Home >php教程 >php手册 >thinkphp安全登录cookie验证(wordpress方法)

thinkphp安全登录cookie验证(wordpress方法)

WBOY
WBOYOriginal
2016-06-07 11:38:591272browse

本代码是为了防止伪造cookie。加一个秘钥来验证..

$s_uid = session("unionUid");<br>         $s_email = session("unionEmail");<br>         if (empty($s_uid) or empty($s_email)) { //若是session获取不到,则到cookie里面去取<br>             $c_uid = cookie("unionUid");<br>             $c_checkcode = cookie("unionCheckcode");//用来安全校验<br>             if (!empty($c_uid) && !empty($c_checkcode)) {<br>                 if ($c_checkcode == getUnionLoginCheckcode($c_uid)) {<br>                     $data = array(<br>                         "userId" => $c_uid,<br>                     );<br>                     $userinfo = getCodeJson($data, 'getSiteUserInfo', '', '2');<br>                     $s_email = $userinfo['userEmail'];<br>                     session("unionUid", $c_uid);<br>                     session("unionEmail", $s_email);<br>                 } else {<br>                     $c_uid = '';<br>                 }<br>             }<br>             $s_uid = $c_uid;<br>         }秘钥获取方法:function getUnionLoginCheckcode($uid) {<br>     $privateKey = S("union_private_key");<br>     if (empty($privateKey)) {<br>         $data = array(<br>             "slug" => "userKey",<br>         );<br>         $rs = getCodeJson($data, 'getGlobalVarBySlug', '', 2);<br>         if ($rs) {<br>             $privateKey = $rs[0]['var']['value'];<br>         } else {<br>             $privateKey = "5edgka9gu724l7uslc";//若是通过接口获取不到秘钥。<br>         }<br>         S("union_private_key", $privateKey, 3600);<br>     }<br>     return md5($uid . $privateKey);<br> }本文转自 素材火http://www.sucaihuo.com
不明白的可以留言给我。。我来解答。。

AD:真正免费,域名+虚机+企业邮箱=0元

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn