我的問題如下:
這是一種php的session處理機制是嗎?可以每次去第三方平台去驗證session是嗎?這是入口檔案index.php,我的php項目沒有用架構,php和html混合的。
fecaca56a326610b24626b163814a02c '.$_GET['userId'].' '.$_GET['sid'].' '; $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService"; if(defined('SSO_SESSION_SERVER')){ $sessionServer = SSO_SESSION_SERVER; } $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService"; if(defined('SSO_SECURITY_SERVER')){ $securityServer = SSO_SECURITY_SERVER; } $xmls = fetch($sessionServer, $param); if($xmls === false){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } $xml_values = ""; $parser = xml_parser_create('UTF-8'); xml_parse_into_struct($parser, trim($xmls), $xml_values); xml_parser_free($parser); foreach ($xml_values as $value){ if($value['tag'] == "RETURN"){ if($value['value'] == 'false'){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); }elseif($value['value'] == 'true'){ $user = &sd_get_user($user_name); if (!empty($user) ) { $result = login_without_pwd_verify($user); $_SESSION["user"] = $user_name; if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) { if (I2System::isI2Cloud()){ sd_redirect("cloud/home.php"); }else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } } else { sd_redirect("i2/home.php"); } } } break; } }}else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);}
index.php檔案fetch()函數所調用的檔案
error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue;}function httpsRequest($url, $port=0, $param) { $tuCurl = curl_init(); curl_setopt($tuCurl, CURLOPT_URL, $url); if ($port!=0) { curl_setopt($tuCurl, CURLOPT_PORT , $port); } curl_setopt($tuCurl, CURLOPT_VERBOSE, 0); curl_setopt($tuCurl, CURLOPT_HEADER, 0); curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3); curl_setopt($tuCurl, CURLOPT_POST, 1); curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param); curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5); $tuData = curl_exec($tuCurl); $retValue = ""; $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE); if ($tuData===false || $httpCode!=200) { $logger = &LoggerManager::getLogger('HttpClient'); $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue;}function fetchAliPrice($param){ $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Connection:keep-alive', 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], 'Referer: https://buy.aliyun.com/', 'Origin:https://buy.aliyun.com' )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); $data = curl_exec($ch); curl_close($ch); return $data;}function fetch($url,$param){ $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); // curl_setopt($ch, CURLOPT_HEADER, TRUE); //表示需要response header // curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // "Content-Type: application/soap+xml; charset=utf-8", // "Content-length: ".strlen($param) // )); // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // 'Connection:keep-alive', // 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], // 'Referer: https://buy.aliyun.com/', // 'Origin:https://buy.aliyun.com' // )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); if(!curl_errno($ch)){ $info = curl_getinfo($ch);// echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n"; } else { echo 'Curl error: ' . curl_error($ch); } $data = curl_exec($ch); // var_dump(curl_getinfo($ch)); curl_close($ch); return $data;}
回複內容:
我的問題如下:
這是一種php的session處理機制是嗎?可以每次去第三方平台去驗證session是嗎?這是入口檔案index.php,我的php項目沒有用架構,php和html混合的。
fecaca56a326610b24626b163814a02c '.$_GET['userId'].' '.$_GET['sid'].' '; $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService"; if(defined('SSO_SESSION_SERVER')){ $sessionServer = SSO_SESSION_SERVER; } $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService"; if(defined('SSO_SECURITY_SERVER')){ $securityServer = SSO_SECURITY_SERVER; } $xmls = fetch($sessionServer, $param); if($xmls === false){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } $xml_values = ""; $parser = xml_parser_create('UTF-8'); xml_parse_into_struct($parser, trim($xmls), $xml_values); xml_parser_free($parser); foreach ($xml_values as $value){ if($value['tag'] == "RETURN"){ if($value['value'] == 'false'){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); }elseif($value['value'] == 'true'){ $user = &sd_get_user($user_name); if (!empty($user) ) { $result = login_without_pwd_verify($user); $_SESSION["user"] = $user_name; if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) { if (I2System::isI2Cloud()){ sd_redirect("cloud/home.php"); }else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } } else { sd_redirect("i2/home.php"); } } } break; } }}else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);}
index.php檔案fetch()函數所調用的檔案
error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue;}function httpsRequest($url, $port=0, $param) { $tuCurl = curl_init(); curl_setopt($tuCurl, CURLOPT_URL, $url); if ($port!=0) { curl_setopt($tuCurl, CURLOPT_PORT , $port); } curl_setopt($tuCurl, CURLOPT_VERBOSE, 0); curl_setopt($tuCurl, CURLOPT_HEADER, 0); curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3); curl_setopt($tuCurl, CURLOPT_POST, 1); curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param); curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5); $tuData = curl_exec($tuCurl); $retValue = ""; $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE); if ($tuData===false || $httpCode!=200) { $logger = &LoggerManager::getLogger('HttpClient'); $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue;}function fetchAliPrice($param){ $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Connection:keep-alive', 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], 'Referer: https://buy.aliyun.com/', 'Origin:https://buy.aliyun.com' )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); $data = curl_exec($ch); curl_close($ch); return $data;}function fetch($url,$param){ $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); // curl_setopt($ch, CURLOPT_HEADER, TRUE); //表示需要response header // curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // "Content-Type: application/soap+xml; charset=utf-8", // "Content-length: ".strlen($param) // )); // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // 'Connection:keep-alive', // 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], // 'Referer: https://buy.aliyun.com/', // 'Origin:https://buy.aliyun.com' // )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); if(!curl_errno($ch)){ $info = curl_getinfo($ch);// echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n"; } else { echo 'Curl error: ' . curl_error($ch); } $data = curl_exec($ch); // var_dump(curl_getinfo($ch)); curl_close($ch); return $data;}
第一次請求時去第三方驗證,驗證成功後放入session
下次請求時 如果 session 中有資料 就不用請求了
https://segmentfault.com/q/1010000004289927