企业🤖AI智能体构建引擎,智能编排和调试,一键部署,支持知识库和私有化部署方案 广告
[TOC] ## `www.openpoor.com/index.php`(登陆系统) ``` <?php session_start(); if(empty($_SESSION['username'])): ?> hello,游客;请先<a href="login.php" rel="external nofollow" >登录</a> <a href="http://www.myspace.com/index.php" rel="external nofollow" rel="external nofollow" >进入空间</a> <?php else: ?> hello, <?php echo $_SESSION['username']; ?>; <a href="http://www.myspace.com/index.php" rel="external nofollow" rel="external nofollow" >进入空间</a> <?php endif; ?> <a href="http://www.openpoor.com/index.php" rel="external nofollow" >home</a> ``` 未登录 ![](https://img.kancloud.cn/f6/34/f634404c83a49dfa139664c3edcdae66_369x144.png) 登录后 ![](https://img.kancloud.cn/b0/6d/b06d0d7b0905516a28caf257923dd8e7_323x123.png) ## `www.openpoor.com/login.php`(登陆系统)登陆页面 ``` //接受登录页面提交的用户数据(这里提交到本页面) <?php session_start(); if(!empty($_POST['username'])){ require '../Des.php';//用于加密解密用户数据 $_SESSION['username'] = $_POST['username']; $redirect = 'http://www.openpoor.com/index.php';//登录成功后跳转的地址 header('Location:http://www.openpoor.com/sync.php?redirect='.urlencode($redirect).'&code='.Des::encrypt($_POST['username'],'openpoor'));exit; } ?> <form action="" method="post"> <input type="text" name="username" placeholder="用户名"/> <input type="text" name="password" placeholder="密码"/> <input type="submit" value="登录"/> </form> ``` ## `www.openpoor.com/sync.php`(登陆系统) ``` <?php $redirect = empty($_GET['redirect']) ? 'www.openpoor.com' : $_GET['redirect']; //code参数不存在跳转回登录页面 if(empty($_GET['code'])){ header('Loaction:http://'.urldecode($redirect)); exit; } $apps = array( 'www.myspace.com/slogin.php' ); foreach($apps as $v): ?> //src里放php可以跨域请求资源,注意:所引用的.php文件最终形成的是js类型代码 <script type="text/javascript" src="http://<?php echo $v.'?code='.$_GET['code'] ?>"></script> <?php endforeach; ?> <script type="text/javascript"> window.onload=function(){ location.replace('<?php echo $redirect; ?>'); } </script> </body> ``` `www.myspace.com`/slogin.php(子系统) ``` <?php session_start(); header('Content-Type:text/javascript; charset=utf-8'); if(!empty($_GET['code'])){ require '../Des.php'; $username = Des::decrypt($_GET['code'],'openpoor'); if(!empty($username)){ //在php被请求的页面加上以下代码,就可以跨域获取cookie,但其安全性有待研究 header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); $_SESSION['username'] = $username; } } ?> ``` `www.myspace.com`/index.php(子系统) ``` <?php session_start(); if(!empty($_SESSION['username'])) { echo "欢迎来到".$_SESSION['username']."的空间"; }else{ echo "请先登录"; } ?> ``` ![](https://img.kancloud.cn/a7/c5/a7c5a2fffbfb5877d8cbeb8014edbd1e_362x114.png) ![](https://img.kancloud.cn/bc/2a/bc2af5d73e8d7f9973d4646172048097_420x143.png) `www.myspace.com`/Des.php ``` <?php /** *@see Yii CSecurityManager; */ class Des{ public static function encrypt($data,$key){ $module=mcrypt_module_open('des','', MCRYPT_MODE_CBC,''); $key=substr(md5($key),0,mcrypt_enc_get_key_size($module)); srand(); $iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND); mcrypt_generic_init($module,$key,$iv); $encrypted=$iv.mcrypt_generic($module,$data); mcrypt_generic_deinit($module); mcrypt_module_close($module); return md5($data).'_'.base64_encode($encrypted); } public static function decrypt($data,$key){ $_data = explode('_',$data,2); if(count($_data)<2){ return false; } $data = base64_decode($_data[1]); $module=mcrypt_module_open('des','', MCRYPT_MODE_CBC,''); $key=substr(md5($key),0,mcrypt_enc_get_key_size($module)); $ivSize=mcrypt_enc_get_iv_size($module); $iv=substr($data,0,$ivSize); mcrypt_generic_init($module,$key,$iv); $decrypted=mdecrypt_generic($module,substr($data,$ivSize,strlen($data))); mcrypt_generic_deinit($module); mcrypt_module_close($module); $decrypted = rtrim($decrypted,"\0"); if($_data[0]!=md5($decrypted)){ return false; } return $decrypted; } } ?> ```