UCHome中关于公共函数(function_common.php)页面的代码分析(一)

01. <?php
02. /*
03.     [UCenter Home] (C) 2007-2008 Comsenz Inc.
04.     $Id: function_common.php 2009-10-20 21:12:00
05.     @author ymaozi
06.     @copyright http://www.codedesign.cn/
07.     @uchome源码交流QQ群:83400263
08. */
09.   
10. if(!defined('IN_UCHOME')) {
11.     exit('Access Denied');
12. }
13. /**
14.  * SQL ADDSLASHES 对sql的一些字符进行转义
15.  * @param string or array $string
16.  * @return string or array
17.  */
18. function saddslashes($string) {
19.     if(is_array($string)) { //如果转入的是数组则对数组中的value进行递归转义
20.         foreach($string as $key => $val) {
21.             $string[$key] = saddslashes($val);
22.         }
23.     } else {
24.         $string = addslashes($string); //对单引号(')、双引号(")、反斜线(\)与 NUL(NULL 字符),进行转义
25.     }
26.     return $string;
27. }
28.   
29. /**
30.  * 取消HTML代码
31.  * @param string or array $string
32.  * @return string or array
33.  */
34. function shtmlspecialchars($string) {
35.     if(is_array($string)) {
36.         foreach($string as $key => $val) {
37.             $string[$key] = shtmlspecialchars($val);
38.         }
39.     } else {
40.         $string = preg_replace('/&((#(\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1',
41.             str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string));//将传入的html中的&,",<,>,进行替换
42.     }
43.     return $string;
44. }

001. /**
002.  * 清空cookie与一些判断用户登录的信息
003.  */
004. function clearcookie() {
005.     global $_SGLOBAL;
006.   
007.     obclean(); //清除缓存
008.     ssetcookie('auth', '', -86400 * 365); //设置cookie名为auth的过期
009.     $_SGLOBAL['supe_uid'] = 0;
010.     $_SGLOBAL['supe_username'] = '';
011.     $_SGLOBAL['member'] = array(); //将这些全局变量清空
012. }
013.   
014. //cookie设置
015. /**
016.  * 设置cookie
017.  * @param   string  cookie名
018.  * @param   string  cookie值
019.  * @param   int     cookie存储时间
020.  * @return void
021.  */
022. function ssetcookie($var, $value, $life=0) {
023.     global $_SGLOBAL, $_SC, $_SERVER;
024.     setcookie($_SC['cookiepre'].$var, $value, $life?($_SGLOBAL['timestamp']+$life):0, $_SC['cookiepath'], $_SC['cookiedomain'], $_SERVER['SERVER_PORT']==443?1:0);
025. }
026.   
027. //
028. /**
029.  * 创建数据库连接对象
030.  */
031. function dbconnect() {
032.     global $_SGLOBAL, $_SC;
033.   
034.     include_once(S_ROOT.'./source/class_mysql.php'); //引入数据库操作类
035.   
036.     if(empty($_SGLOBAL['db'])) { //如果没有创建数据库对象,则创建
037.         $_SGLOBAL['db'] = new dbstuff;
038.         $_SGLOBAL['db']->charset = $_SC['dbcharset'];
039.         $_SGLOBAL['db']->connect($_SC['dbhost'], $_SC['dbuser'], $_SC['dbpw'], $_SC['dbname'], $_SC['pconnect']);
040.     }
041. }
042.   
043. //获取在线IP
044. function getonlineip($format=0) {
045.     global $_SGLOBAL;
046.   
047.     if(empty($_SGLOBAL['onlineip'])) {
048.         if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
049.             //如果存在客户端ip,并通过strcasecmp(),比较不等于unknown,则获取客户端ip
050.                         $onlineip = getenv('HTTP_CLIENT_IP');
051.         } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
052.             //如果存在代理ip,则获取代理ip
053.                         $onlineip = getenv('HTTP_X_FORWARDED_FOR');
054.         } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
055.             //代理服务器 IP
056.                         $onlineip = getenv('REMOTE_ADDR');
057.         } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
058.             $onlineip = $_SERVER['REMOTE_ADDR'];
059.         }
060.         preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches);
061.                 //通过正则检验,是否是ip地址的格式
062.         $_SGLOBAL['onlineip'] = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
063.     }
064.     if($format) {
065.         $ips = explode('.', $_SGLOBAL['onlineip']); //将ip地址,以.为分隔存入到数组
066.         for($i=0;$i<3;$i++) {
067.             $ips[$i] = intval($ips[$i]);
068.         }
069.         return sprintf('%03d%03d%13d', $ips[0], $ips[1], $ips[2]);//返回ip地十的前三段,03d:三位整数,如果不足刚以0填充
070.     } else {
071.         return $_SGLOBAL['onlineip'];
072.     }
073. }
074.   
075. //
076. /**
077.  * 判断当前用户登录状态
078.  */
079. function checkauth() {
080.     global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;
081.   
082.     if($_SGLOBAL['mobile'] && $_GET['m_auth']) $_SCOOKIE['auth'] = $_GET['m_auth'];
083.     if($_SCOOKIE['auth']) { //如果设置了名了auth的cookie
084.         @list($password, $uid) = explode("\t", authcode($_SCOOKIE['auth'], 'DECODE')); //通过authcode()函数将加密过的auth进行解密,将解密的信息分别存在$password与$uid中
085.         $_SGLOBAL['supe_uid'] = intval($uid); //将$uid设置给全局的supe_uid
086.         if($password && $_SGLOBAL['supe_uid']) { //如果密码与uid都存在,则判断用户信息的正确性
087.             $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('session')." WHERE uid='$_SGLOBAL[supe_uid]'");
088.             if($member = $_SGLOBAL['db']->fetch_array($query)) {
089.                 if($member['password'] == $password) {
090.                     $_SGLOBAL['supe_username'] = addslashes($member['username']);
091.                     $_SGLOBAL['session'] = $member;
092.                 } else {
093.                     $_SGLOBAL['supe_uid'] = 0;
094.                 }
095.             } else {//如果用户表中不存在该用户,则到用户表中查找
096.                 $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('member')." WHERE uid='$_SGLOBAL[supe_uid]'");
097.                 if($member = $_SGLOBAL['db']->fetch_array($query)) {
098.                     if($member['password'] == $password) {
099.                         $_SGLOBAL['supe_username'] = addslashes($member['username']);
100.                         $session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);
101.                         include_once(S_ROOT.'./source/function_space.php');
102.                         insertsession($session);//将信息插入到session表中
103.                     } else {
104.                         $_SGLOBAL['supe_uid'] = 0;
105.                     }
106.                 } else {
107.                     $_SGLOBAL['supe_uid'] = 0;
108.                 }
109.             }
110.         }
111.     }
112.     if(empty($_SGLOBAL['supe_uid'])) {
113.                 //如果supe_uid为空,则清除cookie
114.         clearcookie();
115.     } else {
116.         $_SGLOBAL['username'] = $member['username'];
117.     }
118. }

你可能感兴趣的:(function)