Heim >Backend-Entwicklung >PHP-Tutorial >这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.SegmentFault
我的问题如下:
这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.php,我的php项目没有用框架,php和html混合的。
<code><?php require( dirname(__FILE__) . '/config.php' ); global $GLOBAL_SYSTEM; if(isset($_GET['userId']) && $_GET['userId'] != ""){ $user_name = $_GET['userId']; $param = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:lev="http://session.level1.services.sdk.actionsoft.com/"> <header><aws-auth xmlns="http://services.sdk.actionsoft.com/">fecaca56a326610b24626b163814a02c</aws-auth> <header></header> <body> <checksession> <userid>'.$_GET['userId'].'</userid> <sid>'.$_GET['sid'].'</sid> </checksession> </body> '; $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService"; if(defined('SSO_SESSION_SERVER')){ $sessionServer = SSO_SESSION_SERVER; } $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService"; if(defined('SSO_SECURITY_SERVER')){ $securityServer = SSO_SECURITY_SERVER; } $xmls = fetch($sessionServer, $param); if($xmls === false){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } $xml_values = ""; $parser = xml_parser_create('UTF-8'); xml_parse_into_struct($parser, trim($xmls), $xml_values); xml_parser_free($parser); foreach ($xml_values as $value){ if($value['tag'] == "RETURN"){ if($value['value'] == 'false'){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); }elseif($value['value'] == 'true'){ $user = &sd_get_user($user_name); if (!empty($user) ) { $result = login_without_pwd_verify($user); $_SESSION["user"] = $user_name; if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) { if (I2System::isI2Cloud()){ sd_redirect("cloud/home.php"); }else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } } else { sd_redirect("i2/home.php"); } } } break; } } }else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]); } </header></code>
index.php文件fetch()函数所调用的文件
<code><?php require( dirname(__FILE__) . '/../config.php' ); function httpGet($url) { $tuCurl = curl_init(); curl_setopt($tuCurl, CURLOPT_URL, $url); curl_setopt($tuCurl, CURLOPT_HEADER, 0); curl_setopt($tuCurl, CURLOPT_VERBOSE, 0); curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5); $tuData = curl_exec($tuCurl); $retValue = ""; $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE); if ($tuData===false || $httpCode!=200) { $logger = &LoggerManager::getLogger('HttpClient'); $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue; } function httpsRequest($url, $port=0, $param) { $tuCurl = curl_init(); curl_setopt($tuCurl, CURLOPT_URL, $url); if ($port!=0) { curl_setopt($tuCurl, CURLOPT_PORT , $port); } curl_setopt($tuCurl, CURLOPT_VERBOSE, 0); curl_setopt($tuCurl, CURLOPT_HEADER, 0); curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3); curl_setopt($tuCurl, CURLOPT_POST, 1); curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param); curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5); $tuData = curl_exec($tuCurl); $retValue = ""; $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE); if ($tuData===false || $httpCode!=200) { $logger = &LoggerManager::getLogger('HttpClient'); $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue; } function fetchAliPrice($param){ $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Connection:keep-alive', 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], 'Referer: https://buy.aliyun.com/', 'Origin:https://buy.aliyun.com' )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); $data = curl_exec($ch); curl_close($ch); return $data; } function fetch($url,$param){ $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); // curl_setopt($ch, CURLOPT_HEADER, TRUE); //表示需要response header // curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // "Content-Type: application/soap+xml; charset=utf-8", // "Content-length: ".strlen($param) // )); // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // 'Connection:keep-alive', // 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], // 'Referer: https://buy.aliyun.com/', // 'Origin:https://buy.aliyun.com' // )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); if(!curl_errno($ch)){ $info = curl_getinfo($ch); // echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n"; } else { echo 'Curl error: ' . curl_error($ch); } $data = curl_exec($ch); // var_dump(curl_getinfo($ch)); curl_close($ch); return $data; } </code>
我的问题如下:
这是一种php的session处理机制是吗?可以每次去第三方平台去验证session是吗?这是入口文件index.php,我的php项目没有用框架,php和html混合的。
