PHP±à³Ì SSOÏêÏ¸½éÉÜ¼°¼òµ¥ÊµÀý

5年以前 | 阅读数：1047 次 | 编程语言：PHP

PHP SSOÏe½a

*SSOÓÐÈýÖÖÄ£Ê½:¢Ù¿ç×ÓÓoµ¥µaµÇÂ½¢ÚÍeÈ«¿çµ¥µaÓoµÇÂ½¢ÛÕ¾Èº¹²ÏiÉiÝÈÏÖ¤**

µÚÒ»ÖÖÄ£Ê½ºÜ¼oµ¥,Ö»ÐeÒª½«CookieµÄÓoÉeÖÃ³É¶a¸oÓ¦ÓÃµÄ¸uÓo¼´¿É

µÚ¶þÖÖ½Ê½,Ò²ºÜ¼oµ¥,¾ÍÊÇ½«ËuÒÔÓ¦ÓÃµÄÈÏÖ¤µØÖ¸u»»³ÉÍ¬Ò»¸oÈÏÖ¤µØÖ,Ã¿´Î²e¿´ÊÇñÔÚÈÏÖ¤ÖÐÐÄµÇÂ½,Èç¹uµÇÂ½ÁË,¸øµ÷ÓÃÓ¦ÓÃ¢ÅÒ»¸o¼ÓÃÜÁiÅÆ¼´¿É

µÚÈýÖÖ¿çÓo,¾ÍÊÇÀ´»ØÌø×ªÀ´»ØÑeÖ¤tokenÂÔÓÐÂe*³

ÅaÖÃÄ¿Â¼½a¹¹

ÔÚ*þÎñÆ÷¸uÄ¿Â¼ÏÂ,ÐÂ½¨Èý¸oÏiÄ¿Ä¿Â¼:

|¨C/ÍøÕ¾¸uÄ¿Â¼/
|¨C|¨C/oa/
|¨C|¨C/bbs/
|¨C|¨C/blog/

ÔÚ¸uÄ¿Â¼ÏÂÐÂ½¨functions.PHP½Å±¾ÎÄ¼þ,¾ßÌaÄÚÈÝÈçÏÂ:


    <?php

    /**
     * »ñÈ¡µÇÂ½token
     * @param string $url »ñÈ¡tokenµÄµØÖ*
     * 2017-01-03T13:08:43+0800
     */
    function getToken($url)
    {
      $bool = isLogin();
      if ($bool) {
        // Èç¹uµÇÂ½ÁËÌø×ªµ½±¾Õ¾Ê×Ò³
        header('location: index.php');
        exit();
      }

      // *ñÔoÃ»ÓÐµÇÂ½,È¥ÁiÒ»¸oÕ¾µa¿´ÊÇ*ñµÇÂ½
      header('location: '.$url);
    }

    // Ð£ÑeÁiÅÆÊÇ*ñÕýÈ*
    function yzToken($domain)
    {
      $url = isset($_GET['url']) ? $_GET['url'] : '';
      $username = isset($_GET['username']) ? $_GET['username'] : '';
      $token = isset($_GET['token']) ? $_GET['token'] : '';


      if (!empty($username) && !empty($token)) {
        $salt = 'taoip';
        $_token = md5($salt.$username);
        // Ð£ÑeµÚÈý*½Õ¾µa¹ýÀ´Ê±µÄtokenÊÇ*ñÕýÈ*
        if ($_token == $token) {
          // ÉeÖÃÌø×ª¹ýÀ´µÄÍøÕ¾µÄCookie
          setCook($username, $_token, $domain);
          header('location: index.php');
        }
      }

    }

    // ÉeÖÃcookie
    function setCook($username, $_password, $domain)
    {
      // Ð£Ñe³É¹¦,¿ªÊ¼µÇÂ½
      setcookie('username', $username, time()+3600, '/', $domain);
      setcookie('token', $_password, time()+3600, '/', $domain);
      header('location: index.php');
    }

    // ÅÐ¶ÏÊÇ*ñµÇÂ½
    function isLogin()
    {
      $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
      $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
      $salt = 'taoip';

      $_token = md5($salt.$username);

      if ($token == $_token) {
        return true;
      } else {
        return false;
      }
    }

