Passport 通行证整合

huozhe3136 · 发表于 2006-5-27 12:07:36

第一篇：整合原理

请注意: 整合不成功可能造成的后果-----dz论坛无法登录,无法管理
解决办法:
第一步: 到dz的数据库表cdb_settings 找到下面这几行修改为

第二步: 删除dz安装目录/forumdata/cache/cache_settings.php
第三步: 重新访问论坛

登陆和注册整合流程
用户从登陆或注册表单提交帐号密码信息 ==>
主站程序检验用户登陆或注册,成功(注册需要生成新用户)则 ==>
设置主站自身的cookie或session ==>
url传递返回地址forward和编码后的用户信息和其他信息到dz/api/passport.php

整合之前请先仔细阅读官方passport技术文档: https://discuz.dismall.com/usersguide/advanced_passport.htm

<?php
//该文档保存为login.php
//首先将接口技术文档里的加密解密函数拷贝
//为了不让代码太乱，我拷贝到文档的结尾处
//假设自己的用户数据库表里用户名字段为UserName, 密码字段为Pwd, Email字段为 Email
//注册页实现方法差不多，可自行实现，疑问加我QQ:2666556
$act=(isset($_GET['act']))?$_GET['act']:"login";
if(function_exists($act)) $act();else login();
function login()
{
$ErrMsg=UserCheck();
if($ErrMsg!="")echo $ErrMsg;
//后面加上显示你的登陆表单的代码如
?>
<form action=login.php?act=login method=post>
用户名:<input name=username>
密码:<input name=password>
<input name=submit type=submit value=登陆></form>
<?php
}//end function
function logout()//登出
{
$passportkey="1234567890";//这里换成你论坛通行证设置的passportkey
$auth=$_COOKIE['auth'];
setcookie("auth", "",time() - 3600);
$forward=$_GET['forward'];
if($forward=="")$forward="../../index.php";//这里换成你的主页绝对地址或相对地址
$verify = md5('logout'.$auth.$forward.$passportkey);
$auth=rawurlencode($auth);
$forward=rawurlencode($forward);
header("Location: bbs/api/passport.php?action=logout&auth=$auth&forward=$forward&verify=$verify");
}
function UserCheck()
{
$passportkey="1234567890";//这里换成你论坛通行证设置的passportkey
//===========验证输入=====================
if(!isset($_POST['submit'])) return; // login表单的按钮需要与此同名
$usnm=$_POST['username'];//username换成你登陆表单里的用户名域
$pwd=$_POST['password'];//password换成你登陆表单里的密码域
if($usnm=="") return "请输入用户名!";
if($pwd=="") return "请输入密码!";
//=========数据库处理==========================
$db=mysql_connect("localhost", "root", "");
mysql_select_db("your_db_name");
$sql="Select * from `user` where UserName='".$usnm."' Limit 1";
$rs = mysql_query($sql,$db) ;
$row = mysql_fetch_array($rs);
if(!$row)return "该用户不存在";
if($row["Pwd"]!=md5($pwd))return "密码错误";
mysql_free_result($rs);
//==============header到bbs=====================
$member = array
(
'time' => time(),
'username' => $row["UserName"],
'password' => $row["Pwd"],
'email' => $row["Email"]
);
$auth = passport_encrypt(passport_encode($member), $passportkey);
setcookie("auth",$auth,($_POST["Cookie"]? time()+(int)$_POST["Cookie"] :0));
$forward=$_POST['forward'];
if($forward=="")$forward="../../index.php";
$verify = md5('login'.$auth.$forward.$passportkey);
$auth=rawurlencode($auth);
$forward=rawurlencode($forward);
header("Location: bbs/api/passport.php?action=login&auth=$auth&forward=$forward&verify=$verify");
}
//=============================================================
//=============以下为拷贝过来的函数============================
function passport_encrypt($txt, $key) {
srand((double)microtime() * 1000000);
$encrypt_key = md5(rand(0, 32000));
$ctr = 0;
$tmp = '';
for($i = 0; $i < strlen($txt); $i++) {
$ctr = $ctr == strlen($encrypt_key) ? 0 : $ctr;
$tmp .= $encrypt_key[$ctr].($txt[$i] ^ $encrypt_key[$ctr++]);
}
return base64_encode(passport_key($tmp, $key));
}
function passport_decrypt($txt, $key) {
$txt = passport_key(base64_decode($txt), $key);
$tmp = '';
for ($i = 0; $i < strlen($txt); $i++) {
$tmp .= $txt[$i] ^ $txt[++$i];
}
return $tmp;
}
function passport_key($txt, $encrypt_key) {
$encrypt_key = md5($encrypt_key);
$ctr = 0;
$tmp = '';
for($i = 0; $i < strlen($txt); $i++) {
$ctr = $ctr == strlen($encrypt_key) ? 0 : $ctr;
$tmp .= $txt[$i] ^ $encrypt_key[$ctr++];
}
return $tmp;
}
function passport_encode($array) {
$arrayenc = array();
foreach($array as $key => $val) {
$arrayenc[] = $key.'='.urlencode($val);
}
return implode('&', $arrayenc);
}
//=========================================================================
//===========================拷贝结束======================================
?>

