<?php switch($_GET['do']){ case 'vc': $cookieFile = "./test.tmp"; $url = 'http://localhost/test/login.php?do=vcode&?r='.rand(); $ch = curl_init($url); curl_setopt($ch,CURLOPT_COOKIEJAR, $cookieFile); // 把返回來的cookie信息保存在文件中 curl_exec($ch); curl_close($ch); exit; break; case 'login': $pars = http_build_query($_GET); $cookieFile = "./test.tmp"; $url = 'http://localhost/test/login.php?do=login&'.$pars; $ch = curl_init($url); curl_setopt($ch,CURLOPT_COOKIEFILE, $cookieFile); //同時發送Cookie curl_exec($ch); curl_close($ch); //虛擬操作 $url = 'http://localhost/test/login.php?do=dosth'; $ch = curl_init($url); curl_setopt($ch,CURLOPT_COOKIEFILE, $cookieFile); //同時發送Cookie curl_exec($ch); curl_close($ch); exit; break; default : break; } ?> <html> <form action=""> <input type="hidden" value="login" name="do"> <input type="text" value="test" name="u"> <input type="password" value="testp" name="p"> <input type="text" value="" name="vc"> <input type="submit" value="OK"> <iframe src="http://localhost/test/vmlogin.php?do=vc" ><iframe> </form> </html>
登錄頁面 login.php:
<?php session_start(); switch($_GET['do']){ case 'vcode': echo $_SESSION['vc'] = rand(100,999); exit(); break; case 'login': if($_GET['vc'] != $_SESSION['vc']) die('veryfy code error'); $auth = array('test'=>'testp'); if($auth[$_GET['u']] == $_GET['p']){ $_SESSION['has_login'] = 1; header("location:http://localhost/test/"); }else{ die('invalid user/pwd'); } exit(); break; case 'dosth': if($_SESSION['has_login']) exit("do sth"); else exit("no privilege"); break; default: break; } ?> <html> <form action=""> <input type="text" value="" name="u"> <input type="password" value="" name="p"> <input type="text" value="" name="vc"> <input type="hidden" value="login" name="do"> <input type="submit" value="OK"> <iframe src="http://localhost/test/login.php?do=vcode" ><iframe> </form> </html>