在09年5月1号的时候,发了篇博客文章,叫 《Phpwind登录Cookie分析》(看本文前先看《Phpwind登录Cookie分析》)(复制到了:http://www.lishengping.com/archives/125)那时候,匆匆忙忙花了半个小时学php,然后就开始对phpwind进行二次开发。当时的phpwind是什么版本就记不清了。
从发那篇文章到现在,一直有人加我QQ,问我phpwind登录的Cookie要怎么做才能实现同步登录。今天,针对phpwind 8.5 UTF8版,写了个读写登录Cookie的类。分享给大家。
另外,代码中,很大一部分是直接来自phpwind,本人只是稍加修改。
其中DB类,完全出自phpwind。
完整代码下载网址:请移步到http://www.lishengping.com/archives/126
<?php
/**
* Encoding : UTF-8
* Created on : 2011-8-2 23:23:58 by 李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com
*/
/**
* 对数据库的一些配置
*/
$CFG = array(
'db_name' => 'phpwind',
'db_host' => 'localhost',
'db_user' => 'root',
'db_pass' => 'root',
'db_pre' => 'pw_',
'db_charset' => 'utf8',
);
error_reporting(30719);
$c = new lspPWCookie();
$c->WriteCookie('1', 'admin');
//var_dump($c->ReadCookie());exit;
echo "<a href='/'>phpwind</a>";
?>
<?php
/**
* 以下代码很大一部分来自phpwind,本人只是稍加修改,以便调用。
*/
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
Class lspPWCookie {
/**
* 数据库对象
* @var DB
*/
var $db;
/**
* 构造函数
* @global array $CFG 配置数组
*/
public function lspPWCookie() {
global $CFG;
$this->db = new DB($CFG['db_host'], $CFG['db_user'], $CFG['db_pass'], $CFG['db_name'], $CFG['db_pre'], $CFG['db_charset']);
}
/**
* 写登录成功后的Cookie
* @param int $winduid user id,用户ID
* @param string $password 用户密码(未加密)
*/
public function WriteCookie($winduid, $password) {
$this->Cookie("winduser",$this->getUserCookie($winduid, $password) );
}
/**
* 生成用户的Cookie
* @param int $winduid user id,用户ID
* @param string $password 用户密码
* @param bool $isMd5 密码是否为md5加密
* @return string 返回生成的Cookie值
*/
public function getUserCookie($winduid, $password,$isMd5=false)
{
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
if(!$isMd5)
{
return $this->StrCode($winduid . "\t" . $this->PwdCode(md5($password)) . "\t" . '');
}else
{
return $this->StrCode($winduid . "\t" . $this->PwdCode($password) . "\t" . '');
}
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
/**
* 读取登录用户的Cookie
* @return array 返回用户Cookie中的信息,array[0]为uid,array[1]为编码后的密码。array[3]为"";如果array[0]为"",则说明未登录。
* 另外,本函数是从Cookie中获取值,因此,数据可能是伪造的。需要检测返回值的有效性。
*/
public function ReadCookie()
{
$arr=explode("\t",addslashes($this->StrCode($this->GetCookie('winduser'),'DECODE')));
return $arr;
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
public function Cookie($cookieName, $cookieValue, $expireTime = 'F', $needPrefix = true) {
//global $db_ckpath, $db_ckdomain, $timestamp, $pwServer;
$db_ckpath="";
$db_ckdomain="";
$pwServer=$_SERVER;
$timestamp=$_SERVER['REQUEST_TIME'];
static $sIsSecure = null;
if ($sIsSecure === null) {
if (!$pwServer['REQUEST_URI'] || ($parsed = @parse_url($pwServer['REQUEST_URI'])) === false) {
$parsed = array();
}
if(!isset($parsed['scheme'])) $parsed['scheme']="";
if(!isset($pwServer['HTTP_SCHEME'])) $pwServer['HTTP_SCHEME']="";
if(!isset($pwServer['HTTPS'])) $pwServer['HTTPS']="";
if ($parsed['scheme'] == 'https' || (empty($parsed['scheme']) && ($pwServer['HTTP_SCHEME'] == 'https' || $pwServer['HTTPS'] && strtolower($pwServer['HTTPS']) != 'off'))) {
