使用php实现单点登录实例详解

<?php ?session_start(); ??> ?<!DOCTYPE html> ?<html> ?<head> ?<meta charset="UTF-8"/> ?<title>sync login</title> ?</head> ?<body> ?<?php if(empty($_SESSION[‘username‘])):?> ?hello,游客;请先<a href="login.php">登录</a><a href="http://www.myspace.com/index.php">进入空间</a> ?<?php else: ?> ?hello,<?php echo $_SESSION[‘username‘]; ?>;<a href="http://www.myspace.com/index.php">进入空间</a> ?<?php endif; ?> ???<a href="http://www.openpoor.com/index.php">home</a> ?</body> ?</html> ?

<?php ?session_start(); ?if(!empty($_POST[‘username‘])){ ???require ‘../Des.php‘; ???$_SESSION[‘username‘] = $_POST[‘username‘]; ???$redirect = ‘http://www.openpoor.com/index.php‘; ???header(‘Location:http://www.openpoor.com/sync.php?redirect=‘.urlencode($redirect).‘&code=‘.Des::encrypt($_POST[‘username‘],‘openpoor‘));exit; ?} ??> ?<!DOCTYPE html> ?<html> ?<head> ?<meta charset="UTF-8"/> ?<title>sync login</title> ?</head> ?<body> ?<form action="" method="post"> ???<input type="text" name="username" placeholder="用户名"/> ???<input type="text" name="password" placeholder="密码"/> ???<input type="submit" value="登录"/> ?</form> ?</body> ?</html> 

<?php ?$redirect = empty($_GET[‘redirect‘]) ? ‘www.openpoor.com‘ : $_GET[‘redirect‘]; ?if(empty($_GET[‘code‘])){ ?????header(‘Loaction:http://‘.urldecode($redirect)); ???exit; ?} ?$apps = array( ???‘www.myspace.com/slogin.php‘ ?); ??> ?<!DOCTYPE html> ?<html> ?<head> ?<meta charset="UTF-8"/> ?<?php foreach($apps as $v): ?> ?<script type="text/javascript" src="http://<?php echo $v.‘?code=‘.$_GET[‘code‘] ?>"></script> ?<?php endforeach; ?> ?<title>passport</title> ?</head> ?<body> ?<script type="text/javascript"> ?window.onload=function(){ ???location.replace(‘<?php echo $redirect; ?>‘); ?} ?</script> ?</body> ?</html> ?

<?php ?session_start(); ?header(‘Content-Type:text/javascript; charset=utf-8‘); ?if(!empty($_GET[‘code‘])){ ???require ‘../Des.php‘; ???$username = Des::decrypt($_GET[‘code‘],‘openpoor‘); ???if(!empty($username)){ ?????header(‘P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"‘); ?????$_SESSION[‘username‘] = $username; ???} ?} ??> ?

<?php ?session_start(); ?if(!empty($_SESSION[‘username‘])) ?{ ?????echo "欢迎来到".$_SESSION[‘username‘]."的空间"; ?}else{ ?????echo "请先登录"; ?} ??> ?

<?php ?/** ?*@see Yii CSecurityManager; ?*/ ?class Des{ ???public static function encrypt($data,$key){ ???????$module=mcrypt_module_open(‘des‘,‘‘, MCRYPT_MODE_CBC,‘‘); ???????$key=substr(md5($key),0,mcrypt_enc_get_key_size($module)); ???????srand(); ???????$iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND); ???????mcrypt_generic_init($module,$key,$iv); ???????$encrypted=$iv.mcrypt_generic($module,$data); ???????mcrypt_generic_deinit($module); ???????mcrypt_module_close($module); ???????return md5($data).‘_‘.base64_encode($encrypted); ???} ???public static function decrypt($data,$key){ ???????????$_data = explode(‘_‘,$data,2); ???????if(count($_data)<2){ ?????return false; ???????} ???????$data = base64_decode($_data[1]); ?????????????$module=mcrypt_module_open(‘des‘,‘‘, MCRYPT_MODE_CBC,‘‘); ???????$key=substr(md5($key),0,mcrypt_enc_get_key_size($module)); ???????$ivSize=mcrypt_enc_get_iv_size($module); ???????$iv=substr($data,0,$ivSize); ???????mcrypt_generic_init($module,$key,$iv); ???????$decrypted=mdecrypt_generic($module,substr($data,$ivSize,strlen($data))); ???????mcrypt_generic_deinit($module); ???????mcrypt_module_close($module); ???????$decrypted = rtrim($decrypted,"\0"); ??????????????if($_data[0]!=md5($decrypted)){ ?????return false; ???????} ???????return $decrypted; ???} ?} ??> ?