这是一种php的session处理机制是吗？可以每次去第三方平台去验证session是吗？这是入口文件index.SegmentFault

我的问题如下：
这是一种php的session处理机制是吗？可以每次去第三方平台去验证session是吗？这是入口文件index.php，我的php项目没有用框架，php和html混合的。

<code><?php require( dirname(__FILE__) . '/config.php' );

global $GLOBAL_SYSTEM;


if(isset($_GET['userId']) && $_GET['userId'] != ""){
    $user_name = $_GET['userId'];
    $param = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:lev="http://session.level1.services.sdk.actionsoft.com/">
   <header><aws-auth xmlns="http://services.sdk.actionsoft.com/">fecaca56a326610b24626b163814a02c</aws-auth>
<header></header>
   <body>
      <checksession>
         <userid>'.$_GET['userId'].'</userid>   <sid>'.$_GET['sid'].'</sid>
      </checksession>
   </body>
';

    
    $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService";
    if(defined('SSO_SESSION_SERVER')){
        $sessionServer = SSO_SESSION_SERVER;
    }
    
    $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService";
    if(defined('SSO_SECURITY_SERVER')){
        $securityServer = SSO_SECURITY_SERVER;
    }
    
    $xmls = fetch($sessionServer, $param);
    
    if($xmls === false){
        sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
    }
    
    $xml_values = "";
    
    $parser = xml_parser_create('UTF-8');
    xml_parse_into_struct($parser, trim($xmls), $xml_values);
    xml_parser_free($parser);

    
    foreach ($xml_values as $value){
        if($value['tag'] == "RETURN"){
            if($value['value'] == 'false'){
                sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
            }elseif($value['value'] == 'true'){
                $user = &sd_get_user($user_name);
                if (!empty($user) ) {
                    $result = login_without_pwd_verify($user);
                    $_SESSION["user"] = $user_name;
                    if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) {
                        if (I2System::isI2Cloud()){
                            sd_redirect("cloud/home.php");
                        }else{
                            sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
                        }
                    } else {
                        sd_redirect("i2/home.php");
                    }
                }
            }
            break;
        }
    }
}else{
    sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);
}
</header></code>

index.php文件fetch（）函数所调用的文件

<code><?php require( dirname(__FILE__) . '/../config.php' );

function httpGet($url) {
    $tuCurl = curl_init();
    curl_setopt($tuCurl, CURLOPT_URL, $url);
    curl_setopt($tuCurl, CURLOPT_HEADER, 0);
    curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
    curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);

    $tuData = curl_exec($tuCurl);
    $retValue = "";
    $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);

    if ($tuData===false || $httpCode!=200) {
        $logger = &LoggerManager::getLogger('HttpClient');
        $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function httpsRequest($url, $port=0, $param) {
    $tuCurl = curl_init();
    curl_setopt($tuCurl, CURLOPT_URL, $url);
    if ($port!=0) {
        curl_setopt($tuCurl, CURLOPT_PORT , $port);
    }
    curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
    curl_setopt($tuCurl, CURLOPT_HEADER, 0);
    curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3);
    curl_setopt($tuCurl, CURLOPT_POST, 1);
    curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param);
    curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);
    
    $tuData = curl_exec($tuCurl);
    $retValue = "";
    $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);
    
    if ($tuData===false || $httpCode!=200) {
        $logger = &LoggerManager::getLogger('HttpClient');
        $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function fetchAliPrice($param){
    $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json";
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Connection:keep-alive',
    'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    'Referer: https://buy.aliyun.com/',
    'Origin:https://buy.aliyun.com'
            ));
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
}

function fetch($url,$param){
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    //     curl_setopt($ch, CURLOPT_HEADER, TRUE);    //表示需要response header
    //     curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);//
    
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //         "Content-Type: application/soap+xml; charset=utf-8",
    //         "Content-length: ".strlen($param)
    //     ));
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //     'Connection:keep-alive',
    //     'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    //     'Referer: https://buy.aliyun.com/',
    //     'Origin:https://buy.aliyun.com'
    //     ));
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $param);

    if(!curl_errno($ch)){
        $info = curl_getinfo($ch);
//         echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n";
    } else {
        echo 'Curl error: ' . curl_error($ch);
    }

    $data = curl_exec($ch);

    //     var_dump(curl_getinfo($ch));
    curl_close($ch);
    return $data;
}
</code>

回复内容：

我的问题如下：
这是一种php的session处理机制是吗？可以每次去第三方平台去验证session是吗？这是入口文件index.php，我的php项目没有用框架，php和html混合的。

<code><?php require( dirname(__FILE__) . '/config.php' );

global $GLOBAL_SYSTEM;


if(isset($_GET['userId']) && $_GET['userId'] != ""){
    $user_name = $_GET['userId'];
    $param = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:lev="http://session.level1.services.sdk.actionsoft.com/">
   <header><aws-auth xmlns="http://services.sdk.actionsoft.com/">fecaca56a326610b24626b163814a02c</aws-auth>
<header></header>
   <body>
      <checksession>
         <userid>'.$_GET['userId'].'</userid>   <sid>'.$_GET['sid'].'</sid>
      </checksession>
   </body>
';