复制代码

第二篇:php168 v3.5与discuz v4.10的整合
168整站与 discuz的passport整合

php168整站v3.5与discuz v4.1.0的整合(带视频)

使用说明
请注意自己所用的程序的版本号
login.php 登陆和退出的整合
register.php 注册的整合

整合前请先核对一下你使用的php168的login.php 和 register.php 是否和整合文件.rar中[原文件] 文件夹下的文件相同
如果不同..请不要整合

(一)准备工作
1.下载php168 v3.5
2.下载discuz bbs v4.1.0

(二)安装和整合 (请参考视频安装)

1.安装php168 v3.5 (如已安装到第2步) (如何安装请参考php168的安装说明)
2.进入php168的后台管理界面关闭168的论坛整合功能 (新安装可跳过)
3.在php168的安装目录下建立名称为bbs的文件夹
4.下载安装discuz bbs v4.1.0的upload/下的所有文件拷贝到bbs文件夹下
5.运行discuz bbs的install.php 进行安装
6.到discuz的后台管理设置开启通行证
具体参数如下
启用通行证: 是
应用程序 URL 地址: http://localhost/php168/ 根据具体情况设置
通行证私有密匙: 1234567890 (如果这里改了..两个整合文件中的$passportkey的值也必须改成相同的值)
验证字串有效期(秒): 3600
应用程序注册地址: register.php
应用程序登录地址: login.php
应用程序退出地址: login.php?action=quit
积分同步选项: 不同步积分
7.将整合压缩包中的login.php 和 register.php替换 php168下同名的文件
安装完成

/请保留以下信息,以方便其他网友在整合时遇到问题可以获得更多帮助
//整合贡献者: huozhe3136 疑问请加我qq: 2666556 (提供整合效果的演示)
//视频贡献: 一热心网友
//关于整合的更多内容请访问https://discuz.dismall.com/thread-304838-1-1.html

程序打包下载地址:http://www.photoxtd.com/chinaylrc/php168_discuz.rar
视频演示下载地址:http://www.photoxtd.com/chinaylrc/php168vcr.rar
apmserv5.12 下载地址: http://down.chinaz.com/s/7558.asp

第三篇: asp程序与discuz v4.10的整合方法
1.文件discuz_passport.asp

<%
'请保留以下信息以备出现问题时使用
'贡献者 huozhe3136 QQ:2666556
'=====================================================
'============仿discuz passport编码函数================
'=====================================================
function passport_encrypt(txt, key)
dim encrypt_key, encrypt_key_ary,txt_ary
dim ctr,tmp,i
Randomize
encrypt_key=md5(Int(32000* Rnd),32)
encrypt_key_ary=strtoary(encrypt_key)
txt_ary=strtoary(txt)
ctr = 0
tmp = ""
for i = 0 to StrLength(txt)-1
if ctr=len(encrypt_key) then ctr=0 else ctr=ctr
tmp = tmp & encrypt_key_Ary(ctr) & mxor(txt_ary(i),encrypt_key_ary(ctr))
ctr=ctr+1
next
passport_encrypt=strAnsi2Unicode(base64Encode(passport_key(tmp, key)))
end function
'=====================================================
'============仿discuz passport解码函数================
'=====================================================
function passport_decrypt(txt, key)
Dim txt_ary,tmp,i
txt = passport_key(base64Decode(strUnicode2Ansi(txt)), key)
txt_ary = AnsiToAry(txt)
' 变量初始化
tmp = ""
for i = 0 To lenb(txt)-1
tmp = tmp & mxor(txt_ary(i),txt_ary(i+1))
i=i+1
next
passport_decrypt = strAnsi2Unicode(tmp)
end function
'=====================================================
'==========仿discuz Passport 密匙处理函数=============
'=====================================================
function passport_key(ansitxt, encrypt_key)
dim encrypt_key_tmp,encrypt_key_ary,txt_ary
dim ctr,tmp,i
encrypt_key_tmp = md5(encrypt_key,32)
encrypt_key_ary=StrToAry(encrypt_key_tmp)
txt_ary=AnsiToAry(ansitxt)
ctr = 0
tmp = ""
for i=0 to lenb(ansitxt)-1
if ctr=len(encrypt_key_tmp) then ctr=0 else ctr=ctr
tmp= tmp & mxor(txt_ary(i),encrypt_key_ary(ctr))
ctr=ctr+1
next
passport_key=tmp
end function
'=====================================================
'=================将字符串转换为Ansi数组==============
'=====================================================
function StrToAry(str)
dim ary(),length,tmpstr,i
tmpstr=strUnicode2Ansi(str)
length=lenb(tmpstr)
redim ary(length)
for i=0 to length-1
ary(i)=midb(tmpstr,i+1,1)
next
StrToAry=ary
end function
'=====================================================
'=================将Ansi字符串转换为Ansi数组==========
'=====================================================
function AnsiToAry(str)
dim ary(),length,i
length=lenb(str)
redim ary(length)
for i=0 to length-1
ary(i)=midb(str,i+1,1)
next
AnsiToAry=ary
end function
'=====================================================
'=================异或操作============================
'=====================================================
function mxor(chrb1,chrb2)
if chrb1<>"" and chrb2 <>"" then
mxor=chrb(ascb(chrb1) xor ascb(chrb2))
end if
end function
Function StrLength(str)
ON ERROR RESUME NEXT
Dim WINNT_CHINESE
WINNT_CHINESE = (len("中国")=2)
If WINNT_CHINESE Then
Dim l,t,c
Dim i
l=len(str)
t=l
For i=1 To l
c=asc(mid(str,i,1))
If c<0 Then c=c+65536
If c>255 Then
t=t+1
End If
Next
strLength=t
Else
strLength=len(str)
End If
If err.number<>0 Then err.clear
End Function
%>

