欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.SegmentFault

程序员文章站 2022-05-09 13:24:38
...
我的问题如下:
这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.php,我的php项目没有用框架,php和html混合的。 

fecaca56a326610b24626b163814a02c
'.$_GET['userId'].''.$_GET['sid'].'
';

    
    $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService";
    if(defined('SSO_SESSION_SERVER')){
        $sessionServer = SSO_SESSION_SERVER;
    }
    
    $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService";
    if(defined('SSO_SECURITY_SERVER')){
        $securityServer = SSO_SECURITY_SERVER;
    }
    
    $xmls = fetch($sessionServer, $param);
    
    if($xmls === false){
        sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
    }
    
    $xml_values = "";
    
    $parser = xml_parser_create('UTF-8');
    xml_parse_into_struct($parser, trim($xmls), $xml_values);
    xml_parser_free($parser);

    
    foreach ($xml_values as $value){
        if($value['tag'] == "RETURN"){
            if($value['value'] == 'false'){
                sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
            }elseif($value['value'] == 'true'){
                $user = &sd_get_user($user_name);
                if (!empty($user) ) {
                    $result = login_without_pwd_verify($user);
                    $_SESSION["user"] = $user_name;
                    if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) {
                        if (I2System::isI2Cloud()){
                            sd_redirect("cloud/home.php");
                        }else{
                            sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
                        }
                    } else {
                        sd_redirect("i2/home.php");
                    }
                }
            }
            break;
        }
    }
}else{
    sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);
}

index.php文件fetch()函数所调用的文件

error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function httpsRequest($url, $port=0, $param) {
    $tuCurl = curl_init();
    curl_setopt($tuCurl, CURLOPT_URL, $url);
    if ($port!=0) {
        curl_setopt($tuCurl, CURLOPT_PORT , $port);
    }
    curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
    curl_setopt($tuCurl, CURLOPT_HEADER, 0);
    curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3);
    curl_setopt($tuCurl, CURLOPT_POST, 1);
    curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param);
    curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);
    
    $tuData = curl_exec($tuCurl);
    $retValue = "";
    $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);
    
    if ($tuData===false || $httpCode!=200) {
        $logger = &LoggerManager::getLogger('HttpClient');
        $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function fetchAliPrice($param){
    $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json";
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Connection:keep-alive',
    'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    'Referer: https://buy.aliyun.com/',
    'Origin:https://buy.aliyun.com'
            ));
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
}

function fetch($url,$param){
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    //     curl_setopt($ch, CURLOPT_HEADER, TRUE);    //表示需要response header
    //     curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);//
    
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //         "Content-Type: application/soap+xml; charset=utf-8",
    //         "Content-length: ".strlen($param)
    //     ));
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //     'Connection:keep-alive',
    //     'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    //     'Referer: https://buy.aliyun.com/',
    //     'Origin:https://buy.aliyun.com'
    //     ));
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $param);

    if(!curl_errno($ch)){
        $info = curl_getinfo($ch);
//         echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n";
    } else {
        echo 'Curl error: ' . curl_error($ch);
    }

    $data = curl_exec($ch);

    //     var_dump(curl_getinfo($ch));
    curl_close($ch);
    return $data;
}

回复内容:

我的问题如下:
这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.php,我的php项目没有用框架,php和html混合的。


fecaca56a326610b24626b163814a02c
'.$_GET['userId'].''.$_GET['sid'].'
';

    
    $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService";
    if(defined('SSO_SESSION_SERVER')){
        $sessionServer = SSO_SESSION_SERVER;
    }
    
    $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService";
    if(defined('SSO_SECURITY_SERVER')){
        $securityServer = SSO_SECURITY_SERVER;
    }
    
    $xmls = fetch($sessionServer, $param);
    
    if($xmls === false){
        sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
    }
    
    $xml_values = "";
    
    $parser = xml_parser_create('UTF-8');
    xml_parse_into_struct($parser, trim($xmls), $xml_values);
    xml_parser_free($parser);

    
    foreach ($xml_values as $value){
        if($value['tag'] == "RETURN"){
            if($value['value'] == 'false'){
                sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
            }elseif($value['value'] == 'true'){
                $user = &sd_get_user($user_name);
                if (!empty($user) ) {
                    $result = login_without_pwd_verify($user);
                    $_SESSION["user"] = $user_name;
                    if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) {
                        if (I2System::isI2Cloud()){
                            sd_redirect("cloud/home.php");
                        }else{
                            sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
                        }
                    } else {
                        sd_redirect("i2/home.php");
                    }
                }
            }
            break;
        }
    }
}else{
    sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);
}

index.php文件fetch()函数所调用的文件

error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function httpsRequest($url, $port=0, $param) {
    $tuCurl = curl_init();
    curl_setopt($tuCurl, CURLOPT_URL, $url);
    if ($port!=0) {
        curl_setopt($tuCurl, CURLOPT_PORT , $port);
    }
    curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
    curl_setopt($tuCurl, CURLOPT_HEADER, 0);
    curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3);
    curl_setopt($tuCurl, CURLOPT_POST, 1);
    curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param);
    curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);
    
    $tuData = curl_exec($tuCurl);
    $retValue = "";
    $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);
    
    if ($tuData===false || $httpCode!=200) {
        $logger = &LoggerManager::getLogger('HttpClient');
        $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function fetchAliPrice($param){
    $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json";
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Connection:keep-alive',
    'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    'Referer: https://buy.aliyun.com/',
    'Origin:https://buy.aliyun.com'
            ));
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
}

function fetch($url,$param){
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    //     curl_setopt($ch, CURLOPT_HEADER, TRUE);    //表示需要response header
    //     curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);//
    
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //         "Content-Type: application/soap+xml; charset=utf-8",
    //         "Content-length: ".strlen($param)
    //     ));
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //     'Connection:keep-alive',
    //     'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    //     'Referer: https://buy.aliyun.com/',
    //     'Origin:https://buy.aliyun.com'
    //     ));
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $param);

    if(!curl_errno($ch)){
        $info = curl_getinfo($ch);
//         echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n";
    } else {
        echo 'Curl error: ' . curl_error($ch);
    }

    $data = curl_exec($ch);

    //     var_dump(curl_getinfo($ch));
    curl_close($ch);
    return $data;
}

第一次请求时去第三方验证,验证成功后放入session
下次请求时 如果 session 中有数据 就不用请求了

https://segmentfault.com/q/1010000004289927

相关标签: php

上一篇: JS如何禁止别人查看网站源码

下一篇: node+token做出用户验证

推荐阅读