我是 PHP 新手,无法使用全局变量。我有一个名为 profile 的全局数组。但是,当我声明访问配置文件的特定索引“授权”的内容时,该值不会在设置的函数之外更改。我担心这可能是由于“授权”索引是声明数组时未在数组中声明。但是,其他索引也会发生这种情况,所以我不太确定。任何帮助都会非常有帮助!
简介:
/**
* User profile
* @name $profile
* @global array $GLOBALS['profile']
*/
$GLOBALS['profile'] = array(
# Basic Config - Required
'username' => 'tom',
'x' => 'filler',
'y' => 'filler',
'salt' => 'filler',
# Optional Config - Please see README before setting these
# 'microid' => array('mailto:user@site', 'http://delegator'),
# 'pavatar' => 'http://your.site.com/path/pavatar.img',
# Advanced Config - Please see README before setting these
'allow_gmp' => true,
# 'allow_test' => false,
# 'allow_suhosin' => false,
# 'auth_realm' => 'phpMyID',
# 'force_bigmath' => false,
# 'idp_url' => 'http://192.168.1.5/MyID.config.php',
# 'lifetime' => 1440,
# 'paranoid' => false, # EXPERIMENTAL
# Debug Config - Please see README before setting these
# 'debug' => false,
# 'logfile' => '/tmp/phpMyID.debug.log',
);
设置 profile['authorized'] 的函数:
/**
*Handles the validation of the signature from the user
*/
function validate_mode()
{
global $profile;
user_session();
$qString = strtoupper('abc');
$pString = strtoupper('abc');
$gString = '10';
$aString = strtoupper($_POST['a']);
$zString = strtoupper($_POST['z']);
$yString = strtoupper($_POST['y']);
$cString = $_POST['c'];
$c = gmp_init($cString, 16);
//echo$cString;
$q1 = gmp_init($qString, 16);
$p1 = gmp_init($pString, 16);
$g1 = gmp_init($gString, 16);
$a = gmp_init($aString, 16);
$z = gmp_init($zString, 16);
//$hex_y = base64_decode(yString);
$y = gmp_init($yString, 16);
//echo $yString;
$hash = sha1($pString,false);
$hash = $hash . sha1($qString,false);
$hash = $hash . sha1($gString,false);
$hash = $hash . sha1($yString,false);
$hash = $hash . sha1($cString,false);
$hash = $hash . sha1($aString,false);
$full_hash =sha1($hash,false);
//echo $full_hash;
if (gmp_cmp($z, $q1) < 0)
{
$temp_ans = gmp_powm($a, $q1, $p1);
if (gmp_cmp($temp_ans, 1) == 0)
{
$this_hash = gmp_init($full_hash, 16);
$temp_pow = gmp_powm($g1,$z,$p1);
$temp_inner =gmp_powm($y,$this_hash, $p1);
$temp_mid = gmp_mul($a, $temp_inner);
$temp_pow2 = gmp_mod($temp_mid, $p1);
if (gmp_cmp($temp_pow, $temp_pow2) == 0)
{
$compare = strcmp($cString,$_SESSION['challenge']);
if ($compare == 0)
{
$_SESSION['auth_url'] = $profile['idp_url'];
$profile['authorized'] = true;
// return to the refresh url if they get in
wrap_redirect($profile['idp_url']."?openid.mode=id_res");
}//ends the $compare == 0;
else
echo "The session stored challenge value does not match the one supplied"."\n";
}//ends the gmp_cmp if statement.
else
echo"g^z mod p doesn't equal a*y^c mod p"."\n";
}//ends the if($temp_ans ==1)
else
echo"a^q mod p does not equal 1 so we exited"."\n";
}//ends the if comparing of z and q
else
echo"Z is greater than Q so it is exiting"."<br>";
}//ends the validate mode
profile['authorized'] 被访问且值没有改变的函数:
function id_res_mode () {
global $profile;
echo "authorization".$profile['authorized'];
user_session();
if ($profile['authorized'])
wrap_html('You are logged in as ' . $_SESSION['username']);
wrap_html('You are not logged in');
}