1.准备两个虚拟域名
127.0.0.1 www.a.com
127.0.0.1 www.b.com
2.在a的根目录下创建以下文件
1 //index.php
2
3 <?php
4 session_start();
5 ?>
6 <!DOCTYPE html>
7 <html>
8 <head>
9 <meta charset="UTF-8"/>
10 <title>sync login</title>
11 </head>
12 <body>
13
14 <?php if(empty($_SESSION['username'])):?>
15 <p>hello,游客;请先<a href="login.php">登录</a></p>
16 <p><a href="http://www.b.com/index.php">进入空间</a></p>
17 <?php else: ?>
18 <p>hello,<?php echo $_SESSION['username']; ?>;<a href="http://www.b.com/index.php">进入空间</a></p>
19 <?php endif; ?>
20 <a href="http://www.a.com/index.php">home</a>
21 </body>
22 </html>
23
24 //login.php
25 <?php
26 session_start();
27 if(!empty($_POST['username'])){
28 require './Des.php';
29 $_SESSION['username'] = $_POST['username'];
30 $redirect = 'http://www.a.com/index.php';
31 header('Location:http://www.a.com/sync.php?redirect='.urlencode($redirect).'&code='.Des::encode($_POST['username'],'a'));
32 exit;
33 }
34 ?>
35 <!DOCTYPE html>
36 <html>
37 <head>
38 <meta charset="UTF-8"/>
39 <title>sync login</title>
40 </head>
41 <body>
42 <form action="" method="post">
43 <input type="text" name="username" placeholder="用户名"/>
44 <input type="text" name="password" placeholder="密码"/>
45 <input type="submit" value="登录"/>
46 </form>
47 </body>
48 </html>
49
50 //sync.php
51 <?php
52 $redirect = empty($_GET['redirect']) ? 'www.a.com' : $_GET['redirect'];
53 if (empty($_GET['code'])) {
54 header('Loaction:http://' . urldecode($redirect));
55 exit;
56 }
57
58 $apps = array(
59 'www.b.com/slogin.php'
60 );
61 ?>
62 <!DOCTYPE html>
63 <html>
64 <head>
65 <meta charset="UTF-8"/>
66 <?php foreach ($apps as $v): ?>
67 <script type="text/javascript" src="http://<?php echo $v . '?code=' . $_GET['code'] ?>"></script>
68 <?php endforeach; ?>
69 <title>passport</title>
70 </head>
71 <body>
72 <script type="text/javascript">
73 window.onload = function () {
74 location.replace('<?php echo $redirect; ?>');
75 }
76 </script>
77 </body>
78 </html>
79
80 //Des.php
81 //当在www.a.com登录后将session信息传到其他域名下的文件下进行处理,以script标签包含的形式进行运行。
82 <?php
83
84 class Des
85 {
86 /**
87 * 简单对称加密算法之加密
88 * @param String $string 需要加密的字串
89 * @param String $skey 加密EKY
90 * @return String
91 */
92 public static function encode($string = '', $skey = 'cxphp')
93 {
94 $strArr = str_split(base64_encode($string));
95 $strCount = count($strArr);
96 foreach (str_split($skey) as $key => $value) {
97 $key < $strCount && $strArr[$key] .= $value;
98 }
99 return str_replace(array('=', '+', '/'), array('O0O0O', 'o000o', 'oo00o'), join('', $strArr));
100 }
101
102 /**
103 * 简单对称加密算法之解密
104 * @param String $string 需要解密的字串
105 * @param String $skey 解密KEY
106 * @return String
107 */
108 public static function decode($string = '', $skey = 'cxphp')
109 {
110 $strArr = str_split(str_replace(array('O0O0O', 'o000o', 'oo00o'), array('=', '+', '/'), $string), 2);
111 $strCount = count($strArr);
112 foreach (str_split($skey) as $key => $value) {
113 $key <= $strCount && isset($strArr[$key]) && $strArr[$key][1] === $value && $strArr[$key] = $strArr[$key][0];
114 }
115 return base64_decode(join('', $strArr));
116 }
117 }
3.在www.b.com的根目录下创建如下文件
1 //slogin.php文件 完成session的设置
2 <?php
3 session_start();
4 header('Content-Type:text/javascript; charset=utf-8');
5 if(!empty($_GET['code'])){
6 require './Des.php';
7 $username = Des::decode($_GET['code'],'a');
8 if(!empty($username)){
9 header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
10 $_SESSION['username'] = $username;
11 }
12 }
13 ?>
14
15 //index.php
16 <?php
17 session_start();
18 if(!empty($_SESSION['username']))
19 {
20 echo "欢迎来到".$_SESSION['username']."的空间";
21 }else{
22 echo "请先登录";
23 }
24 ?>
4.此时访问www.a.com和www.b.com都是未登录状态
登录后两个域名下都是登录状态
到此我们实现了一个简单的单点登录。