快捷搜索:  as  2018  FtCWSyGV  С˵  test  xxx  Ψһ  w3viyKQx

澳门新葡新京:纯基于PHP的单点登陆



Discuz有一个通畅证,类似于单点登岸。不过我感觉单点登岸最好应该是一个自力的法度榜样,和CAS一样。因为所有的法度榜样都是PHP的,以是就做了一个简单的单点登岸。借用了澳门新葡新京一下discuz的加密措施。

用户有以下几种环境会直接造访本系统:

1、用户直接造访passport,盼望登岸

2、用户从passport_app上点击登岸按钮转过来的

3、用户从passport_app1转到passport_app2时刻,passport_app2转过来的

4、用户直接输入造访passport_app的URL

2 3 4或者有referer,或者有fromurl的参数

====

1 应用通畅证的利用法度榜样上面的登岸按钮整个指向下面的链接:http://localhost/passport/login.php

2 假如用户已经登岸了,转到5

3 假如用户还没有登岸

转到一个登岸页面,要包孕参数:

用户名,密码,fromurl(预处置惩罚过的refer)

提交到login.php?op=login

4 澳门新葡新京验证经由过程今后,设置自身的session或者cookies

5 根据用户http头里面的refer获得滥觞地址。

5.1 假如没有滥觞地址则显示本passport登岸成功页面,上面列出所有的passport利用

5.2 假如有refer,则跳回到refer的地址,即到6

6 转到通畅证利用的passport_login.php页面,通报的参数包括:

◆$userinfo 一个数组,包孕了用户名,角色,组等其它信息,一样平常不必要包孕密码

◆$fromurl

◆$verify md5($auth.$fromurl) 包管用户信息没有被窜改

===============================

7 passport_login.php

首先反省参数有没有被改变

然后掏出参数内的user_id

验证经由过程今后,

假如user_id在系统内存不做处置惩罚

假如不存在,则根据编码添加该用户

着末设置自己的session/cookies,然后跳转到fromurl

===============================

通畅证的密匙,可以自行填写英文,可包孕任何字母及数字,长度大年夜于 10 字节

=============================

代码如下:

session_start();

$username = "";

$password = "";

$loginerror = "";

$fromurl = '';

if(isset($_GET['fromurl']) && trim($_GET['fromurl'])!= '') {

$fromurl = $_GET['fromurl'];

}else if(isset($_SERVER['HTTP_REFERER']) && trim($_SERVER['HTTP_REFERER'])!= '') {

$fromurl = $_SERVER['HTTP_REFERER'];

}

//防止同一个办事器装了多个upassport互关连扰

$key = md5(DB_DATABASE.DB_USER.DB_PASSWORD);

if(!isset($_SESSION['passport_app'])) {

unset($_SESSION['u']);

$_SESSION['passport_app'] = $key;

include('themes/'.THEME.'/login.html');

exit;

}else if($_SESSION['passport_app'] != $key) {

unset($_SESSION['u']);

$_SESSION['passport_app'] = $key;

include('themes/'.THEME.'/login.html');

exit;

}

if (isset($_POST['op'])&&trim($_POST['o澳门新葡新京p'])=='dologin') {

$valid = 0;

$authnum = $_POST['authnum'];

$username = $_POST['username'];

$fromurl = $_POST['fromurl'];

if ($authnum && trim($_SESSION['authnum'])==$authnum 澳门新葡新京&& $username) {

$password = $_POST['password'];

$user = $db->getRow("select * from $dbutils->user where username =

'$username' and password = '$password'");

if (!empty($user) && $user['user_id']!=0) {

$u['user_id'] = $user['user_id'];

$u['username'] = $user['username'];

$u['truename'] = $user['truename'];

$u['group'] = $db->getRow("select ug.group_id,g.group_name from

$dbutils->user_group ug,$dbutils->group g where ug.group_id =

g.group_id and ug.user_id = ".$user['user_id']);

$u['roles'] = $db->getAll("select ur.role_id,r.role_name,

r.privileges from $dbutils->user_role ur,$dbutils->role r where

ur.role_id = r.role_id and ur.user_id = ".$user['user_id']);

$privileges = Array();

foreach($u['roles'] as $role) {

$role_privis = explode(',',$role['privileges']);

foreach($role_privis as $p) {

if(!in_array($p,$privileges)) array_push($privileges,$p);

}

}

$u['privileges'] = $privileges ;

$_SESSION['u'] = $u;

$valid =1;

}

}

if (!$valid) {

$loginerror = '

'."不法登岸".'

';

$username = $_POST['username'];

unset($u);

}

}

//用户正常跳转或者造访

$u = isset($_SESSION['u']) ? $_SESSION['u'] : '';

if (empty($u)) { //用户不存在,跳到登岸界面

include('themes/'.THEME.'/login.html');

exit;

}else { //用户存在,表示已经登岸过了

if(trim($fromurl)=='') { //没有referer,则显示默认主页,列出所有利用

$t->assign('u',$u);

$t->render('index.html', "迎接登岸通畅证",'wrap.html',true);

}else { //从其余利用转过来的,可能是上面 2 3 4,此时必有referer

//根据referer的url获得当前的利用的key和完备的地址

$passport_app = $db->GetRow("select * from $dbutils->app where

INSTR('$fromurl', url)=1");

$userinfo = passport_encrypt(passport_encode($u), $passport_app['key']);

$verify = md5($userinfo.$fromurl.$passport_app['key']);

header("Location: ".$passport_app['login_url'].

"?userinfo=".rawurlencode($userinfo).

"&fromurl=".rawurlencode($fromurl).

"&verify=$verify");

}

}

客户利用查验单点登岸的措施如下:

$passport_key = '1234567890';

if($_GET['verify'] != md5($_GET['userinfo'].$_GET['fromurl'].$passport_key)) {

exit('Illegal request');

}

$u = array();

parse_str(passport_decrypt($_GET['userinfo'], $passport_key), 澳门新葡新京$u);

header("location: ".$_GET['fromurl']);

您可能还会对下面的文章感兴趣: