Categorization of eight articles in summer

In this period of time, we were trying to drum up the tars framework, and went to vultr to open a 3.5 knife machine. Why should we use their home? Because the 50 knives used before were not used up.

His home machine is very unfriendly to Hubei Telecom. BBR Otherwise, if you lose your package, you will be able to accept it.

These two skies are idle, landing on line and finding a violent landing of 1w+!!!

WTF!

 Network-attacks.png

The first time I felt such a flood of cyber attacks, I would like to introduce briefly the modification of sshd listening port to prevent violence.

Here I began to turn off SELinux. You can choose to shut down SELinux because there will be a lot less trouble. Of course, there will also be hidden problems, but the advantages outweigh the disadvantages.

- reading the remainder part -

Doubt

If you had done WeChat jssdk before, you would find nothing in the first look at the document. The process is nothing more than a back-end signature, which is returned to the front end.

But I think carefully that there is no value information of the goods, and the H5 page on the public address only returns the signature.

Looking back at the request parameter, I found the clue.

 WeChat order ID

At first, I looked at an arbitrary number of examples that I understood. Prepay_id by Unified order interface Returns the parameters in the result

Resume writing logic

Here we are using H5 payment, and the result is returned. Https://wx.tenpay.com/cgi-bin/mmpayweb-bin/checkmweb? Prepay_id=wx151809054027204613d0ca330422xxxxxx&package=287231xxxx

You can only intercept URL and get it. Prepay_id by Wx151809054027204613d0ca330422xxxxxx

take Prepay_id Send back to the back to sign and return.

 {"code": "1", "MSG"): "get WeChat browser payment signature successfully", "data": {appId ":" wx54c4e3c9a7xxxxxx "," timeStamp ":" 1537007685 "," nonceStr ":" 5b9ce0458db30 "," package ":" prepay_id= wx151809054027204613d0ca330422xxxxxx "," "prepay_id=", "" "," "" ":"

Now the front end can be used happily. WeixinJSBridge and JSSDK


Related links:

WeChat H5 tune up payment
WeChat unified order

Appear Invalid signature The wrong situation is really fascinating.

  1. At the very beginning, the document did not need to escape. Later, I saw the error related. EncodeURIComponent (location.href.split ("[0]"))
  2. Wx.config () Medium NonceStr When signing with the backend Noncestr Dissimilarity
  3. It is very fascinating to get the description of the URL dynamically. It is not clear whether it is necessary to use the interface provided by the back end to provide the signature or the URL when the front-end initiates the request.

In short, we need to use it. AJAX Signature, front-end needs EncodeURIComponent (location.href.split ("[0]")) The current URL is passed as the parameter to the back-end signature interface. If the backend is PHP, it needs. URLDecode ($_GET['url']) And get it again. Jsapi_ticket Signature, return parameter

It looks like the finance of Lian Bi is going to fall. More than 1000 of the K3 cars on last year did not come out.

I hope not to sell more than 700 million for 618, and run away with my sister-in-law.

2018.06.26 150 is still in cash. It's not very hopeful.
2018.07.20 APP can also open...

No more.

A few days ago, salon bug, I believe a lot of people have gone to rub, but geese, I was watching you roll over quietly.

Today, I tell you the new activities on the front page, the cloud database mysql entry model has been purchased for 3 years, and the purchase time is 6 months at most.

Checked the order submission information and successfully purchased it for 3 years.
 Purchase success

Copy the following code, save it as HTML file, open the page, click the link to jump, and then you can purchase it.

 点我领取
">The item "," value ":" default item "}, {" name ":" data copy mode "," value ":" asynchronous copy "}", "protectMode": 0 "," deployMode ": 0," slaveZone ": 0," backupZone ": 0," originate ":"}, "goodsNum" 1 "," payMode ": 1}]}