My question is as follows:
This is a kind of PHP session processing mechanism, right? Can you verify the session every time you go to a third-party platform? This is the portal file index.php, my PHP project is not mixed with frames, PHP and HTML.
fecaca56a326610b24626b163814a02c
'. $_get[' userId ']. '
'
. $_get[' Sid ']. '
'; $sessionServer = "Http://mzwa-123.6655.la:8090/services/SessionService"; if (defined (' Sso_session_server ')) {$sessionServer = Sso_session_server; } $securityServer = "Http://mzwa-123.6655.la:8090/services/SecurityService"; if (defined (' Sso_security_server ')) {$securityServer = Sso_security_server; } $XMLS = Fetch ($sessionServer, $param); if ($xmls = = = False) {Sd_redirect ($GLOBAL _system[product_type]["index"]); } $xml _values = ""; $parser = xml_parser_create (' UTF-8 '); Xml_parse_into_struct ($parser, Trim ($xmls), $xml _values); Xml_parser_free ($parser); foreach ($xml _values as $value) {if ($value [' tag '] = = "RETURN") {if ($value [' value '] = = ' false ') { Sd_redirect ($GLOBAL _system[product_type]["index"]); }elseif ($value [' value '] = = ' true ') {$user = &sd_get_user ($user _name); if (!empty ($user)) {$result = Login_Without_pwd_verify ($user); $_session["user"] = $user _name; if ($_session["role"] = = Userdao:: $ROLE _cloud_user) {if (I2system::isi2cloud ()) { Sd_redirect ("cloud/home.php"); }else{Sd_redirect ($GLOBAL _system[product_type]["index"]); }} else {sd_redirect ("i2/home.php"); }}} break; }}}else{Sd_redirect ($GLOBAL _system[product_type]["index"]. "?". $_server["Query_string"]);}
index.php file that is called by the fetch () function
Error ("Httpcode:". $httpCode. ", Curl Error:". Curl_error ($tuCurl)); $retValue = "Error"; } else {$retValue = $tuData; } curl_close ($tuCurl); return $retValue;} function Httpsrequest ($url, $port =0, $param) {$tuCurl = Curl_init (); curl_setopt ($tuCurl, Curlopt_url, $url); if ($port!=0) {curl_setopt ($tuCurl, Curlopt_port, $port); } curl_setopt ($tuCurl, curlopt_verbose, 0); curl_setopt ($tuCurl, Curlopt_header, 0); curl_setopt ($tuCurl, Curlopt_sslversion, 3); curl_setopt ($tuCurl, Curlopt_post, 1); curl_setopt ($tuCurl, Curlopt_ssl_verifypeer, 0); curl_setopt ($tuCurl, Curlopt_returntransfer, 1); curl_setopt ($tuCurl, Curlopt_postfields, $param); curl_setopt ($tuCurl, Curlopt_timeout, 5); $tuData = curl_exec ($tuCurl); $retValue = ""; $httpCode = Curl_getinfo ($tuCurl, Curlinfo_http_code); if ($tuData ===false | | $httpCode!=200) {$logger = &loggermanager::getlogger (' HttpClient '); $logger-> Error ("Httpcode:". $httpCode. ", Curl Error:". Curl_error ($tuCurl)); $retValue = "Error"; } else {$retValue = $tuData; } curl_close ($tuCurl); return $retValue;} function Fetchaliprice ($param) {$url = "Https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json"; $ch = Curl_init (); curl_setopt ($ch, Curlopt_url, $url); curl_setopt ($ch, Curlopt_returntransfer, 1); curl_setopt ($ch, Curlopt_connecttimeout, 15); curl_setopt ($ch, Curlopt_httpheader, Array (' connection:keep-alive ', ' user-agent: '. $_server["Http_user_agent"], ' referer:https://buy.aliyun.com/', ' origin:https://buy.aliyun.com ')); curl_setopt ($ch, Curlopt_post, 1); curl_setopt ($ch, Curlopt_postfields, $param); $data = curl_exec ($ch); Curl_close ($ch); return $data;} function Fetch ($url, $param) {$ch = Curl_init (); curl_setopt ($ch, Curlopt_url, $url); curl_setopt ($ch, Curlopt_header, TRUE); SaidRequires response header//curl_setopt ($ch, Curlopt_nobody, FALSE); Indicates the need for response body curl_setopt ($ch, Curlopt_returntransfer, 1); curl_setopt ($ch, Curlopt_connecttimeout, 15); curl_setopt ($ch, Curlopt_ssl_verifypeer, false);///Curl_setopt ($ch, Curlopt_httpheader, Array (// "Content-type:application/soap+xml; Charset=utf-8 ",//" Content-length: ". strlen ($param)//)); curl_setopt ($ch, Curlopt_httpheader, Array (//' connection:keep-alive ',//' user-agent: '. $_server[' HT Tp_user_agent "],//' referer:https://buy.aliyun.com/',//' origin:https://buy.aliyun.com '//)); curl_setopt ($ch, Curlopt_post, 1); curl_setopt ($ch, Curlopt_postfields, $param); if (!curl_errno ($ch)) {$info = Curl_getinfo ($ch);//Echo ' Took '. $info [' Total_time ']. ' Seconds to send a request to '. $info [' url ']. \ n "; } else {echo ' Curl error: '. Curl_error ($ch); } $data = CURl_exec ($ch); Var_dump (Curl_getinfo ($ch)); Curl_close ($ch); return $data;}
Reply content:
My question is as follows:
This is a kind of PHP session processing mechanism, right? Can you verify the session every time you go to a third-party platform? This is the portal file index.php, my PHP project is not mixed with frames, PHP and HTML.
