使用PHP curl登录到另一个域
我在两个域中有两个文件使用PHP curl登录到另一个域,php,curl,Php,Curl,我在两个域中有两个文件 http://example1.com/remote_login.php 及 当用户访问http://example1.com/remote_login.php我想在remote_login.php中进行一些验证,然后我想将用户名和密码发布到http://example2.com/login.php如果结果为成功,则应将用户重定向到http://example2.com/index.php(我还在http://example2.com/index.php) 有
http://example1.com/remote_login.php
及
当用户访问http://example1.com/remote_login.php
我想在remote_login.php中进行一些验证,然后我想将用户名
和密码
发布到http://example2.com/login.php
如果结果为成功,则应将用户重定向到http://example2.com/index.php
(我还在http://example2.com/index.php
)
有什么想法吗
对不起,我的英语不好
我用curl
试过了,但不起作用,它会登录,但不会设置会话。所以用户不能重定向到index.php
$cookie="cookie.txt";
$data = array();
$data['global_id'] = "raj";
$data['global_password'] = "raj";
foreach ($data as $key => $value){
$post_items[] = $key . '=' . $value;
}
//create the final string to be posted using implode()
$post_string = implode ('&', $post_items);
$curl_connection = curl_init('http://example2.com/login.php');
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl_connection, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1");
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl_connection, CURLOPT_FAILONERROR, TRUE);
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl_connection, CURLOPT_REFERER, 'http://example2.com/login.php');
curl_setopt($curl_connection, CURLOPT_POST, true);
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl_connection, CURLOPT_HEADER, FALSE);
curl_setopt($curl_connection, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($curl_connection, CURLOPT_COOKIEFILE, $cookie);
curl_setopt($curl_connection, CURLOPT_SSLVERSION, 3); // OpenSSL issue
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, 0); // Wildcard certificate
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYHOST, 2);
$result = curl_exec($curl_connection);
if($result){
header("Location: http://example2.com/index.php");
}
else{
echo "Login failed";
}
这是一项相当大的任务。用户没有登录的原因是,会话不会在他们的计算机上设置,而是在服务器上设置(如果服务器接受cookies)。因此,您现在所做的是毫无用处的 也就是说,您可以设置某种系统,在这种系统中,每个远程登录都会触发生成某种“验证ID”,然后将其返回给特定用户,然后用户会被重定向到一个链接(
validateSession.php
?),传递特定的ID以确认身份,所有会话都在那里设置
这是一项艰巨的任务
另外请注意:除非您使用SSL来防止中间人攻击,否则这不是100%安全的。中间人攻击是指某个邪恶的怪物监听从客户端发送到服务器的内容,反之亦然。因此,如果有人获得了该ID,您就有麻烦了。或者更糟糕的是,如果他们获得了用户用户名并通过了……哦,天哪……按原样编码
在if($result)中更改您的代码
if($result){
//java脚本
函数submitform()//这是使用post方法从数据发送的函数
{
document.forms[“myform”].submit();
警报(“值已汇总”);
}
函数submitform();//在页面加载时调用函数
}
i高压解决方案,但其路径很长。
$cookie="cookie.txt";
$data = array();
$data['global_id'] = "raj";
$data['global_password'] = "raj";
foreach ($data as $key => $value){
$post_items[] = $key . '=' . $value;
}
//create the final string to be posted using implode()
$post_string = implode ('&', $post_items);
$curl_connection = curl_init('http://example2.com/login.php');
curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl_connection, CURLOPT_USERAGENT,"Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1");
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl_connection, CURLOPT_FAILONERROR, TRUE);
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl_connection, CURLOPT_REFERER, 'http://example2.com/login.php');
curl_setopt($curl_connection, CURLOPT_POST, true);
curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl_connection, CURLOPT_HEADER, FALSE);
curl_setopt($curl_connection, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($curl_connection, CURLOPT_COOKIEFILE, $cookie);
curl_setopt($curl_connection, CURLOPT_SSLVERSION, 3); // OpenSSL issue
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, 0); // Wildcard certificate
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYHOST, 2);
$result = curl_exec($curl_connection);
if($result){
header("Location: http://example2.com/index.php");
}
else{
echo "Login failed";
}
if($result){
<form id="myform" action="http://example2.com/index.php" method="post">
<input type="hidden" name="username" value=$username>
<input type="hidden" name="password" value=$password>
</form>
<script type="text/javascript"> // java script
function submitform() // this is function send from data useing post method
{
document.forms["myform"].submit();
alert("Value is sumitted");
}
function submitform(); // calling function on page load
</script>
}