我的问题如下:
这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.php,我的php项目没有用框架,php和html混合的。
<?php
require( dirname(__FILE__) . '/config.php' );
global $GLOBAL_SYSTEM;
if(isset($_GET['userId']) && $_GET['userId'] != ""){
$user_name = $_GET['userId'];
$param = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:lev="http://session.level1.services.sdk.actionsoft.com/">
<soapenv:Header><aws-auth xmlns="http://services.sdk.actionsoft.com/">fecaca56a326610b24626b163814a02c</aws-auth>
<soapenv:Header/>
<soapenv:Body>
<lev:checkSession>
<userId>'.$_GET['userId'].'</userId> <sid>'.$_GET['sid'].'</sid>
</lev:checkSession>
</soapenv:Body>
</soapenv:Envelope>';
$sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService";
if(defined('SSO_SESSION_SERVER')){
$sessionServer = SSO_SESSION_SERVER;
}
$securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService";
if(defined('SSO_SECURITY_SERVER')){
$securityServer = SSO_SECURITY_SERVER;
}
$xmls = fetch($sessionServer, $param);
if($xmls === false){
sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
}
$xml_values = "";
$parser = xml_parser_create('UTF-8');
xml_parse_into_struct($parser, trim($xmls), $xml_values);
xml_parser_free($parser);
foreach ($xml_values as $value){
if($value['tag'] == "RETURN"){
if($value['value'] == 'false'){
sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
}elseif($value['value'] == 'true'){
$user = &sd_get_user($user_name);
if (!empty($user) ) {
$result = login_without_pwd_verify($user);
$_SESSION["user"] = $user_name;
if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) {
if (I2System::isI2Cloud()){
sd_redirect("cloud/home.php");
}else{
sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
}
} else {
sd_redirect("i2/home.php");
}
}
}
break;
}
}
}else{
sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);
}
index.php文件fetch()函数所调用的文件
<?php
require( dirname(__FILE__) . '/../config.php' );
function httpGet($url) {
$tuCurl = curl_init();
curl_setopt($tuCurl, CURLOPT_URL, $url);
curl_setopt($tuCurl, CURLOPT_HEADER, 0);
curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);
$tuData = curl_exec($tuCurl);
$retValue = "";
$httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);
if ($tuData===false || $httpCode!=200) {
$logger = &LoggerManager::getLogger('HttpClient');
$logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
$retValue = "error";
} else {
$retValue = $tuData;
}
curl_close($tuCurl);
return $retValue;
}
function httpsRequest($url, $port=0, $param) {
$tuCurl = curl_init();
curl_setopt($tuCurl, CURLOPT_URL, $url);
if ($port!=0) {
curl_setopt($tuCurl, CURLOPT_PORT , $port);
}
curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
curl_setopt($tuCurl, CURLOPT_HEADER, 0);
curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3);
curl_setopt($tuCurl, CURLOPT_POST, 1);
curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param);
curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);
$tuData = curl_exec($tuCurl);
$retValue = "";
$httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);
if ($tuData===false || $httpCode!=200) {
$logger = &LoggerManager::getLogger('HttpClient');
$logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
$retValue = "error";
} else {
$retValue = $tuData;
}
curl_close($tuCurl);
return $retValue;
}
function fetchAliPrice($param){
$url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Connection:keep-alive',
'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
'Referer: https://buy.aliyun.com/',
'Origin:https://buy.aliyun.com'
));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
function fetch($url,$param){
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
// curl_setopt($ch, CURLOPT_HEADER, TRUE); //表示需要response header
// curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);//
// curl_setopt($ch, CURLOPT_HTTPHEADER, array(
// "Content-Type: application/soap+xml; charset=utf-8",
// "Content-length: ".strlen($param)
// ));
// curl_setopt($ch, CURLOPT_HTTPHEADER, array(
// 'Connection:keep-alive',
// 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
// 'Referer: https://buy.aliyun.com/',
// 'Origin:https://buy.aliyun.com'
// ));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
if(!curl_errno($ch)){
$info = curl_getinfo($ch);
// echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n";
} else {
echo 'Curl error: ' . curl_error($ch);
}
$data = curl_exec($ch);
// var_dump(curl_getinfo($ch));
curl_close($ch);
return $data;
}
第一次请求时去第三方验证,验证成功后放入session
下次请求时 如果 session 中有数据 就不用请求了
https://segmentfault.com/q/1010000004289927