|
|
<?php
switch($_GET['do']){
case 'vc':
$cookieFile = "./test.tmp";
$url = 'http://localhost/test/login.php?do=vcode&?r='.rand();
$ch = curl_init($url);
curl_setopt($ch,CURLOPT_COOKIEJAR, $cookieFile); // 把返回来的cookie信息保存在文件中
curl_exec($ch);
curl_close($ch);
exit;
break;
case 'login':
$pars = http_build_query($_GET);
$cookieFile = "./test.tmp";
$url = 'http://localhost/test/login.php?do=login&'.$pars;
$ch = curl_init($url);
curl_setopt($ch,CURLOPT_COOKIEFILE, $cookieFile); //同时发送Cookie
curl_exec($ch);
curl_close($ch);
//虚拟操作
$url = 'http://localhost/test/login.php?do=dosth';
$ch = curl_init($url);
curl_setopt($ch,CURLOPT_COOKIEFILE, $cookieFile); //同时发送Cookie
curl_exec($ch);
curl_close($ch);
exit;
break;
default :
break;
}
?>
<html>
<form action="">
<input type="hidden" value="login" name="do">
<input type="text" value="test" name="u">
<input type="password" value="testp" name="p">
<input type="text" value="" name="vc">
<input type="submit" value="OK">
<iframe src="http://localhost/test/vmlogin.php?do=vc" ><iframe>
</form>
</html>
登录页面 login.php:
<?php
session_start();
switch($_GET['do']){
case 'vcode':
echo $_SESSION['vc'] = rand(100,999);
exit();
break;
case 'login':
if($_GET['vc'] != $_SESSION['vc'])
die('veryfy code error');
$auth = array('test'=>'testp');
if($auth[$_GET['u']] == $_GET['p']){
$_SESSION['has_login'] = 1;
header("location:http://localhost/test/");
}else{
die('invalid user/pwd');
}
exit();
break;
case 'dosth':
if($_SESSION['has_login'])
exit("do sth");
else
exit("no privilege");
break;
default:
break;
}
?>
<html>
<form action="">
<input type="text" value="" name="u">
<input type="password" value="" name="p">
<input type="text" value="" name="vc">
<input type="hidden" value="login" name="do">
<input type="submit" value="OK">
<iframe src="http://localhost/test/login.php?do=vcode" ><iframe>
</form>
</html>
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2015-8-26 15:44:01
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