1k views

PHP function to check the mochimedia bridge signature

A lot of people is having problems to check the signature that Mochi Media uses to authenticate the score data sent from the Bridge (see official docs). This small PHP function (from my flash games portal) is simple, very easy to use and understand and works perfectly:

PHP
  1. /**
  2.  * Calculates the signature according to the Mochi security protocol
  3.  *
  4.  * @param array $parameters Paramters received by $_POST
  5.  * @return string The Mochi signature
  6.  */
  7. public static function calculateMochiSignature($parameters)
  8. {
  9.     //sort $parameters alphabetically by the key
  10.     ksort($parameters);
  11.  
  12.     $queryString = '';
  13.  
  14.     // Concatenate all parameters according to the format defined in the documentation
  15.     foreach($parameters as $k => $v)
  16.     {
  17.         if( $k != 'signature')
  18.         {
  19.             $queryString .= rawurlencode($k) . '=' . rawurlencode($v) . '&';
  20.         }
  21.     }
  22.  
  23.     // Remove the last '&'
  24.     $queryString = substr($queryString, 0, -1);
  25.  
  26.     return md5($queryString.$mochiSecret);
  27. }
  28.  

­

Then, you can check if you have been passed the correct signature like this:

PHP
  1. calculateMochiSignature($_POST) == $_POST['signature'];
  2.  

­

Tags: PHP api mochimedia signature

Submitted by miguelSantirso about 1 year ago — last modified less than a minute ago

Embed: