悠悠楠杉
网站页面
PHP cookie加密登录与验证
10/19
<?php
/**
* cookie加密登录与验证
* @param array $userInfo 用户信息
* @param bool|string $validate 是否为验证或者填入token值验证,填入data为返回用户信息,默认为false
* @param int $expiresTime 过期时间,默认为1天
* @param string $tag token标签,默认为zz_token
* @return bool|string
*/
function zz_login($userInfo, $validate = false, $expiresTime = 1, $tag = 'zz_token')
{
$salt = zz_salt();
$host = $_SERVER['HTTP_HOST'];
if (!$salt) {
return false;
}
if (!$validate) {
try {
$expiresTime = time() + 3600 * 24 * $expiresTime;
$token = aes_encrypt(json_encode(['userInfo' => $userInfo, 'domain' => $host, 'expiresTime' => $expiresTime, 'code' => md5(json_encode($userInfo) . $host . $expiresTime . $salt)]),$salt);
setcookie($tag, $token, $expiresTime, '/');
return $token;
} catch (Exception $e) {
return false;
}
} else {
if ($validate === true) {
if (empty($_COOKIE[$tag])) {
return false;
}
$arr = json_decode(aes_decrypt($_COOKIE[$tag],$salt), true);
} else if ($validate === 'data') {
if (empty($_COOKIE[$tag])) {
return false;
}
$arr = json_decode(aes_decrypt($_COOKIE[$tag],$salt), true);
return $arr['userInfo'] ?? [];
} else {
$arr = json_decode(aes_decrypt($validate,$salt), true);
}
if (empty($arr['userInfo']) || empty($arr['domain']) || $arr['domain'] !== $host || empty($arr['code']) || empty($arr['expiresTime']) || $arr['expiresTime'] <= time()) {
return false;
}
return $arr['code'] === md5(json_encode($arr['userInfo']) . $host . $arr['expiresTime'] . $salt);
}
return true;
}
/**
* 生成安全码
* @return string
*/
function zz_salt()
{
$root = $_SERVER['DOCUMENT_ROOT'];
$file = $root . '/salt.php';
if (is_file($file)) {
if(!defined('IN_SALT')){
define('IN_SALT',true);
}
include($file);
if (empty($salt) || empty($saltRoot) || $saltRoot !== $root) {
$salt = rand_str(32, true);
file_put_contents($file, "<?php \r\nif(!defined('IN_SALT')){\r\n\texit;\r\n}\r\n\$salt = '{$salt}';\r\n\$saltRoot = '{$root}';");
}
} else {
$salt = rand_str(32, true);
file_put_contents($file, "<?php \r\nif(!defined('IN_SALT')){\r\n\texit;\r\n}\r\n\$salt = '{$salt}';\r\n\$saltRoot = '{$root}';");
}
return $salt;
}
/**
* AES-256-CBC加密
* @param string $data 明文数据
* @param string $key 加密密钥(需满足长度要求)
* @return string base64编码的密文(含IV)
*/
function aes_encrypt($data, $key)
{
$iv = openssl_random_pseudo_bytes(16); // 生成16字节随机IV
$encrypted = openssl_encrypt(
$data,
'AES-256-CBC',
$key,
OPENSSL_RAW_DATA,
$iv
);
return base64_encode($iv . $encrypted); // IV与密文合并编码
}
/**
* AES-256-CBC解密
* @param string $encryptedData base64编码的密文(含IV)
* @param string $key 加密密钥
* @return string|false 解密后的明文
*/
function aes_decrypt($encryptedData, $key)
{
$data = base64_decode($encryptedData);
$iv = substr($data, 0, 16); // 提取前16字节作为IV
$ciphertext = substr($data, 16);
return openssl_decrypt(
$ciphertext,
'AES-256-CBC',
$key,
OPENSSL_RAW_DATA,
$iv
);
}
/**
* 生成随机字符串
* @param int $num
* @param bool $special
* @return string
*/
function rand_str($num = 6, $special = false)
{
$str = 'abcedfghjkmnpqrstuvwxyzABCEDFGHJKMNPQRSTUVWXYZ0123456789';
if ($special) {
$str .= '!@#$%^&*';
}
if (strlen($str) < $num) {
$str = $str . $str;
}
return substr(str_shuffle($str), 0, $num);
}
// 登录
$userInfo = ['id' => 1,'username' => 'admin'];
zz_login($userInfo);
// 验证
if(zz_login('',true)){
echo '登录';
}else{
echo '未登录';
}
// 获取用户信息
$arr = zz_login('','data');
print_r($arr);