<code><?php require( dirname(__FILE__) . '/config.php' ); global $GLOBAL_SYSTEM; if(isset($_GET['userId']) && $_GET['userId'] != ""){ $user_name = $_GET['userId']; $param = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:lev="http://session.level1.services.sdk.actionsoft.com/"> <header><aws-auth xmlns="http://services.sdk.actionsoft.com/">fecaca56a326610b24626b163814a02c</aws-auth> <header></header> <body> <checksession> <userid>'.$_GET['userId'].'</userid> <sid>'.$_GET['sid'].'</sid> </checksession> </body> '; $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService"; if(defined('SSO_SESSION_SERVER')){ $sessionServer = SSO_SESSION_SERVER; } $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService"; if(defined('SSO_SECURITY_SERVER')){ $securityServer = SSO_SECURITY_SERVER; } $xmls = fetch($sessionServer, $param); if($xmls === false){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } $xml_values = ""; $parser = xml_parser_create('UTF-8'); xml_parse_into_struct($parser, trim($xmls), $xml_values); xml_parser_free($parser); foreach ($xml_values as $value){ if($value['tag'] == "RETURN"){ if($value['value'] == 'false'){ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); }elseif($value['value'] == 'true'){ $user = &sd_get_user($user_name); if (!empty($user) ) { $result = login_without_pwd_verify($user); $_SESSION["user"] = $user_name; if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) { if (I2System::isI2Cloud()){ sd_redirect("cloud/home.php"); }else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]); } } else { sd_redirect("i2/home.php"); } } } break; } } }else{ sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]); } </header></code>
index.php文件fetch()函数所调用的文件
<code><?php require( dirname(__FILE__) . '/../config.php' ); function httpGet($url) { $tuCurl = curl_init(); curl_setopt($tuCurl, CURLOPT_URL, $url); curl_setopt($tuCurl, CURLOPT_HEADER, 0); curl_setopt($tuCurl, CURLOPT_VERBOSE, 0); curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5); $tuData = curl_exec($tuCurl); $retValue = ""; $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE); if ($tuData===false || $httpCode!=200) { $logger = &LoggerManager::getLogger('HttpClient'); $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue; } function httpsRequest($url, $port=0, $param) { $tuCurl = curl_init(); curl_setopt($tuCurl, CURLOPT_URL, $url); if ($port!=0) { curl_setopt($tuCurl, CURLOPT_PORT , $port); } curl_setopt($tuCurl, CURLOPT_VERBOSE, 0); curl_setopt($tuCurl, CURLOPT_HEADER, 0); curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3); curl_setopt($tuCurl, CURLOPT_POST, 1); curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param); curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5); $tuData = curl_exec($tuCurl); $retValue = ""; $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE); if ($tuData===false || $httpCode!=200) { $logger = &LoggerManager::getLogger('HttpClient'); $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl)); $retValue = "error"; } else { $retValue = $tuData; } curl_close($tuCurl); return $retValue; } function fetchAliPrice($param){ $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json"; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Connection:keep-alive', 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], 'Referer: https://buy.aliyun.com/', 'Origin:https://buy.aliyun.com' )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); $data = curl_exec($ch); curl_close($ch); return $data; } function fetch($url,$param){ $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); // curl_setopt($ch, CURLOPT_HEADER, TRUE); //表示需要response header // curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);// // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // "Content-Type: application/soap+xml; charset=utf-8", // "Content-length: ".strlen($param) // )); // curl_setopt($ch, CURLOPT_HTTPHEADER, array( // 'Connection:keep-alive', // 'User-Agent:'.$_SERVER["HTTP_USER_AGENT"], // 'Referer: https://buy.aliyun.com/', // 'Origin:https://buy.aliyun.com' // )); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $param); if(!curl_errno($ch)){ $info = curl_getinfo($ch); // echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n"; } else { echo 'Curl error: ' . curl_error($ch); } $data = curl_exec($ch); // var_dump(curl_getinfo($ch)); curl_close($ch); return $data; } </code>
第一次请求时去第三方验证,验证成功后放入session
下次请求时 如果 session 中有数据 就不用请求了
https://segmentfault.com/q/1010000004289927