PHP多站点登录 [英] PHP Multi site login

问题描述

我目前正在从事一个跨越多个域的项目.我希望用户能够同时登录一个站点，并同时登录所有其他站点.

I am currently working on a project that spans accross multiple domains. What I want is for the user to be able to login on one site and be logged in on all the others at the same time.

用户会话存储在数据库中，我在每个域上设置的cookie都包含会话ID.

The users session is stored in the database, the cookies that I set on each domain contain the session id.

因此，基本上，当用户登录example.com时，使用其会话ID创建cookie时，会话数据将存储在数据库中.完成此操作后，需要在所有其他域上使用此唯一的会话ID创建一个cookie，以便在用户从一个站点到另一个站点旅行时，他们将自动登录.

So basically when a user logs in to example.com a cookie is created with their session id, the session data is stored in the database. Once this is done a cookie needs to be created on all the other domains with this unique session id so that as the user travels from site to site they will automatically be logged in.

现在，我已经找到了一种在Firefox中执行此操作的方法(使用在其他域上执行PHP脚本的图像标签，实际上是在不同域上创建了不同的Cookie)，但是该方法在IE中不起作用(没有经过测试的Opera或Safari等).

Now I have found a way to do this in Firefox (using image tags that executes PHP scripts on the other domains, essentially creating the different cookies on the different domains) but this method doesn't work in IE (havn't tested Opera or Safari etc. yet).

有人对我如何使它在IE中工作有任何想法吗?

Does anyone have any ideas about how I can get this to work in IE?

推荐答案

看看我的问题交叉域用户跟踪.

您需要做的是在图像"中添加另一个HTTP标头.

What you need to do is to add another HTTP header to the "image".

如果您在Internet Explorer 6中使用FRAMESET，会话变量将会丢失:

您可以添加P3P紧凑型策略 您的孩子内容的标题，而您 可以声明没有恶意行为 用的数据执行 用户.如果Internet Explorer检测到 满意的政策，然后上网 资源管理器允许设置cookie.

You can add a P3P compact policy header to your child content, and you can declare that no malicious actions are performed with the data of the user. If Internet Explorer detects a satisfactory policy, then Internet Explorer permits the cookie to be set.

满足以下条件的简单紧凑型政策 该条件如下:

A simple compact policy that fulfills this criteria follows:

P3P:CP ="CAO PSA OUR"

P3P: CP="CAO PSA OUR"

此代码示例显示您的网站 提供您自己的访问权限 联系信息(CAO) 仅分析数据 伪分析"，这意味着 数据已连接到您的在线 角色而不是你的身体 身份(PSA)，并且您的数据是 未提供给任何外部机构 供那些代理商使用(OUR).

This code sample shows that your site provides you access to your own contact information (CAO), that any analyzed data is only "pseudo-analyzed", which means that the data is connected to your online persona and not to your physical identity (PSA), and that your data is not supplied to any outside agencies for those agencies to use (OUR).

如果使用 ASP中的Response.AddHeader方法 页.在ASP.NET中，您可以使用 Response.AppendHeader方法.你可以 使用IIS管理管理单元 (inetmgr)添加到静态文件.

You can set this header if you use the Response.AddHeader method in an ASP page. In ASP.NET, you can use the Response.AppendHeader method. You can use the IIS Management Snap-In (inetmgr) to add to a static file.

请按照以下步骤添加此标头 到静态文件:

Follow these steps to add this header to a static file:

1. 单击开始"，单击运行"，然后键入inetmgr.
2. 在左侧导航页面中，单击相应的文件或 网站中的目录 您想添加标题， 用鼠标右键单击该文件，然后单击 属性.
3. 点击"HTTP标头"标签.
4. 在自定义HTTP标头"组框中，单击添加".
5. 输入P3P作为标题名称，然后输入紧凑策略 字符串，输入CP = ...，其中"..."为 适用于您的紧凑型计算机的代码 政策.

1. Click Start, click Run, and then type inetmgr.
2. In the left navigation page, click the appropriate file or directory in your Web site to which you want to add the header, right-click the file, and then click Properties.
3. Click the HTTP Headers tab.
4. In the Custom HTTP Headers group box, click Add.
5. Type P3P for the header name, and then for the compact policy string, type CP=..., where "..." is the appropriate code for your compact policy.

这篇关于PHP多站点登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！