复制代码

2.文件 login.asp

<%
'asp的整合方法已更新，，中文注册乱码问题已解决
'================================================================
'=====================用法示例==疑问加我QQ:2666556===============
'================================================================
dim PassportKey,YourAspWeb_Url,DiscuzBbs_Url
PassportKey="1234567890" '这里换成你discuz论坛通行证设置的passportkey
YourAspWeb_Url="http://localhost/test2/login.asp" '这里换成你的主页绝对地址或相对地址
DiscuzBbs_Url="http://localhost:8080/discuz/" '这里换成你的discuz论坛绝对地址或相对地址
select case request.QueryString("act")
case "login" call login()
case "logout" call logout()
end select
if request.Cookies("username")<>"" then
dim str
str=request.Cookies("username") & " 你好你已登陆成功" &_
" <a href=""t3.asp?act=logout"">点击这里退出登陆</a>" &_
" <a href="""& DiscuzBbs_Url & """>点击这里访问论坛</a><br>"
response.Write(str)
end if
function logout()
dim auth,forward,verify
auth=request.Cookies("auth")
response.Cookies("username")=""
response.Cookies("auth")=""
forward=request.QueryString("forward")
if forward="" then forward=YourAspWeb_Url
verify = md5("logout"& auth & forward & PassportKey ,32)
auth=server.URLEncode(auth)
forward=server.URLEncode(forward)
response.Redirect(DiscuzBbs_Url & "api/passport.php?action=logout&auth=" & auth & "&forward=" & forward & "&verify=" & verify)
end function
function login()
dim auth,forward,verify,member_info
'需根据实际情况修改,这里只作最简单的验证
if request.Form("username")="admin" and request.Form("password")="123456" then
'设置自己的cookie 或 session
response.Cookies("username")=request.Form("username")
'========================================================
'===============passport 整合开始========================
'========================================================
'假设从用户数据库里取出email 为abc@hotmail.com
member_info="time=" & datediff("s","1970-1-1 00:00:00",now) &_
"&username=" & request.Form("username") &_
"&password=" & md5(request.Form("password"),32) &_
"&email=" & "abc@hotmail.com"
auth = passport_encrypt(member_info , PassportKey)
response.Cookies("auth")=auth
forward=request.form("forward")
if forward="" then forward=YourAspWeb_Url
verify = md5("login" & auth & forward & PassportKey,32)
auth=server.URLEncode(auth)
forward=server.URLEncode(forward)
response.Redirect(DiscuzBbs_Url & "api/passport.php?action=login&auth=" & auth & "&forward=" & forward & "&verify=" & verify)
'========================================================
'===============passport 整合结束========================
'========================================================
else
response.Write("登陆失败<br>")
end if
end function
%>
<form name="form1" method="post" action="login.asp?act=login">
用户名:
<input type="text" name="username">
<br>
密　码:
<input type="password" name="password">
<br>
<input type="hidden" name="forward" value="<%=request.QueryString("forward")%>">　　　　
<input type="submit" name="Submit" value="　登　陆　">
</form>