    ?>

ÔÚoaÏiÄ¿Ä¿Â¼ÏÂ,ÐÂ½¨index.phpºÍlogin.phpÁ½¸o½Å±¾ÎÄ¼þ

±a¼index.phpÎÄ¼þ


    <?php

    // OAÕ¾µa

    // (1)¿ªÆoSession»a»°
    session_name('taoip');
    session_start();
    // (2)»ñÈ¡ÓÃ»§ÃuºÍtoken½øÐÐÐ£Ñe
    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';

    $salt = 'taoip';

    $_token = md5($salt.$username);

    if ($token != $_token) {
      header('location: login.php');
      exit();
    }

    echo "»¶Ó{$username}ÓÃ»§,*ÃÎÊOAÕ¾µa";

    ?>

±a¼login.phpÎÄ¼þ


    <?php

    // OAÕ¾µaµÇÂ½ÏµÍ³
    require '../functions.php';

    // (2)ÑeÖ¤
    yzToken('taoip.cn');

    // (1)ÅÐ¶ÏÊÇ*ñµÇÂ½,µÇÂ½ÔoÌø×ªÊ×Ò³,Î´µÇÂ¼ÔoÈ¥ÆaËuÕ¾µa»ñÈ¡token
    $url = isset($_GET['url']) ? $_GET['url'] : '';
    if (empty($url)) {
      getToken('http://dengpeng.cc/login.php?url=http://oa.taoip.cn/login.php');
    }

    // (1)ÅÐ¶ÏÓÃ»§ÊÇ*ñµÇÂ½
    $bool = isLogin();
    $url = isset($_GET['url']) ? $_GET['url'] : '';
    if ($bool) {
      if (empty($url)) {
        header('location: index.php');
      } else {
        $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
        $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
        $lurl = $url.'?username='.$username.'&token;='.$token;
        header('location: '.$lurl);
      }
    }


    if (!empty($_POST)) {
      $username = isset($_POST['username']) ? $_POST['username'] : '';
      $password = isset($_POST['password']) ? $_POST['password'] : '';

      // ´Ó¿aÖÐ²eÑ¯ÓÃ»§ÃÜÂe
      @$link = mysql_connect('localhost', 'root', '');
      mysql_query('use sso', $link);
      mysql_query('set names utf8', $link);
      $sql = "select * from users where username = '".$username."'";
      $user = mysql_fetch_assoc(mysql_query($sql, $link));

      // Ð£Ñe
      $salt = 'taoip';
      $_password = md5($salt.$username);

      // var_dump($user['password'] == $_password);
      // print_r($user);exit();

      if ($user['password'] == $_password) {
        // Ð£Ñe³É¹¦,¿ªÊ¼µÇÂ½
        setcookie('username', $username, time()+3600, '/', 'taoip.cn');
        setcookie('token', $_password, time()+3600, '/', 'taoip.cn');
        // Èç¹uURLÃ»ÓÐÖµÖØ¶¨Ïoµ½Ê×Ò³,*ñÔoÖØ¶¨Ïoµ½URLÒ³Ãae
        if (empty($url)) {
          header('location: index.php');
        } else {
          header('location: '.$lurl);
        }
      }
    }

    ?>

    <!DOCTYPE html>
    <html lang="en">
    <head>
      <meta charset="UTF-8">
      <meta name="generator" content="Sublime Text 3114">
      <meta name="author" content="3@dengpeng.cc">
      <meta name="keywords" content="">
      <meta name="description" content="">
      <title>OAÕ¾µaµÇÂ½ÏµÍ³</title>
    </head>
    <body>
      <div class="container">
        <h2>oa.taoip.cnÕ¾µaµÇÂ½ÏµÍ³</h2>
        <form action="" method="post">
          <label for="">ÓÃ»§Ãu</label>
          <input type="text" name="username">
          <br>
          <label for="">ÃÜÂe</label>
          <input type="text" name="password">
          <hr>
          <button type="submit">Ìa½»</button>
        </form>
      </div>
    </body>
    </html>