fecaca56a326610b24626b163814a02c
'. $_get[' userId ']. '
'
. $_get[' Sid ']. '
'; $sessionServer = "Http://mzwa-123.6655.la:8090/services/SessionService"; if (defined (' Sso_session_server ')) {$sessionServer = Sso_session_server; } $securityServer = "Http://mzwa-123.6655.la:8090/services/SecurityService"; if (defined (' Sso_security_server ')) {$securityServer = Sso_security_server; } $XMLS = Fetch ($sessionServer, $param); if ($xmls = = = False) {Sd_redirect ($GLOBAL _system[product_type]["index"]); } $xml _values = ""; $parser = xml_parser_create (' UTF-8 '); Xml_parse_into_struct ($parser, Trim ($xmls), $xml _values); Xml_parser_free ($parser); foreach ($xml _values as $value) {if ($value [' tag '] = = "RETURN") {if ($value [' value '] = = ' false ') { Sd_redirect ($GLOBAL _system[product_type]["index"]); }elseif ($value [' value '] = = ' true ') {$user = &sd_get_user ($user _name); if (!empty ($user)) {$result = Login_Without_pwd_verify ($user); $_session["user"] = $user _name; if ($_session["role"] = = Userdao:: $ROLE _cloud_user) {if (I2system::isi2cloud ()) { Sd_redirect ("cloud/home.php"); }else{Sd_redirect ($GLOBAL _system[product_type]["index"]); }} else {sd_redirect ("i2/home.php"); }}} break; }}}else{Sd_redirect ($GLOBAL _system[product_type]["index"]. "?". $_server["Query_string"]);}
index.php file that is called by the fetch () function
Error ("Httpcode:". $httpCode. ", Curl Error:". Curl_error ($tuCurl)); $retValue = "Error"; } else {$retValue = $tuData; } curl_close ($tuCurl); return $retValue;} function Httpsrequest ($url, $port =0, $param) {$tuCurl = Curl_init (); curl_setopt ($tuCurl, Curlopt_url, $url); if ($port!=0) {curl_setopt ($tuCurl, Curlopt_port, $port); } curl_setopt ($tuCurl, curlopt_verbose, 0); curl_setopt ($tuCurl, Curlopt_header, 0); curl_setopt ($tuCurl, Curlopt_sslversion, 3); curl_setopt ($tuCurl, Curlopt_post, 1); curl_setopt ($tuCurl, Curlopt_ssl_verifypeer, 0); curl_setopt ($tuCurl, Curlopt_returntransfer, 1); curl_setopt ($tuCurl, Curlopt_postfields, $param); curl_setopt ($tuCurl, Curlopt_timeout, 5); $tuData = curl_exec ($tuCurl); $retValue = ""; $httpCode = Curl_getinfo ($tuCurl, Curlinfo_http_code); if ($tuData ===false | | $httpCode!=200) {$logger = &loggermanager::getlogger (' HttpClient '); $logger-> Error ("Httpcode:". $httpCode. ", Curl Error:". Curl_error ($tuCurl)); $retValue = "Error"; } else {$retValue = $tuData; } curl_close ($tuCurl); return $retValue;} function Fetchaliprice ($param) {$url = "Https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json"; $ch = Curl_init (); curl_setopt ($ch, Curlopt_url, $url); curl_setopt ($ch, Curlopt_returntransfer, 1); curl_setopt ($ch, Curlopt_connecttimeout, 15); curl_setopt ($ch, Curlopt_httpheader, Array (' connection:keep-alive ', ' user-agent: '. $_server["Http_user_agent"], ' referer:https://buy.aliyun.com/', ' origin:https://buy.aliyun.com ')); curl_setopt ($ch, Curlopt_post, 1); curl_setopt ($ch, Curlopt_postfields, $param); $data = curl_exec ($ch); Curl_close ($ch); return $data;} function Fetch ($url, $param) {$ch = Curl_init (); curl_setopt ($ch, Curlopt_url, $url); curl_setopt ($ch, Curlopt_header, TRUE); SaidRequires response header//curl_setopt ($ch, Curlopt_nobody, FALSE); Indicates the need for response body curl_setopt ($ch, Curlopt_returntransfer, 1); curl_setopt ($ch, Curlopt_connecttimeout, 15); curl_setopt ($ch, Curlopt_ssl_verifypeer, false);///Curl_setopt ($ch, Curlopt_httpheader, Array (// "Content-type:application/soap+xml; Charset=utf-8 ",//" Content-length: ". strlen ($param)//)); curl_setopt ($ch, Curlopt_httpheader, Array (//' connection:keep-alive ',//' user-agent: '. $_server[' HT Tp_user_agent "],//' referer:https://buy.aliyun.com/',//' origin:https://buy.aliyun.com '//)); curl_setopt ($ch, Curlopt_post, 1); curl_setopt ($ch, Curlopt_postfields, $param); if (!curl_errno ($ch)) {$info = Curl_getinfo ($ch);//Echo ' Took '. $info [' Total_time ']. ' Seconds to send a request to '. $info [' url ']. \ n "; } else {echo ' Curl error: '. Curl_error ($ch); } $data = CURl_exec ($ch); Var_dump (Curl_getinfo ($ch)); Curl_close ($ch); return $data;}
On first request, go to third-party verification, verify success and put into session
The next request, if there is data in the session, you don't have to ask.
https://segmentfault.com/q/1010000004289927