Single sign-on

Last Update:2017-05-14 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Single Sign-On sends a link so that the following parameters do not go to the login page and directly go to the login background method and jump to the php Project's homepage. how should I perform this operation?

This is the background login method,
Function user_login ($ username, $ password, $ code = null, $ login_type = 0, $ is_oauth = null ){
Global $ _ lang, $ _ K;

$ Username = $ _ GET ['username']
$ Password = $ _ GET ['password']

$ _ SESSION ['username'] = $ user_info ['username'];
$ _ SESSION ['password'] = $ user_info ['password'];

$ This-> account_init ($ username );
$ This-> password_init (md5 ($ password ));
$ This-> login_type ($ login_type );
If ($ this-> _ login_times ){
$ This-> check_code ($ code );
}
$ Accout_type = $ this-> get_login_type ();
Switch ($ this-> _ sys_config ['User _ intergration ']) {
Case "1 ":
Switch ($ accout_type ){
Case 'mobile ':
$ User_info = $ this-> valid_moble_auth ();
Break;
Case 'email ':
$ User_info = $ this-> valid_email_auth ();
Break;
Case 'username ':
$ User_info = $ this-> valid_username ();
Break;
}
Elseif ($ user_info ['status'] = 2 ){
$ This-> show_msg ('

'. $ _ Lang ['account _ has_freeze_or_unactivate'].'

', 4,' index. php? Do = login ');
} Elseif ($ user_info ['status'] = 3 & $ login_type! = 1 ){
$ This-> show_msg ('

'. $ _ Lang ['account _ has_not_excited'].'

', 6,' index. php? Do = login ');
}
Return $ user_info;
}
Function login_freeze (){
If ($ this-> check_black ()){
$ Db_times = $ this-> get_login_times ($ this-> _ login_uid );
$ Db_times! = 0 and db_factory: execute (sprintf ('update % switkey_member_black set 'login _ times '= 'login _ times'-1 where 'uid' = % d', TABLEPRE, $ this-> _ login_uid ));
} Else {
$ Expire = time () + 24*3600;
Db_factory: execute (sprintf ('Insert into % switkey_member_black ('B _ id', 'uid', 'expire', 'On _ time', 'login _ times ') values (NULL, % d, 4) ', TABLEPRE, $ this-> _ login_uid, $ expire, time ()));
}
$ Db_times = $ this-> get_login_times ($ this-> _ login_uid );
Return $ db_times ['login _ time'];
}
Function check_black (){
$ Rs = db_factory: get_one (sprintf ('select 'uid' from % switkey_member_black where 'uid' = % d', TABLEPRE, $ this-> _ login_uid ));
If ($ rs ['uid']) {
Return true;
} Else {
Return false;
}
}

Function valid_username (){
$ Username = $ _ GET ['username']
$ Password = $ _ GET ['password']
Global $ _ lang;
$ User_info = kekezu: get_user_info ($ this-> _ account, 1 );
If ($ user_info ){
$ User_info ['login _ type'] = 'username ';
Header ('Location: index. php ')
Return $ user_info;
} Else {
$ This-> add_login_time ();
$ This-> show_msg ('user name or password is incorrect. check whether the account is entered correctly ', 3, 'index. php', 1 );
}
}

What can I do to implement the required functions?

Solved in append 50

Reply to discussion (solution)

You can include your login user information in the link, for example
The username is yyyy and the password is XXXXX. use 0123456789 to differentiate
Is the link constructed into xx. php? LoginString = yyyy0123456789XXXXX
As for how you add a password for LoginString, you are free to use it.

I have integrated a login page link for the sake of simplicity, and I have also come out, but I cannot get the get request in the background. does it take effect if I get the parameter that should be followed by the link? actions in the form

1. you can submit the entire table through post 2 or get.

Get is used now, but why does form submission work?

The form still uses post, and the url is get. However, if you do not rewrite the routing rules, your login.html # username = xx # password = xx is incorrect ..
Get adds the data in the form to the URL pointed to by action in the form of variable = value, and the two use "?" And each variable is connected with an ampersands (&).

I must use the get request. I have never been in touch with php. my manager meant to directly get the get value and put it into the background session. go to the background method to log on and jump to the login succeeded. the page displays the & link I started to use, but because this is an html page, I used & link to report an error. I came here with #. Should I first get the url and rewrite the route? how to write?

The newcomers are too new .. Ask your colleagues for these questions... After all, replies on the network are not timely and inefficient.

It's because my colleagues didn't even know about php. I am alone in this case. I am going to be crazy.

You have discussed a lot of topics, but you haven't even talked about it!

The so-called single sign-on means that after one login, the user passes the logged-on information so that the user is no longer identified as not logged-on elsewhere.

Could you do this? on the first login success page, there is a button to send a hyperlink, followed by a user name, to the second login page, and then the second page to obtain the user name? after completing the login method, the returned value directly jumps to the homepage of successful login.

One of the two main projects is java, and the other is whether php will conflict with each other.

Suppose you successfully log on to page A and generate B. php? Token = fsadfads where Token contains the login information of a user. As for how to verify the legal identity of the user, it depends on yourself .. As for html, parameters cannot be included... The simplest thing is that in B and php, it is not enough to verify the header location after the identity...

Suppose you successfully log on to page A and generate B. php? Token = fsadfads where Token contains the login information of a user. As for how to verify the legal identity of the user, it depends on yourself .. As for html, parameters cannot be included... The simplest thing is that in B and php, it is not enough to verify the header location after the identity...

It is because I started to use the user name for verification, and then added the header location to the end. the project itself has too many code, so I created a new login method that can be used on the Internet, my colleague and I studied it. my colleague said that the most important thing now is to let the link I sent go through the login method in my background, and then press + header location as you said.
Please try again

Suppose you successfully log on to page A and generate B. php? Token = fsadfads where Token contains the login information of a user. As for how to verify the legal identity of the user, it depends on yourself .. As for html, parameters cannot be included... The simplest thing is that in B and php, it is not enough to verify the header location after the identity...