Home > Backend Development > PHP Tutorial > PHP single sign-on function implementation

PHP single sign-on function implementation

php中世界最好的语言
Release: 2023-03-22 07:38:02
Original
1738 people have browsed it

这次给大家带来PHP单点登录功能实现,PHP单点登录功能实现的注意事项有哪些,下面就是实战案例,一起来看一下。

本文实例讲述了PHP实现单点登录功能。分享给大家供大家参考,具体如下:

1.准备两个虚拟域名

127.0.0.1  www.openpoor.com
127.0.0.1  www.myspace.com

2.在openpoor的根目录下创建以下文件

index.PHP

<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8"/>
<title>sync login</title>
</head>
<body>
<?php if(empty($_SESSION[&#39;username&#39;])):?>
hello,游客;请先<a href="login.php" rel="external nofollow" >登录</a><a href="http://www.myspace.com/index.php" rel="external nofollow" rel="external nofollow" >进入空间</a>
<?php else: ?>
hello,<?php echo $_SESSION[&#39;username&#39;]; ?>;<a href="http://www.myspace.com/index.php" rel="external nofollow" rel="external nofollow" >进入空间</a>
<?php endif; ?>
 <a href="http://www.openpoor.com/index.php" rel="external nofollow" >home</a>
</body>
</html>
Copy after login

login.php

<?php
session_start();
if(!empty($_POST[&#39;username&#39;])){
 require &#39;../Des.php&#39;;
 $_SESSION[&#39;username&#39;] = $_POST[&#39;username&#39;];
 $redirect = &#39;http://www.openpoor.com/index.php&#39;;
 header(&#39;Location:http://www.openpoor.com/sync.php?redirect=&#39;.urlencode($redirect).&#39;&code=&#39;.Des::encrypt($_POST[&#39;username&#39;],&#39;openpoor&#39;));exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8"/>
<title>sync login</title>
</head>
<body>
<form action="" method="post">
 <input type="text" name="username" placeholder="用户名"/>
 <input type="text" name="password" placeholder="密码"/>
 <input type="submit" value="登录"/>
</form>
</body>
</html>
Copy after login

sync.php

<?php
$redirect = empty($_GET[&#39;redirect&#39;]) ? &#39;www.openpoor.com&#39; : $_GET[&#39;redirect&#39;];
if(empty($_GET[&#39;code&#39;])){
 header(&#39;Loaction:http://&#39;.urldecode($redirect));
 exit;
}
$apps = array(
 &#39;www.myspace.com/slogin.php&#39;
);
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8"/>
<?php foreach($apps as $v): ?>
<script type="text/javascript" src="http://<?php echo $v.&#39;?code=&#39;.$_GET[&#39;code&#39;] ?>"></script>
<?php endforeach; ?>
<title>passport</title>
</head>
<body>
<script type="text/javascript">
window.onload=function(){
 location.replace('<?php echo $redirect; ?>');
}
</script>
</body>
</html>
Copy after login

3.在myspace的根目录下创建如下文件

slogin文件 完成session的设置

<?php
session_start();
header(&#39;Content-Type:text/javascript; charset=utf-8&#39;);
if(!empty($_GET[&#39;code&#39;])){
 require &#39;../Des.php&#39;;
 $username = Des::decrypt($_GET[&#39;code&#39;],&#39;openpoor&#39;);
 if(!empty($username)){
  header(&#39;P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"&#39;);
  $_SESSION[&#39;username&#39;] = $username;
 }
}
?>
Copy after login

index.php

<?php
session_start();
if(!empty($_SESSION[&#39;username&#39;]))
{
  echo "欢迎来到".$_SESSION[&#39;username&#39;]."的空间";
}else{
  echo "请先登录";
}
?>
Copy after login

4.Des.php的文件内容如下

<?php
/**
 *@see Yii CSecurityManager;
 */
class Des{
 public static function encrypt($data,$key){
   $module=mcrypt_module_open(&#39;des&#39;,&#39;&#39;, MCRYPT_MODE_CBC,&#39;&#39;);
   $key=substr(md5($key),0,mcrypt_enc_get_key_size($module));
   srand();
   $iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND);
   mcrypt_generic_init($module,$key,$iv);
   $encrypted=$iv.mcrypt_generic($module,$data);
   mcrypt_generic_deinit($module);
   mcrypt_module_close($module);
   return md5($data).&#39;_&#39;.base64_encode($encrypted);
 }
 public static function decrypt($data,$key){
   $_data = explode(&#39;_&#39;,$data,2);
   if(count($_data)<2){
  return false;
   }
   $data = base64_decode($_data[1]);
   $module=mcrypt_module_open(&#39;des&#39;,&#39;&#39;, MCRYPT_MODE_CBC,&#39;&#39;);
   $key=substr(md5($key),0,mcrypt_enc_get_key_size($module));
   $ivSize=mcrypt_enc_get_iv_size($module);
   $iv=substr($data,0,$ivSize);
   mcrypt_generic_init($module,$key,$iv);
   $decrypted=mdecrypt_generic($module,substr($data,$ivSize,strlen($data)));
   mcrypt_generic_deinit($module);
   mcrypt_module_close($module);
   $decrypted = rtrim($decrypted,"\0");
   if($_data[0]!=md5($decrypted)){
  return false;
   }
   return $decrypted;
 }
}
?>
Copy after login

当在openpoor登录后将session信息传到其他域名下的文件下进行处理,以script标签包含的形式进行运行。

5.此时访问www.openpoor.com和www.myspace.com都是未登录状态

登录后两个域名下都是登录状态

到此我们实现了一个简单的单点登录。

相信看了本文案例你已经掌握了方法,更多精彩请关注php中文网其它相关文章!

推荐阅读:

PHP单向散列加密功能的实现

PHP函数静态变量的使用方法

The above is the detailed content of PHP single sign-on function implementation. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template