PHP编程 SSO详细介绍及简单实例

<?php/** * 获取登陆token * @param string $url 获取token的地址 * 2017-01-03T13:08:43+0800 */function getToken($url){  $bool = isLogin();  if ($bool) {    // 如果登陆了跳转到本站首页    header('location: index.php');    exit();  }  // 否则没有登陆,去另一个站点看是否登陆  header('location: '.$url);}// 校验令牌是否正确function yzToken($domain){  $url = isset($_GET['url']) ? $_GET['url'] : '';  $username = isset($_GET['username']) ? $_GET['username'] : '';  $token = isset($_GET['token']) ? $_GET['token'] : '';  if (!empty($username) && !empty($token)) {    $salt = 'taoip';    $_token = md5($salt.$username);    // 校验第三方站点过来时的token是否正确    if ($_token == $token) {      // 设置跳转过来的网站的Cookie      setCook($username, $_token, $domain);      header('location: index.php');    }  }}// 设置cookiefunction setCook($username, $_password, $domain){  // 校验成功,开始登陆  setcookie('username', $username, time()+3600, '/', $domain);  setcookie('token', $_password, time()+3600, '/', $domain);  header('location: index.php');}// 判断是否登陆function isLogin(){  $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';  $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';  $salt = 'taoip';  $_token = md5($salt.$username);  if ($token == $_token) {    return true;  } else {    return false;  }}?>

<?php// OA站点// (1)开启Session会话session_name('taoip');session_start();// (2)获取用户名和token进行校验$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';$salt = 'taoip';$_token = md5($salt.$username);if ($token != $_token) {  header('location: login.php');  exit();}echo "欢迎{$username}用户,访问OA站点";?>

<?php// OA站点登陆系统require '../functions.php';// (2)验证yzToken('taoip.cn');// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token$url = isset($_GET['url']) ? $_GET['url'] : '';if (empty($url)) {  getToken('http://dengpeng.cc/login.php?url=http://oa.taoip.cn/login.php');}// (1)判断用户是否登陆$bool = isLogin();$url = isset($_GET['url']) ? $_GET['url'] : '';if ($bool) {  if (empty($url)) {    header('location: index.php');  } else {    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';    $lurl = $url.'?username='.$username.'&token='.$token;    header('location: '.$lurl);  }}if (!empty($_POST)) {  $username = isset($_POST['username']) ? $_POST['username'] : '';  $password = isset($_POST['password']) ? $_POST['password'] : '';  // 从库中查询用户密码  @$link = mysql_connect('localhost', 'root', '');  mysql_query('use sso', $link);  mysql_query('set names utf8', $link);  $sql = "select * from users where username = '".$username."'";  $user = mysql_fetch_assoc(mysql_query($sql, $link));  // 校验  $salt = 'taoip';  $_password = md5($salt.$username);  // var_dump($user['password'] == $_password);  // print_r($user);exit();  if ($user['password'] == $_password) {    // 校验成功,开始登陆    setcookie('username', $username, time()+3600, '/', 'taoip.cn');    setcookie('token', $_password, time()+3600, '/', 'taoip.cn');    // 如果URL没有值重定向到首页,否则重定向到URL页面    if (empty($url)) {      header('location: index.php');    } else {      header('location: '.$lurl);    }  }}?><!DOCTYPE html><html lang="en"><head>  <meta charset="UTF-8">  <meta name="generator" content="Sublime Text 3114">  <meta name="author" content="3@dengpeng.cc">  <meta name="keywords" content="">  <meta name="description" content="">  <title>OA站点登陆系统</title></head><body>  <div class="container">    <h2>oa.taoip.cn站点登陆系统</h2>    <form action="" method="post">      <label for="">用户名</label>      <input type="text" name="username">      <br>      <label for="">密码</label>      <input type="text" name="password">      <hr>      <button type="submit">提交</button>    </form>  </div></body></html>

<?php/** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */// BBS站点// (1)开启Session会话session_name('taoip');session_start();// (2)获取用户名和token进行校验$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';$salt = 'taoip';$_token = md5($salt.$username);if ($token != $_token) {  header('location: login.php');  exit();}echo "欢迎{$username}用户,访问BBS站点";?>