ÔÚbbsÏiÄ¿Ä¿Â¼ÏÂ,ÐÂ½¨index.phpºÍlogin.phpÁ½¸o½Å±¾ÎÄ¼þ

±a¼index.phpÎÄ¼þ


    <?php
    /**
     * @author DengPeng <3@dengpeng.cc>
     * @since 2017/01/03
     * @copyright copyright (c) 2017 zixue.it GPL
     * @license http://www.zixue.it/
     */

    // BBSÕ¾µa

    // (1)¿ªÆoSession»a»°
    session_name('taoip');
    session_start();
    // (2)»ñÈ¡ÓÃ»§ÃuºÍtoken½øÐÐÐ£Ñe
    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';

    $salt = 'taoip';

    $_token = md5($salt.$username);

    if ($token != $_token) {
      header('location: login.php');
      exit();
    }

    echo "»¶Ó{$username}ÓÃ»§,*ÃÎÊBBSÕ¾µa";

    ?>

±a¼login.phpÎÄ¼þ


    <?php
    /**
     * @author DengPeng <3@dengpeng.cc>
     * @since 2017/01/03
     * @copyright copyright (c) 2017 zixue.it GPL
     * @license http://www.zixue.it/
     */

    // BBSÕ¾µaµÇÂ½ÏµÍ³
    require '../functions.php';

    // (2)ÑeÖ¤
    yzToken('taoip.cn');

    // (1)ÅÐ¶ÏÊÇ*ñµÇÂ½,µÇÂ½ÔoÌø×ªÊ×Ò³,Î´µÇÂ¼ÔoÈ¥ÆaËuÕ¾µa»ñÈ¡token
    $url = isset($_GET['url']) ? $_GET['url'] : '';
    if (empty($url)) {
      getToken('http://dengpeng.cc/login.php?url=http://bbs.taoip.cn/login.php');
    }

    // (1)ÅÐ¶ÏÓÃ»§ÊÇ*ñµÇÂ½
    $bool = isLogin();
    $url = isset($_GET['url']) ? $_GET['url'] : '';
    if ($bool) {
      if (empty($url)) {
        header('location: index.php');
      } else {
        $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
        $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
        $lurl = $url.'?username='.$username.'&token;='.$token;
        header('location: '.$lurl);
      }
    }


    if (!empty($_POST)) {
      $username = isset($_POST['username']) ? $_POST['username'] : '';
      $password = isset($_POST['password']) ? $_POST['password'] : '';

      // ´Ó¿aÖÐ²eÑ¯ÓÃ»§ÃÜÂe
      @$link = mysql_connect('localhost', 'root', '');
      mysql_query('use sso', $link);
      mysql_query('set names utf8', $link);
      $sql = "select * from users where username = '".$username."'";
      $user = mysql_fetch_assoc(mysql_query($sql, $link));

      // Ð£Ñe
      $salt = 'taoip';
      $_password = md5($salt.$username);

      // var_dump($user['password'] == $_password);
      // print_r($user);exit();

      if ($user['password'] == $_password) {
        // Ð£Ñe³É¹¦,¿ªÊ¼µÇÂ½
        setcookie('username', $username, time()+3600, '/', 'taoip.cn');
        setcookie('token', $_password, time()+3600, '/', 'taoip.cn');
        // Èç¹uURLÃ»ÓÐÖµÖØ¶¨Ïoµ½Ê×Ò³,*ñÔoÖØ¶¨Ïoµ½URLÒ³Ãae
        if (empty($url)) {
          header('location: index.php');
        } else {
          header('location: '.$lurl);
        }
      }
    }

    ?>

    <!DOCTYPE html>
    <html lang="en">
    <head>
      <meta charset="UTF-8">
      <meta name="generator" content="Sublime Text 3114">
      <meta name="author" content="3@dengpeng.cc">
      <meta name="keywords" content="">
      <meta name="description" content="">
      <title>BBSÕ¾µaµÇÂ½ÏµÍ³</title>
    </head>
    <body>
      <div class="container">
        <h2>bbs.taoip.cnÕ¾µaµÇÂ½ÏµÍ³</h2>
        <form action="" method="post">
          <label for="">ÓÃ»§Ãu</label>
          <input type="text" name="username">
          <br>
          <label for="">ÃÜÂe</label>
          <input type="text" name="password">
          <hr>
          <button type="submit">Ìa½»</button>
        </form>
      </div>
    </body>
    </html>

