0

我是 PHP 新手,无法使用全局变量。我有一个名为 profile 的全局数组。但是,当我声明访问配置文件的特定索引“授权”的内容时,该值不会在设置的函数之外更改。我担心这可能是由于“授权”索引是声明数组时未在数组中声明。但是,其他索引也会发生这种情况,所以我不太确定。任何帮助都会非常有帮助!

简介:

/**
 * User profile
 * @name $profile
 * @global array $GLOBALS['profile']
 */
$GLOBALS['profile'] = array(
    # Basic Config - Required
'username' => 'tom',
'x' => 'filler',
'y' => 'filler',
'salt' => 'filler',

    # Optional Config - Please see README before setting these
#   'microid'   =>  array('mailto:user@site', 'http://delegator'),
#   'pavatar'   =>  'http://your.site.com/path/pavatar.img',

    # Advanced Config - Please see README before setting these
    'allow_gmp' =>  true,
#   'allow_test'    =>  false,
#   'allow_suhosin' =>  false,
#   'auth_realm'    =>  'phpMyID',
#   'force_bigmath' =>  false,
#   'idp_url'   =>  'http://192.168.1.5/MyID.config.php',
#   'lifetime'  =>  1440,
#   'paranoid'  =>  false, # EXPERIMENTAL

    # Debug Config - Please see README before setting these
#   'debug'     =>  false,
#   'logfile'   =>  '/tmp/phpMyID.debug.log',
);

设置 profile['authorized'] 的函数:

/**
 *Handles the validation of the signature from the user
 */
function validate_mode()
{
global $profile;

user_session();


$qString = strtoupper('abc');
$pString = strtoupper('abc');
$gString = '10';
$aString = strtoupper($_POST['a']);
$zString = strtoupper($_POST['z']);
$yString = strtoupper($_POST['y']);
$cString = $_POST['c'];
$c = gmp_init($cString, 16);
//echo$cString;

$q1 = gmp_init($qString, 16);
$p1 = gmp_init($pString, 16);
$g1 = gmp_init($gString, 16);
$a = gmp_init($aString, 16);
$z = gmp_init($zString, 16);
//$hex_y = base64_decode(yString);
$y = gmp_init($yString, 16);
//echo $yString;

$hash = sha1($pString,false);

$hash = $hash . sha1($qString,false);
$hash = $hash . sha1($gString,false);
$hash = $hash . sha1($yString,false);
$hash = $hash . sha1($cString,false);
$hash = $hash . sha1($aString,false);
$full_hash =sha1($hash,false);

//echo $full_hash;
if (gmp_cmp($z, $q1) < 0)
    {
        $temp_ans = gmp_powm($a, $q1, $p1);
        if (gmp_cmp($temp_ans, 1) == 0)
        {

                $this_hash = gmp_init($full_hash, 16);
                $temp_pow = gmp_powm($g1,$z,$p1);
                $temp_inner =gmp_powm($y,$this_hash, $p1);
                $temp_mid = gmp_mul($a, $temp_inner);
                $temp_pow2 = gmp_mod($temp_mid, $p1);

                if (gmp_cmp($temp_pow, $temp_pow2) == 0)
                {   
                    $compare = strcmp($cString,$_SESSION['challenge']);
                    if ($compare == 0)
                    {
                        $_SESSION['auth_url'] = $profile['idp_url'];

                        $profile['authorized'] = true;
                        // return to the refresh url if they get in
                        wrap_redirect($profile['idp_url']."?openid.mode=id_res");
                    }//ends the $compare == 0;
                    else 
                        echo "The session stored challenge value does not match the one supplied"."\n";
                }//ends the gmp_cmp if statement.
                else
                    echo"g^z mod p doesn't equal a*y^c mod p"."\n";
        }//ends the if($temp_ans ==1)
        else
            echo"a^q  mod p does not equal 1 so we exited"."\n";
    }//ends the if comparing of z and q
    else
        echo"Z is greater than Q so it is exiting"."<br>";
}//ends the validate mode

profile['authorized'] 被访问且值没有改变的函数:

function id_res_mode () {
    global $profile;
echo "authorization".$profile['authorized'];
    user_session();

    if ($profile['authorized'])
        wrap_html('You are logged in as ' . $_SESSION['username']);

    wrap_html('You are not logged in');
}
4

1 回答 1

1

您没有在数组中声明授权。仅供参考,下次调试时,如果您打开了警告的错误报告,您将收到“未定义索引”警告。

于 2012-05-13T22:31:50.653 回答