复制代码

第四篇 :Asp整合实例－PowerEasy2006 SP2普及版与 discuz v4.10的整合

PowerEasy下载地址:http://www.powereasy.net/Soft/PE_soft/181.html

步骤1：
下载安装powerEasy,下载安装discuz v4.10

步骤2：
将user_chklogin.asp 覆盖到 powereasy安装根目录/user/user_chklogin.asp
将user_logout.asp 覆盖到 powereasy安装根目录/user/user_logout.asp
将user_regpost.asp  覆盖到 powereasy安装根目录/reg/user_regpost.asp
拷贝discuz_passport文件夹到Powereasy安装根目录

步骤3:  修改discuz_passport里的config.asp文件部分变量
Discuz_PassportKey="1234567890"    '这里换成你discuz论坛通行证设置的passportkey
Discuz_YourAspWeb_Url="http://localhost:8080/"  '这里换成你的主页绝对地址或相对地址
Discuz_Bbs_Url="http://localhost/discuz/"    '这里换成你的discuz论坛绝对地址或相对地址

步骤4：
到discuz论坛后台通行证设置开启通行证
启用通行证: 是
应用程序 URL 地址: http://localhost:8080/ '这里换成你的主页绝对地址或相对地址
通行证私有密匙: 1234567890 '这里必须与Discuz_Passportkey的值相同
验证字串有效期(秒): 3600
应用程序注册地址: Reg/User_Reg.asp
应用程序登录地址: index.asp
应用程序退出地址: User/User_Logout.asp
具体请参照论坛设置图片

第五篇主站与discuz同服务器无需Passport的整合方法

<?php
//discuz同服务器下无passport登陆整合方法
//贡献:huozhe3136 QQ:2666556
//假设discuz安装在网站根目录下的bbs/中
//用法事例
error_reporting(E_ALL);
$path_bbs="bbs/";//请修改为你的论坛的相对路径
$check_username="admin";//测试时这个用户名必须在论坛里也存在
$check_password="123456";
define('IN_DISCUZ', TRUE);//为了包含discuz下的文件这个必须定义
require_once "$path_bbs/config.inc.php";//获得论坛数据库的配置
require_once "$path_bbs/include/db_mysql.class.php";
if(@$_GET[act]=="logout"){
foreach ($_COOKIE as $key => $value) {
setcookie($key,'',time() - 3600,$cookiepath,$cookiedomain,0);
header("Location:".$_SERVER['PHP_SELF']);
}
}
if(isset($_POST["submit"])){//检查是否点击了提交按钮
$username=trim($_POST['username']);
$pwd=trim($_POST['password']);
//主站验证登陆,为简单起见,这里只作简单的示范
if($username==$check_username && $pwd==$check_password){//测试时这个用户名必须在论坛里也存在
$db = new dbstuff;
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);//$dbhost,$dbuser,$dbpw,$dbname,$pconnect是在bbs/config.inc.php里定义的变量
$sql="select * from {$tablepre}members where username='$username'";
$rs = $db->query($sql);
if($dzmember = $db->fetch_array($rs)){
setcookie('myusername',$username,time()+3600,$cookiepath,$cookiedomain,0);//设置主站自身的cookie
setcookie("{$tablepre}sid",'',time() - 3600,$cookiepath,$cookiedomain,0);//让discuz的sid过期是为了让discuz重新分配一个新的sid
setcookie("{$tablepre}auth", authcode("$dzmember[password]\t$dzmember[secques]\t$dzmember[uid]", 'ENCODE'),time()+3600,$cookiepath,$cookiedomain,0);//$cookiepath和$cookiedomainbbs/config.inc.php里定义的变量
header("Location:".$_SERVER['REQUEST_URI']);
}
}
}
//下面这个函数是discuz的用户cookie编码函数,已修改,原型在$path_bbs/include/global.func.php
function authcode($string, $operation) {
global $_SERVER, $_DCACHE,$path_bbs;
require_once "$path_bbs/forumdata/cache/cache_settings.php";//需要获取论坛的authkey
$discuz_auth_key = md5($_DCACHE['settings']['authkey'].$_SERVER['HTTP_USER_AGENT']);
$coded = '';
$keylength = strlen($discuz_auth_key);
$string = $operation == 'DECODE' ? base64_decode($string) : $string;
for($i = 0; $i < strlen($string); $i += $keylength) {
$coded .= substr($string, $i, $keylength) ^ $discuz_auth_key;
}
$coded = $operation == 'ENCODE' ? str_replace('=', '', base64_encode($coded)) : $coded;
return $coded;
}
?>
<?php
if(@$_COOKIE['myusername']==''){
?>
<form action="" method="POST">
用户名:<input name="username">测试用户名为admin,请更改为你的用户名<br>
密码:<input type="password" name="password">测试密码为123456<br>
<input type="submit" name="submit" value="测试">
</form>
<?php
}
else echo("登陆成功,<a href='{$path_bbs}index.php' target=_blank>请到论坛检查登陆</a><br><a href='?act=logout'>退出登陆</a> ");
?>