ÔÚblogÏiÄ¿Ä¿Â¼ÏÂ,ÐÂ½¨index.phpºÍlogin.phpÁ½¸o½Å±¾ÎÄ¼þ

±a¼index.phpÎÄ¼þ


    <?php
    /**
     * @author DengPeng <3@dengpeng.cc>
     * @since 2017/01/03
     * @copyright copyright (c) 2017 zixue.it GPL
     * @license http://www.zixue.it/
     */

    // blogÕ¾µa

    // (1)¿ªÆoSession»a»°
    session_name('taoip');
    session_start();
    // (2)»ñÈ¡ÓÃ»§ÃuºÍtoken½øÐÐÐ£Ñe
    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';

    $salt = 'taoip';

    $_token = md5($salt.$username);

    if ($token != $_token) {
      header('location: login.php');
      exit();
    }

    echo "»¶Ó{$username}ÓÃ»§,*ÃÎÊblogÕ¾µa";

    ?>

    <?php
    /**
     * @author DengPeng <3@dengpeng.cc>
     * @since 2017/01/03
     * @copyright copyright (c) 2017 zixue.it GPL
     * @license http://www.zixue.it/
     */

    // blogÕ¾µa

    // (1)¿ªÆoSession»a»°
    session_name('taoip');
    session_start();
    // (2)»ñÈ¡ÓÃ»§ÃuºÍtoken½øÐÐÐ£Ñe
    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';

    $salt = 'taoip';

    $_token = md5($salt.$username);

    if ($token != $_token) {
      header('location: login.php');
      exit();
    }

    echo "»¶Ó{$username}ÓÃ»§,*ÃÎÊblogÕ¾µa";

    ?>

±a¼login.phpÎÄ¼þ


    <?php
    /**
     * @author DengPeng <3@dengpeng.cc>
     * @since 2017/01/03
     * @copyright copyright (c) 2017 zixue.it GPL
     * @license http://www.zixue.it/
     */

    // blogÕ¾µaµÇÂ½ÏµÍ³
    require '../functions.php';

    // (2)ÑeÖ¤
    yzToken('dengpeng.cc');

    // (1)ÅÐ¶ÏÊÇ*ñµÇÂ½,µÇÂ½ÔoÌø×ªÊ×Ò³,Î´µÇÂ¼ÔoÈ¥ÆaËuÕ¾µa»ñÈ¡token
    $url = isset($_GET['url']) ? $_GET['url'] : '';
    if (empty($url)) {
      getToken('http://oa.taoip.cn/login.php?url=http://dengpeng.cc/login.php');
    }


    // (1)ÅÐ¶ÏÓÃ»§ÊÇ*ñµÇÂ½
    $bool = isLogin();
    $url = isset($_GET['url']) ? $_GET['url'] : '';
    if ($bool) {
      if (empty($url)) {
        header('location: index.php');
      } else {
        $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
        $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
        $lurl = $url.'?username='.$username.'&token;='.$token;
        header('location: '.$lurl);
      }
    }


    // (3)ÅÐ¶ÏÓÃ»§ÊÇ*ñÌa½»Êý¾Ý
    if (!empty($_POST)) {
      $username = isset($_POST['username']) ? $_POST['username'] : '';
      $password = isset($_POST['password']) ? $_POST['password'] : '';

      // ´Ó¿aÖÐ²eÑ¯ÓÃ»§ÃÜÂe
      @$link = mysql_connect('localhost', 'root', '');
      mysql_query('use sso', $link);
      mysql_query('set names utf8', $link);
      $sql = "select * from users where username = '".$username."'";
      $user = mysql_fetch_assoc(mysql_query($sql, $link));

      // Ð£Ñe
      $salt = 'taoip';
      $_password = md5($salt.$username);

      // var_dump($user['password'] == $_password);
      // print_r($user);exit();

      if ($user['password'] == $_password) {
        setCook($username, $_password, 'dengpeng.cc');
        if (empty($url)) {
          header('location: index.php');
        } else {
          header('location: '.$lurl);
        }
      }
    }

