淘宝开放平台新的授权验证方式

 看来DEMO才懂，淘宝的文档也太那啥了...贴出来

 //取得回调地址返回的参数
 $top_session = $_REQUEST["top_session'];    
 $top_parameters = $_REQUEST['top_parameters'];
 $top_sign = $_REQUEST['top_sign'];
 
 //验证签名
 $parameter = urldecode($appkey.$top_parameters.$top_session);
 if(validateSign($top_sign,$parameter,$appsecret)){
 
	//解析top_parameters
	$top_parameters = base64_decode($top_parameters);
	$top_parameters = iconv('GBK','utf-8',$top_parameters);
	parse_str($top_parameters,$userInfo);
	
	//通过取得的sessionkey调用api
	include_once('TopSdk.php');
    $c = new TopClient;
    $c->appkey =  $appkey;
    $c->secretKey =  $appsecret;
    $req = new UserGetRequest;
    $req->setFields("user_id,nick,email");
    $tao_userinfo = $c->execute($req, $top_session);
	
	//打印参数
	echo "登录成功!</br>欢迎! ".$userInfo['visitor_nick'];
	echo "
top_parameters解析结果：
";
	print_r($userInfo);
	echo "
返回的sessionkey:
";
	print_r($top_session);
	echo "
API调用返回结果:
";
	print_r($tao_userinfo);
 }else{
 	echo "签名验证失败!";
 }
 
 //验证签名函数
 function validateSign($sign,$parameter,$secret){
 	$checkSign = base64_encode(md5($parameter.$secret,true));
 	if($sign == $checkSign){
 		return true;
 	}else {
 		return false;
 	}	
 }