$sIsSecure = true;
} else {
$sIsSecure = false;
}
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
if ('global' != 'admincp') {
$cookiePath = !$db_ckpath ? '/' : $db_ckpath;
$cookieDomain = $db_ckdomain;
} else {
$cookiePath = '/';
$cookieDomain = '';
}
$isHttponly = false;
if ($cookieName == 'AdminUser' || $cookieName == 'winduser') {
$agent = strtolower($pwServer['HTTP_USER_AGENT']);
if (!($agent && preg_match('/msie ([0-9]\.[0-9]{1,2})/i', $agent) && strstr($agent, 'mac'))) {
$isHttponly = true;
}
}
$cookieValue = str_replace("=", '', $cookieValue);
strlen($cookieValue) > 512 && $cookieValue = substr($cookieValue, 0, 512);
$needPrefix && $cookieName = $this->CookiePre() . '_' . $cookieName;
if ($expireTime == 'F') {
$expireTime = $timestamp + 31536000;
} elseif ($cookieValue == '' && $expireTime == 0) {
return setcookie($cookieName, '', $timestamp - 31536000, $cookiePath, $cookieDomain, $sIsSecure);
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
if (PHP_VERSION < 5.2) {
return setcookie($cookieName, $cookieValue, $expireTime, $cookiePath . ($isHttponly ? '; HttpOnly' : ''), $cookieDomain, $sIsSecure);
} else {
return setcookie($cookieName, $cookieValue, $expireTime, $cookiePath, $cookieDomain, $sIsSecure, $isHttponly);
}
}
/**
* 获取Cookie前缀
* @return string
*/
public function CookiePre() {
$pre = substr(md5($this->GetPHPWindConfig("db_sitehash")), 0, 5);
return $pre;
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
public function GetCookie($cookieName) {
if(isset($_COOKIE[$this->CookiePre() . '_' . $cookieName]))
return $_COOKIE[$this->CookiePre() . '_' . $cookieName];
else
return "";
}
public function PwdCode($pwd) {
$pwServer = $this->GetServer(array('HTTP_USER_AGENT'));
return md5($pwServer['HTTP_USER_AGENT'] . $pwd . $this->GetPHPWindConfig('db_hash'));
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
public function StrCode($string, $action='ENCODE') {
$action != 'ENCODE' && $string = base64_decode($string);
$code = '';
$pwServer = $this->GetServer(array('HTTP_USER_AGENT'));
$key = substr(md5($pwServer['HTTP_USER_AGENT'] . $this->GetPHPWindConfig("db_hash")), 8, 18);
$keylen = strlen($key);
$strlen = strlen($string);
for ($i = 0; $i < $strlen; $i++) {
$k = $i % $keylen;
$code .= $string[$i] ^ $key[$k];
}
return ($action != 'DECODE' ? base64_encode($code) : $code);
}
public function GetPHPWindConfig($str) {
$sql = "SELECT db_value FROM pw_config where db_name='" . $str . "' ";
$ret = $this->db->get_one($sql);
return $ret['db_value'];
}
/*李生平 ,QQ:115959903,Email:fsrm365#qq.com Blog:http://www.lishengping.com*/
public function GetServer($keys) {
foreach ((array) $keys as $key) {
$server[$key] = NULL;
if (isset($_SERVER[$key])) {
$server[$key] = str_replace(array('<', '>', '"', "'", '%3C', '%3E', '%22', '%27', '%3c', '%3e'), '', $_SERVER[$key]);
}
}
return is_array($keys) ? $server : $server[$keys];
}
}
?>