    
    $sessionServer = "http://mzwa-123.6655.la:8090/services/SessionService";
    if(defined('SSO_SESSION_SERVER')){
        $sessionServer = SSO_SESSION_SERVER;
    }
    
    $securityServer = "http://mzwa-123.6655.la:8090/services/SecurityService";
    if(defined('SSO_SECURITY_SERVER')){
        $securityServer = SSO_SECURITY_SERVER;
    }
    
    $xmls = fetch($sessionServer, $param);
    
    if($xmls === false){
        sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
    }
    
    $xml_values = "";
    
    $parser = xml_parser_create('UTF-8');
    xml_parse_into_struct($parser, trim($xmls), $xml_values);
    xml_parser_free($parser);

    
    foreach ($xml_values as $value){
        if($value['tag'] == "RETURN"){
            if($value['value'] == 'false'){
                sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
            }elseif($value['value'] == 'true'){
                $user = &sd_get_user($user_name);
                if (!empty($user) ) {
                    $result = login_without_pwd_verify($user);
                    $_SESSION["user"] = $user_name;
                    if ($_SESSION["role"] == UserDao::$ROLE_CLOUD_USER) {
                        if (I2System::isI2Cloud()){
                            sd_redirect("cloud/home.php");
                        }else{
                            sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]);
                        }
                    } else {
                        sd_redirect("i2/home.php");
                    }
                }
            }
            break;
        }
    }
}else{
    sd_redirect($GLOBAL_SYSTEM[PRODUCT_TYPE]["index"]."?".$_SERVER["QUERY_STRING"]);
}
</header></code>

index.php文件fetch（）函数所调用的文件

<code><?php require( dirname(__FILE__) . '/../config.php' );

function httpGet($url) {
    $tuCurl = curl_init();
    curl_setopt($tuCurl, CURLOPT_URL, $url);
    curl_setopt($tuCurl, CURLOPT_HEADER, 0);
    curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
    curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);

    $tuData = curl_exec($tuCurl);
    $retValue = "";
    $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);

    if ($tuData===false || $httpCode!=200) {
        $logger = &LoggerManager::getLogger('HttpClient');
        $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function httpsRequest($url, $port=0, $param) {
    $tuCurl = curl_init();
    curl_setopt($tuCurl, CURLOPT_URL, $url);
    if ($port!=0) {
        curl_setopt($tuCurl, CURLOPT_PORT , $port);
    }
    curl_setopt($tuCurl, CURLOPT_VERBOSE, 0);
    curl_setopt($tuCurl, CURLOPT_HEADER, 0);
    curl_setopt($tuCurl, CURLOPT_SSLVERSION, 3);
    curl_setopt($tuCurl, CURLOPT_POST, 1);
    curl_setopt($tuCurl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($tuCurl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($tuCurl, CURLOPT_POSTFIELDS, $param);
    curl_setopt($tuCurl, CURLOPT_TIMEOUT, 5);
    
    $tuData = curl_exec($tuCurl);
    $retValue = "";
    $httpCode = curl_getinfo($tuCurl, CURLINFO_HTTP_CODE);
    
    if ($tuData===false || $httpCode!=200) {
        $logger = &LoggerManager::getLogger('HttpClient');
        $logger->error("HttpCode:".$httpCode.", Curl Error:".curl_error($tuCurl));
        $retValue = "error";
    } else  {
        $retValue = $tuData;
    }
    curl_close($tuCurl);
    return $retValue;
}

function fetchAliPrice($param){
    $url = "https://buy.aliyun.com/ajax/BillingAjax/getBuyPrice.json";
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Connection:keep-alive',
    'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    'Referer: https://buy.aliyun.com/',
    'Origin:https://buy.aliyun.com'
            ));
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
            $data = curl_exec($ch);
            curl_close($ch);
            return $data;
}

function fetch($url,$param){
    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    //     curl_setopt($ch, CURLOPT_HEADER, TRUE);    //表示需要response header
    //     curl_setopt($ch, CURLOPT_NOBODY, FALSE); //表示需要response body
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);
    
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);//
    
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //         "Content-Type: application/soap+xml; charset=utf-8",
    //         "Content-length: ".strlen($param)
    //     ));
    //     curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    //     'Connection:keep-alive',
    //     'User-Agent:'.$_SERVER["HTTP_USER_AGENT"],
    //     'Referer: https://buy.aliyun.com/',
    //     'Origin:https://buy.aliyun.com'
    //     ));
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $param);

    if(!curl_errno($ch)){
        $info = curl_getinfo($ch);
//         echo 'Took ' . $info['total_time'] . ' seconds to send a request to ' . $info['url']."\n";
    } else {
        echo 'Curl error: ' . curl_error($ch);
    }

    $data = curl_exec($ch);

    //     var_dump(curl_getinfo($ch));
    curl_close($ch);
    return $data;
}
</code>

第一次请求时去第三方验证，验证成功后放入session
下次请求时 如果 session 中有数据 就不用请求了

https://segmentfault.com/q/1010000004289927