PHP website Single Sign-on-Volume two (proxy login)

The previous article simple implementation of sub-domain name session sharing method of single sign-on, this article with a proxy way to achieve a single point of synchronization under different domain names, want to realize multi-domain login needs to let the user's browser record each domain name cookie, then must let the browser request these hosts, It's easy to add links to other domains in the page such as

<script type= "Text/javascript" src= "Http://domain" ></script> some browsers do not accept third-party cookie writes by default, you must add the P3P HTTP header to try;

Knowledge Points:

The 1.src property is not limited by the domain name.

2.P3P break across domains.

Experimental domain name:

Primary domain name: www.shenxn.com; other domain name: www.wangjun.com;www.xn.com

Experiment Code:

index.php

<?php

Program Main Page

Session_Start ();

?>

<! DOCTYPE html>

<meta charset= "UTF-8"/>

<title>sync login</title>

<body>

<?php if (Empty ($_session[' username ')):?>

Hello, visitor; please <a href= "http://www.shenxn.com/login.php" > Login </a>

<?php Else:?>

hello,<?php echo $_session[' username '];?>

<?php endif;?>

</body>

login.php

<?php

Log in and adjust to the proxy page

Session_Start ();

if (!empty ($_post[' username ')) {

Require __dir__. ' /des.php ';

$_session[' username '] = $_post[' username '];

$redirect = ' http://www.shenxn.com/index.php ';

Header (' location:http://www.shenxn.com/sync.php?redirect= '. UrlEncode ($redirect). ' &code= '. Des::encrypt ($_post[' username '), ' Openpoor ');

Exit

}

?>

<! DOCTYPE html>

<meta charset= "UTF-8"/>

<title>sync login</title>

<body>

<form action= "" method= "POST" >

<input type= "text" name= "username" placeholder= "user name"/>

<input type= "text" name= "password" placeholder= "password"/>

<input type= "Submit" value= "Login"/>

</form>

</body>

sync.php

<?php

Notify other domain host logins

$redirect = Empty ($_get[' redirect ')? ' www.shenxn.com ': $_get[' redirect ';

if (Empty ($_get[' Code '))) {

Header (' loaction:http://'. UrlDecode ($redirect));

Exit

}

$apps = Array (

' Www.xn.com/slogin.php ',

' Www.wangjun.com/slogin.php ',

);

?>

<! DOCTYPE html>

<meta charset= "UTF-8"/>

<?php foreach ($apps as $v):?>

<script type= "Text/javascript" src= "http://<?php echo $v. ' code= '. $_get[' code '?> ' ></script>

<?php Endforeach;?>

<title>pass port</title>

<body>

<script type= "Text/javascript" >

Window.onload=function () {

Location.replace (' <?php echo $redirect;?> ');

}

</script>

</body>

slogin.php

<?php

P3P generate a cookie and log in

Session_Start ();

Header (' Content-type:text/javascript; Charset=utf-8 ');

if (!empty ($_get[' code ')) {

Require __dir__. ' /des.php ';

$username = Des::d ecrypt ($_get[' code '), ' Openpoor ');

Var_dump ($_get[' code ');

if (!empty ($username)) {

Header (' p3p:cp= ' CURa ADMa DEVa Psao psdo our BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR "');

$_session[' username '] = $username;

}

}

des.php   

<?php

Class des{

public static function Encrypt ($data, $key) {

$module =mcrypt_module_open (' des ', ', MCRYPT_MODE_CBC, ');

$key =SUBSTR (MD5 ($key), 0,mcrypt_enc_get_key_size ($module));

Srand ();

$iv =mcrypt_create_iv (Mcrypt_enc_get_iv_size ($module), Mcrypt_rand);

Mcrypt_generic_init ($module, $key, $IV);

$encrypted = $iv. Mcrypt_generic ($module, $data);

Mcrypt_generic_deinit ($module);

Mcrypt_module_close ($module);

return MD5 ($data). ' _ '. Base64_encode ($encrypted);

}

public static function Decrypt ($data, $key) {

$_data = Explode (' _ ', $data, 2);

if (count ($_data) <2) {

return false;

}

$data = Base64_decode ($_data[1]);

$module =mcrypt_module_open (' des ', ', MCRYPT_MODE_CBC, ');

$key =SUBSTR (MD5 ($key), 0,mcrypt_enc_get_key_size ($module));

$ivSize =mcrypt_enc_get_iv_size ($module);

$iv =substr ($data, 0, $ivSize);

Mcrypt_generic_init ($module, $key, $IV);

$decrypted =mdecrypt_generic ($module, substr ($data, $ivSize, strlen ($data)));

Mcrypt_generic_deinit ($module);

Mcrypt_module_close ($module);

$decrypted = RTrim ($decrypted, "n");

if ($_DATA[0]!=MD5 ($decrypted)) {

return false;

}

return $decrypted;

}

}

PHP website Single Sign-on-Volume two (proxy login)