复制代码

第六篇 C#与discuz5.0的整合实例

using System;
using System.Security.Cryptography;
using System.Text;
/// <summary>
/// c#与discuz的passport整合事例
/// 请保留以下信息以备出现问题时使用
/// 整合贡献:huozhe3136 QQ:2666556
/// 调试工具:Microsoft Visual Web Developer 2005
/// </summary>
public partial class _Default : System.Web.UI.Page {
//------------------------需要修改的设置---------------------------------
string webUrl = "http://localhost:1627/webapp/Default.aspx";//这里修改为你的测试主站的地址,不要缺少最后的'/'号
string dzUrl = "http://localhost:8080/discuz/";//这里修改为你的dz地址,不要缺少最后的'/'号
string dzPassportKey = "1234567890";//这里修改为你的dz后台通行证设置里的possportkey
string dzForward = "";
string dzAuth = "";
string dzVerify = "";
protected void Page_Load(object sender, EventArgs e){
dzForward = Request.QueryString["forward"];
if (Request.QueryString["act"] == "logout") logout();
if(Session["username"]!=null) Response.Write(Session["username"].ToString()+ "登陆成功! <a href="default.aspx?act=logout">点击这里退出登陆</a> <a href="+dzUrl+" target=_blank>访问论坛</a><br>");
}
protected void logout(){
Session["username"] = null;
dzForward = Request.QueryString["forward"];//获取返回地址
if (dzForward == "") dzForward = webUrl;//如果返回地址为空,则返回设置的页
dzVerify = md5("logout" + dzForward + dzPassportKey);
dzForward = Server.UrlEncode(dzForward);
Response.Redirect(dzUrl + "api/passport.php?action=logout&auth=&forward=" + dzForward + "&verify=" + dzVerify);
}
protected void Button1_Click(object sender, EventArgs e){
string postUsername;
string postPwd;
postUsername = username.Text.ToString().Trim();
postPwd = password.Text.ToString();
if(postUsername=="admin" && postPwd=="123456"){
Session["username"]=postUsername;//设置主站自身的cookie或session;
//---------------------------passport注册或登陆整合开始-----------------------------
string memberInfo = "username=" + postUsername
+ "&password=" + md5(postPwd)
+ "&time="+ time()//获取当前时间与格林威治的秒差
+ "&email="+"abc@abc.com";//需要email的值,实际整合通常情况是从数据库里获取用户email
dzAuth = passport_encrypt(memberInfo , dzPassportKey);
dzForward = forward.Value.ToString().Trim();//获取返回地址
if(dzForward=="") dzForward = webUrl;//如果返回地址为空,则返回设置的页
dzVerify = md5("login" + dzAuth + dzForward + dzPassportKey);
dzAuth = Server.UrlEncode(dzAuth);
dzForward = Server.UrlEncode(dzForward);
Response.Redirect(dzUrl + "api/passport.php?action=login&auth=" + dzAuth + "&forward=" + dzForward + "&verify=" + dzVerify);
//---------------------------passport注册或登陆整合结束-----------------------------
}else Response.Write("登陆失败<br>");
}
//------------------------------------以下为一些关键函数------------------------------
// 将字符串转换为byte数组
public byte[] strToByteAry(string str){
return Encoding.Default.GetBytes(str);
}
// c# dz通信证编码函数
public string passport_encrypt(string txt, string key){
byte[] randomNumber = new byte[1];
RNGCryptoServiceProvider Gen = new RNGCryptoServiceProvider();
Gen.GetBytes(randomNumber);
int rand = Convert.ToInt32(randomNumber[0]);
string encrypt_key = md5(rand.ToString());
byte[] txtAry = strToByteAry(txt);
byte[] encryAry = strToByteAry(encrypt_key);
int j = 0;
int ctr = 0;
byte[] tmp = new byte[2 * txtAry.Length];
for (int i = 0; i < txtAry.Length; i++)
{
ctr = ctr == encryAry.Length ? 0 : ctr;
tmp[j++] = encryAry[ctr];
tmp[j++] = xor(txtAry[i], encryAry[ctr++]);
}
return Convert.ToBase64String(passport_key(tmp, key));
}
// c# dz通行证解码函数
public string passport_decrypt(string txt, string key){
byte[] t = Convert.FromBase64String(txt);
byte[] btxt = passport_key(t, key);
byte[] btmp = new byte[btxt.Length];
int j = 0;
for (int i = 0; i < btxt.Length; i++, j++)
btmp[j] = xor(btxt[i], btxt[++i]);
return Encoding.Default.GetString(btmp);
}
// c# dz通行证密匙处理函数
public byte[] passport_key(byte[] btxt, string key){
key = md5(key);
byte[] keyAry = strToByteAry(key);
int ctr = 0;
byte[] tmp = new byte[btxt.Length];
for (int i = 0; i < btxt.Length; i++){
ctr = (ctr == keyAry.Length) ? 0 : ctr;
tmp[i] = xor(btxt[i], keyAry[ctr++]);
}
return tmp;
}
// 针对byte的异或
public byte xor(byte a, byte b){
return Convert.ToByte(a ^ b);
}
// 获取UNIX时间戳
public string time(){
DateTime dtStart = TimeZone.CurrentTimeZone.ToLocalTime(new DateTime(1970, 1, 1));
DateTime dtNow = DateTime.Parse(DateTime.Now.ToString());
TimeSpan toNow = dtNow.Subtract(dtStart);
string timeStamp = toNow.Ticks.ToString();
timeStamp = timeStamp.Substring(0, timeStamp.Length - 7);
return timeStamp;
}
// md5加密
public string md5(string str){
MD5 md5Hasher = MD5.Create();
string re="";
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(str));
for (int i = 0; i < data.Length; i++)
re += data[i].ToString("x2");
return re;
}
}

