 生成hash
*
* @param string $hash
* hash 字串
* @param int $timestamp
* 时间
* @param string $random
* 8位随机字串
* @return boolean
*/
public function generate(&$hash, $timestamp = null, $random = '')
{
// 时间戳为空
if (! $timestamp) {
$timestamp = NOW_TIME;
}
// 8位随机值
if (empty($random)) {
$random = random(8);
}
$ymdhis = rgmdate($timestamp, 'YmdHis');
$md5 = md5(md5($ymdhis . $random . $this->__secret) . $this->__secret);
$hash = substr($md5, 0, 2) . substr($md5, - 8) . $ymdhis . $random;
return true;
}
/**
* check
* 检查hash是否正确
*
* @param string $hash
* HASH串
* @param int $timestmap
* 时间戳
* @return boolean
*/
public function check($hash, &$timestamp)
{
$timestamp = rstrtotime(preg_replace('/(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/', '\1-\2-\3 \4:\5:\6', substr($hash, 10, 14)));
$random = substr($hash, - 8);
// 生成hash字串
$tmp_hash = '';
$this->generate($tmp_hash, $timestamp, $random);
return $tmp_hash == $hash;
}
}