<?php/** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */// BBS站点登陆系统require '../functions.php';// (2)验证yzToken('taoip.cn');// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token$url = isset($_GET['url']) ? $_GET['url'] : '';if (empty($url)) {  getToken('http://dengpeng.cc/login.php?url=http://bbs.taoip.cn/login.php');}// (1)判断用户是否登陆$bool = isLogin();$url = isset($_GET['url']) ? $_GET['url'] : '';if ($bool) {  if (empty($url)) {    header('location: index.php');  } else {    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';    $lurl = $url.'?username='.$username.'&token='.$token;    header('location: '.$lurl);  }}if (!empty($_POST)) {  $username = isset($_POST['username']) ? $_POST['username'] : '';  $password = isset($_POST['password']) ? $_POST['password'] : '';  // 从库中查询用户密码  @$link = mysql_connect('localhost', 'root', '');  mysql_query('use sso', $link);  mysql_query('set names utf8', $link);  $sql = "select * from users where username = '".$username."'";  $user = mysql_fetch_assoc(mysql_query($sql, $link));  // 校验  $salt = 'taoip';  $_password = md5($salt.$username);  // var_dump($user['password'] == $_password);  // print_r($user);exit();  if ($user['password'] == $_password) {    // 校验成功,开始登陆    setcookie('username', $username, time()+3600, '/', 'taoip.cn');    setcookie('token', $_password, time()+3600, '/', 'taoip.cn');    // 如果URL没有值重定向到首页,否则重定向到URL页面    if (empty($url)) {      header('location: index.php');    } else {      header('location: '.$lurl);    }  }}?><!DOCTYPE html><html lang="en"><head>  <meta charset="UTF-8">  <meta name="generator" content="Sublime Text 3114">  <meta name="author" content="3@dengpeng.cc">  <meta name="keywords" content="">  <meta name="description" content="">  <title>BBS站点登陆系统</title></head><body>  <div class="container">    <h2>bbs.taoip.cn站点登陆系统</h2>    <form action="" method="post">      <label for="">用户名</label>      <input type="text" name="username">      <br>      <label for="">密码</label>      <input type="text" name="password">      <hr>      <button type="submit">提交</button>    </form>  </div></body></html>

<?php/** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */// blog站点// (1)开启Session会话session_name('taoip');session_start();// (2)获取用户名和token进行校验$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';$salt = 'taoip';$_token = md5($salt.$username);if ($token != $_token) {  header('location: login.php');  exit();}echo "欢迎{$username}用户,访问blog站点";?><?php/** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */// blog站点// (1)开启Session会话session_name('taoip');session_start();// (2)获取用户名和token进行校验$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';$salt = 'taoip';$_token = md5($salt.$username);if ($token != $_token) {  header('location: login.php');  exit();}echo "欢迎{$username}用户,访问blog站点";?>

<?php/** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */// blog站点登陆系统require '../functions.php';// (2)验证yzToken('dengpeng.cc');// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token$url = isset($_GET['url']) ? $_GET['url'] : '';if (empty($url)) {  getToken('http://oa.taoip.cn/login.php?url=http://dengpeng.cc/login.php');}// (1)判断用户是否登陆$bool = isLogin();$url = isset($_GET['url']) ? $_GET['url'] : '';if ($bool) {  if (empty($url)) {    header('location: index.php');  } else {    $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';    $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';    $lurl = $url.'?username='.$username.'&token='.$token;    header('location: '.$lurl);  }}// (3)判断用户是否提交数据if (!empty($_POST)) {  $username = isset($_POST['username']) ? $_POST['username'] : '';  $password = isset($_POST['password']) ? $_POST['password'] : '';  // 从库中查询用户密码  @$link = mysql_connect('localhost', 'root', '');  mysql_query('use sso', $link);  mysql_query('set names utf8', $link);  $sql = "select * from users where username = '".$username."'";  $user = mysql_fetch_assoc(mysql_query($sql, $link));  // 校验  $salt = 'taoip';  $_password = md5($salt.$username);  // var_dump($user['password'] == $_password);  // print_r($user);exit();  if ($user['password'] == $_password) {    setCook($username, $_password, 'dengpeng.cc');    if (empty($url)) {      header('location: index.php');    } else {      header('location: '.$lurl);    }  }}?><!DOCTYPE html><html lang="en"><head>  <meta charset="UTF-8">  <meta name="generator" content="Sublime Text 3114">  <meta name="author" content="3@dengpeng.cc">  <meta name="keywords" content="">  <meta name="description" content="">  <title>blog站点登陆系统</title></head><body>  <div class="container">    <h2>dengpeng.cc站点登陆系统</h2>    <form action="" method="post">      <label for="">用户名</label>      <input type="text" name="username">      <br>      <label for="">密码</label>      <input type="text" name="password">      <hr>      <button type="submit">提交</button>    </form>  </div></body></html>