复制代码

[ 本帖最后由 huozhe3136 于 2006-10-8 11:48 编辑 ]

phpspy · 发表于 2006-5-29 16:40:46

好文章学习中

jzhcctv · 发表于 2006-5-29 16:41:43

感谢

ㄨЬái鷺♂ · 发表于 2006-5-29 16:47:25

昏。早见过了。

phpspy · 发表于 2006-5-29 17:09:40

?>
<form action=login.php?act=login method=post>
用户名:<input name=username>
密码:<input name=password>
<input name=submit type=submit value=登陆></form>
<?php
这段代码应该怎么理解！菜问题！

huozhe3136 · 发表于 2006-5-30 08:42:02

第七篇：jsp与discuz的整合方法
一直有人问我jsp与dz的整合方法，不过我对jsp一点都不熟，基本上就是不会。
后网上搜了一篇文章，也没注明是哪位仁兄所写的，我没有验证过，现贴出供大家参考。
jsp 应用系统整合discuz论坛用户系统
关键代码

/**
* MD5算法
* @param strToEncrypt
* @return
*/
public static String Md5(String strToEncrypt)
{
char hexDigits[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
'a', 'b', 'c', 'd', 'e', 'f' };
try
{
byte[] strTemp = strToEncrypt.getBytes();
MessageDigest mdTemp = MessageDigest.getInstance("MD5");
mdTemp.update(strTemp);
byte[] md = mdTemp.digest();
int j = md.length;
char str[] = new char[j * 2];
int k = 0;
for (int i = 0; i < j; i++)
{
byte byte0 = md[i];
str[k++] = hexDigits[byte0 >>> 4 & 0xf];
str[k++] = hexDigits[byte0 & 0xf];
}
return new String(str);
}
catch (Exception e)
{
return "";
}
}

复制代码

整合函数

package com.tecamo.cms.util;
import java.io.UnsupportedEncodingException;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import com.tecamo.util.encrypt.EncryptString;
import sun.misc.BASE64Decoder;
public class DiscuzPassportUtils
{
public static String passportEncrypt(String src, String key) {
Random random = new Random();
random.setSeed(System.currentTimeMillis());
String rand = "" + random.nextInt() % 32000;
String encryptKey = EncryptString.encryptMD5(rand);
int ctr = 0;
String tmp = "";
for (int i = 0; i < src.length(); ++i) {
ctr = (ctr == encryptKey.length() ? 0 : ctr);
tmp += encryptKey.charAt(ctr);
char c = (char) (src.charAt(i) ^ encryptKey.charAt(ctr));
tmp += c;
ctr++;
}
String passportKey = passportKey(tmp, key);
return new sun.misc.BASE64Encoder().encode(passportKey.getBytes());
}
public static String passortDecrypt(String src, String key) {
byte[] bytes = null;
try {
bytes = new BASE64Decoder().decodeBuffer(src);
src = new String(bytes);
} catch (Exception e) {
return null;
}
src = passportKey(src, key);
String tmp = "";
for (int i = 0; i < src.length(); ++i) {
char c = (char)(src.charAt(i) ^ src.charAt(++i));
tmp += c;
}
return tmp;
}
public static String passportKey(String src, String key) {
String encryptKey = EncryptString.encryptMD5(key);
int ctr = 0;
String tmp = "";
for (int i = 0; i < src.length(); ++i) {
ctr = (ctr == encryptKey.length() ? 0 : ctr);
char c = (char) (src.charAt(i) ^ encryptKey.charAt(ctr));
tmp += c;
ctr++;
}
return tmp;
}
public static String passportEncode(Map<String, String> data) {
Set<String> keys = data.keySet();
String ret = "";
for (String key : keys) {
try {
ret += java.net.URLEncoder.encode(key, "UTF-8") + "=" + java.net.URLEncoder.encode(data.get(key), "UTF-8") + "&";
} catch (UnsupportedEncodingException e) {
return "";
}
}
if (ret.length() > 0)
return ret.substring(0, ret.length() - 1);
return "";
}
}