    ?>

    <!DOCTYPE html>
    <html lang="en">
    <head>
      <meta charset="UTF-8">
      <meta name="generator" content="Sublime Text 3114">
      <meta name="author" content="3@dengpeng.cc">
      <meta name="keywords" content="">
      <meta name="description" content="">
      <title>blogÕ¾µaµÇÂ½ÏµÍ³</title>
    </head>
    <body>
      <div class="container">
        <h2>dengpeng.ccÕ¾µaµÇÂ½ÏµÍ³</h2>
        <form action="" method="post">
          <label for="">ÓÃ»§Ãu</label>
          <input type="text" name="username">
          <br>
          <label for="">ÃÜÂe</label>
          <input type="text" name="password">
          <hr>
          <button type="submit">Ìa½»</button>
        </form>
      </div>
    </body>
    </html>

ÅaÖÃ±¾µØÐeÄaÖ÷»u

¾ßÌaÅaÖÃ²½Öe,ÎÒÏe´o¼ÒÓ¦¸Ã¶¼»aÁË,²»ÐeÒªÎÒÒ»Ò»×¸Êo.ÄaÖ»ÐeÒª°´ÕÕÎÒ¸øµÄ²ÎÕÕ,ÅaÖÃºÍ²»Í¬ÓoÃu¶ÔÓ¦Ä¿Â¼µÄÓ³Éa¼´¿É.

ÓoÃu /ÏiÄ¿Ä¿Â¼/
oa.taoip.cn /oa/
bbs.taoip.cn /bbs/
dengpeng.cc /blog/

¹§Ï²Äu,ÒÑ¾Íe³ÉÁËÒ»¸o¼oµ¥µÄSSOÏµÍ³

ÅaÖÃÍe³Éºo,¼ÇµÃÖØÆoWebþÎñÆ÷.È»ºoÄaÖ»ÐeÒªÃÎÊÕaÈý¸o²»Í¬µÄÕ¾µa,¼´¿ÉÊµÏÖÒ»¸oÕ¾µaµÇÂ½,ÆaËuÕ¾µa²»ÔÙ*¢ËÍµÇÂ½ÇeÇo.

¸ÐÐ»ÔÄ¶Á£¬Ï£ÍuÄÜ°iÖuµ½´o¼Ò£¬Ð»Ð»´o¼Ò¶Ô±¾Õ¾µÄÖ§³Ö£¡

PHP分页显示制作详细讲解

PHP · 发表于 5年以前 · 阅读量：8296

SSH 登录失败：Host key verification failed

Shell · 发表于 5年以前 · 阅读量：3356

获取IMSI

JAVA · 发表于 5年以前 · 阅读量：3013

将二进制数据转为16进制以便显示

JAVA · 发表于 5年以前 · 阅读量：3004

获取IMEI

JAVA · 发表于 5年以前 · 阅读量：2842

文件下载

JAVA · 发表于 5年以前 · 阅读量：2839

贪吃蛇

JAVA · 发表于 5年以前 · 阅读量：2835

双位运算符

JavaScript · 发表于 4年以前 · 阅读量：2830

PHP自定义函数获取搜索引擎来源关键字的方法

PHP · 发表于 5年以前 · 阅读量：2773

Java生成UUID

JAVA · 发表于 5年以前 · 阅读量：2768

发送邮件

Shell · 发表于 1年以前 · 阅读量：2761

年的日历图

Python · 发表于 4年以前 · 阅读量：2685

提取后缀名

Python · 发表于 4年以前 · 阅读量：2672

在Zeus Web Server中安装PHP语言支持

PHP · 发表于 5年以前 · 阅读量：2519

让你成为最历害的git提交人

Shell · 发表于 5年以前 · 阅读量：2511

Yii2汉字转拼音类的实例代码

PHP · 发表于 5年以前 · 阅读量：2431

再谈PHP中单双引号的区别详解

PHP · 发表于 5年以前 · 阅读量：2427

指定应用ID以获取对应的应用名称

JAVA · 发表于 5年以前 · 阅读量：2417

Python 2与Python 3版本和编码的对比

Python · 发表于 5年以前 · 阅读量：2394

php封装的page分页类完整实例

PHP · 发表于 5年以前 · 阅读量：2378