复制代码

调用方法:
login.jsp

<%@ page language="java" import="java.util.*" pageEncoding="gbk"%>
<%@page import="com.tecamo.util.web.MyRequest"%>
<%@page import="com.tecamo.cms.util.DiscuzPassportUtils"%>
<%@page import="com.tecamo.cms.util.ShareFunction"%>
<%@page import="com.tecamo.util.encrypt.EncryptString"%>
<%@page import="java.net.URLEncoder"%>
<%
String strUser=(String) session.getAttribute("username");
if(strUser!=null && !strUser.equals(""))
{
out.println("当前用户:" + strUser);
}
String forward=MyRequest.getString(request,"forward","");
String action=MyRequest.getString(request,"action","");
if(action.equals("login"))
{
String forumURL="http://devserver:8066";
String userName=MyRequest.getString(request,"account","");
String email=userName;
String pwd=MyRequest.getString(request,"pwd","");
Map<String, String> mb = new LinkedHashMap<String, String>();
mb.put("time", ""+System.currentTimeMillis());
mb.put("username", userName);
mb.put("email", email);
mb.put("password", pwd);
String key = "12345678901";
String enc=DiscuzPassportUtils.passportEncode(mb);
String auth = DiscuzPassportUtils.passportEncrypt(enc, key);
String verify = "login" + auth + forward + key;
verify = EncryptString.encryptMD5(verify);
String location = forumURL+"/api/passport.php?action=login&auth="+URLEncoder.encode(auth, "UTF-8")+"&forward="+URLEncoder.encode(forward, "UTF-8")+"&verify="+URLEncoder.encode(verify, "UTF-8");
response.sendRedirect(location);
session.setAttribute("username",userName);
}
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<form>
<table>
<tr>
<td>帐号</td><td><input type="text" name="account"></td>
</tr>
<tr><td>密码</td><td><input type="password" name="pwd"></td></tr>
<tr><td colspan="2">
<input type="hidden" value="<%=forward%>">
<input type="hidden" name="action" value="login">
<input type="submit" value="登录"> </td></tr>
</table>
</form>
</body>
</html>

复制代码

logout.jsp

<%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>
<%@page import="com.tecamo.util.encrypt.EncryptString"%>
<%@page import="java.net.URLEncoder"%>
<%@page import="com.tecamo.util.web.MyRequest"%>
<%
//discuz 地址
String forumURL=http://dddd:8066;
String forward=MyRequest.getString(request,"forward","");
//discuz 配置的私钥
String key = "12345678901";
String verify = "logout" + forward + key;
verify = EncryptString.encryptMD5(verify);
String location = forumURL+"/api/passport.php?action=logout&forward="+URLEncoder.encode(forward, "UTF-8")+"&verify="+URLEncoder.encode(verify, "UTF-8");
response.sendRedirect(location);
session.invalidate();
%>

复制代码

[ 本帖最后由 huozhe3136 于 2008-4-7 11:50 编辑 ]

cjpsn · 发表于 2006-5-30 09:10:09

首先说,你是尽心的为大家服务的!你的代码是一个非常好的一个实例!但好像实用性方面有点欠缺!笔者建议能把上述代码用一个真正的网站实例来演示的更好!非常欣赏你代码运用之精妙,现以dz整合168整站为例,加以讲解说明!

1.dz整合168整站(或者说dz与168整站实现数据共享,共用一个通行证,实现同步登录的功能!)
2.你不必担心技术难度,因为单从整合数据一方来说,目前已经解决!只是不能同步登录!如果你很想帮助我们解决问题,请用dz passport的应用角度给个解决办法!
3.168整站相关文件代码:
login.php代码,重点修改部分

<?php
require_once("./global.php");
if(!$jumpurl||ereg("login.php",$jumpurl) ){
if($_COOKIE['loginurl'] && !ereg("login.php",$_COOKIE['loginurl'])){
$jumpurl=$_COOKIE['loginurl'];
}elseif( !ereg("login.php",$FROMURL) ){
$jumpurl=$FROMURL;
}else{
$jumpurl="./index.php";
}
}

if($lfjid&&$action!="quit"){

refreshto("./","have_login",0);

}elseif($action=="quit"){
//if( is_passport ){
setcookie('passport',"",0,'/');
//}else{
// setcookie('lfjuid','',0,'/');
// setcookie('lfjid','',0,'/');
// setcookie('lfjpwd','',0,'/');
// setcookie('loginurl','',0,'/');
//}
refreshto($FROMURL,'quit_succeed');

}elseif($step){

if(!$loginuser){
showerr("forbid_no_username");
}elseif(!$loginpwd){
showerr("forbid_no_pwd");
}
$loginpwd=md5($loginpwd);

$logindb=$db->get_one("select * from {$P_M[m][table]} where {$P_M[m][username]}='$loginuser' ");
if($logindb){
$logindb[password]=$logindb[$P_M[m][password]];
$logindb['thisvisit']=$logindb[$P_M[m][thisvisit]];
$logindb[yz]=$logindb[$P_M[m][yz]];
$logindb[onlineip]=$logindb[$P_M[m][onlineip]];
$logindb[uid]=$logindb[$P_M[m][uid]];
$logindb[username]=$logindb[$P_M[m][username]];
}
if(!$logindb['password']){
showerr("no_username");
}elseif($logindb['password']!=$loginpwd){
showerr("pwd_err");
}elseif($logindb['password']==$loginpwd){
if($logindb['yz']>1){
showerr("no_yz");
}
if( date("d",$logindb['thisvisit'])!=$usr_info['today'] ){
$SQL=",{$P_M[m][todaypost]}=0,{$P_M[m][attach]}=0 ";
}else{
$SQL="";
}
$logindb[thisvisit] || $logindb[thisvisit]=$timestamp;
$db->query("update {$P_M[m][table]} set {$P_M[m][lastvisit]}='$logindb[thisvisit]',{$P_M[m][thisvisit]}='$timestamp',{$P_M[m][loginnum]}={$P_M[m][loginnum]}+1,{$P_M[m][lastip]}='$logindb[onlineip]'$SQL where {$P_M[m][username]}='$loginuser' ");

if($cktime){
$cktime=$timestamp+$cktime;
}else{
$cktime=$timestamp+3600;
}

//if(is_passport){
setcookie('passport',"$logindb[uid]\t$loginuser\t$loginpwd",$cktime,'/');
//}else{
// setcookie('lfjuid',$logindb['uid'],$cktime,'/');
// setcookie('lfjid',$logindb['username'],$cktime,'/');
// setcookie('lfjpwd',$loginpwd,$cktime,'/');
// setcookie('loginurl','',0);
//}
$lfjdb=$logindb;
write_usrinfo($lfjdb);
refreshto($jumpurl,'login_succeed');
}

}else{

require_once(html("css"));
require_once(html("head"));
require_once(html("login"));
require_once("foot.php");

}
?>

[ 本帖最后由 cjpsn 于 2006-6-3 12:49 编辑 ]

phpspy · 发表于 2006-5-30 09:58:56

提个比较菜的问题!上面大家写的好象都是DZ与CMS连接的部分!但是CMS与DZ连接的部分应该怎么写!特别是数据部分!这个LOGIN.PHP是放到DZ里的吧!?谢谢了!

phpspy · 发表于 2006-5-30 11:11:30

header('Location: http://www.myforums.com/api/pass ... /yyy&verify=zzz')
和 header('Location: http://www.myforums.com/api/pass ... /yyy&verify=zzz')
这个变量要分别加到CMS的登陆和登出代码里么？

huozhe3136 · 发表于 2006-5-30 12:09:16

原帖由 phpspy 于 2006-5-30 09:58 发表
提个比较菜的问题!上面大家写的好象都是DZ与CMS连接的部分!但是CMS与DZ连接的部分应该怎么写!特别是数据部分!这个LOGIN.PHP是放到DZ里的吧!?谢谢了!

这个login.php是放到 cms里的

		自动登录	找回密码
密码			立即注册

Passport 通行证整合

本帖子中包含更多资源

评分

Passport 通行证 整合

本帖子中包含更多资源

评分

Passport 通行证整合