UCHome中关于公共函数(function_common.php)页面的代码分析(一)
01.
<?php
02.
/*
03.
[UCenter Home] (C) 2007-2008 Comsenz Inc.
04.
$Id: function_common.php 2009-10-20 21:12:00
05.
@author ymaozi
06.
@copyright http://www.codedesign.cn/
07.
@uchome源码交流QQ群:83400263
08.
*/
09.
10.
if(!defined('IN_UCHOME')) {
11.
exit('Access Denied');
12.
}
13.
/**
14.
* SQL ADDSLASHES 对sql的一些字符进行转义
15.
* @param string or array $string
16.
* @return string or array
17.
*/
18.
function saddslashes($string) {
19.
if(is_array($string)) { //如果转入的是数组则对数组中的value进行递归转义
20.
foreach($string as $key => $val) {
21.
$string[$key] = saddslashes($val);
22.
}
23.
} else {
24.
$string = addslashes($string); //对单引号(')、双引号(")、反斜线(\)与 NUL(NULL 字符),进行转义
25.
}
26.
return $string;
27.
}
28.
29.
/**
30.
* 取消HTML代码
31.
* @param string or array $string
32.
* @return string or array
33.
*/
34.
function shtmlspecialchars($string) {
35.
if(is_array($string)) {
36.
foreach($string as $key => $val) {
37.
$string[$key] = shtmlspecialchars($val);
38.
}
39.
} else {
40.
$string = preg_replace('/&((#(\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1',
41.
str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string));//将传入的html中的&,",<,>,进行替换
42.
}
43.
return $string;
44.
}
001.
/**
002.
* 清空cookie与一些判断用户登录的信息
003.
*/
004.
function clearcookie() {
005.
global $_SGLOBAL;
006.
007.
obclean(); //清除缓存
008.
ssetcookie('auth', '', -86400 * 365); //设置cookie名为auth的过期
009.
$_SGLOBAL['supe_uid'] = 0;
010.
$_SGLOBAL['supe_username'] = '';
011.
$_SGLOBAL['member'] = array(); //将这些全局变量清空
012.
}
013.
014.
//cookie设置
015.
/**
016.
* 设置cookie
017.
* @param string cookie名
018.
* @param string cookie值
019.
* @param int cookie存储时间
020.
* @return void
021.
*/
022.
function ssetcookie($var, $value, $life=0) {
023.
global $_SGLOBAL, $_SC, $_SERVER;
024.
setcookie($_SC['cookiepre'].$var, $value, $life?($_SGLOBAL['timestamp']+$life):0, $_SC['cookiepath'], $_SC['cookiedomain'], $_SERVER['SERVER_PORT']==443?1:0);
025.
}
026.
027.
//
028.
/**
029.
* 创建数据库连接对象
030.
*/
031.
function dbconnect() {
032.
global $_SGLOBAL, $_SC;
033.
034.
include_once(S_ROOT.'./source/class_mysql.php'); //引入数据库操作类
035.
036.
if(empty($_SGLOBAL['db'])) { //如果没有创建数据库对象,则创建
037.
$_SGLOBAL['db'] = new dbstuff;
038.
$_SGLOBAL['db']->charset = $_SC['dbcharset'];
039.
$_SGLOBAL['db']->connect($_SC['dbhost'], $_SC['dbuser'], $_SC['dbpw'], $_SC['dbname'], $_SC['pconnect']);
040.
}
041.
}
042.
043.
//获取在线IP
044.
function getonlineip($format=0) {
045.
global $_SGLOBAL;
046.
047.
if(empty($_SGLOBAL['onlineip'])) {
048.
if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
049.
//如果存在客户端ip,并通过strcasecmp(),比较不等于unknown,则获取客户端ip
050.
$onlineip = getenv('HTTP_CLIENT_IP');
051.
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
052.
//如果存在代理ip,则获取代理ip
053.
$onlineip = getenv('HTTP_X_FORWARDED_FOR');
054.
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
055.
//代理服务器 IP
056.
$onlineip = getenv('REMOTE_ADDR');
057.
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
058.
$onlineip = $_SERVER['REMOTE_ADDR'];
059.
}
060.
preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches);
061.
//通过正则检验,是否是ip地址的格式
062.
$_SGLOBAL['onlineip'] = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
063.
}
064.
if($format) {
065.
$ips = explode('.', $_SGLOBAL['onlineip']); //将ip地址,以.为分隔存入到数组
066.
for($i=0;$i<3;$i++) {
067.
$ips[$i] = intval($ips[$i]);
068.
}
069.
return sprintf('%03d%03d%13d', $ips[0], $ips[1], $ips[2]);//返回ip地十的前三段,03d:三位整数,如果不足刚以0填充
070.
} else {
071.
return $_SGLOBAL['onlineip'];
072.
}
073.
}
074.
075.
//
076.
/**
077.
* 判断当前用户登录状态
078.
*/
079.
function checkauth() {
080.
global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;
081.
082.
if($_SGLOBAL['mobile'] && $_GET['m_auth']) $_SCOOKIE['auth'] = $_GET['m_auth'];
083.
if($_SCOOKIE['auth']) { //如果设置了名了auth的cookie
084.
@list($password, $uid) = explode("\t", authcode($_SCOOKIE['auth'], 'DECODE')); //通过authcode()函数将加密过的auth进行解密,将解密的信息分别存在$password与$uid中
085.
$_SGLOBAL['supe_uid'] = intval($uid); //将$uid设置给全局的supe_uid
086.
if($password && $_SGLOBAL['supe_uid']) { //如果密码与uid都存在,则判断用户信息的正确性
087.
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('session')." WHERE uid='$_SGLOBAL[supe_uid]'");
088.
if($member = $_SGLOBAL['db']->fetch_array($query)) {
089.
if($member['password'] == $password) {
090.
$_SGLOBAL['supe_username'] = addslashes($member['username']);
091.
$_SGLOBAL['session'] = $member;
092.
} else {
093.
$_SGLOBAL['supe_uid'] = 0;
094.
}
095.
} else {//如果用户表中不存在该用户,则到用户表中查找
096.
$query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('member')." WHERE uid='$_SGLOBAL[supe_uid]'");
097.
if($member = $_SGLOBAL['db']->fetch_array($query)) {
098.
if($member['password'] == $password) {
099.
$_SGLOBAL['supe_username'] = addslashes($member['username']);
100.
$session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);
101.
include_once(S_ROOT.'./source/function_space.php');
102.
insertsession($session);//将信息插入到session表中
103.
} else {
104.
$_SGLOBAL['supe_uid'] = 0;
105.
}
106.
} else {
107.
$_SGLOBAL['supe_uid'] = 0;
108.
}
109.
}
110.
}
111.
}
112.
if(empty($_SGLOBAL['supe_uid'])) {
113.
//如果supe_uid为空,则清除cookie
114.
clearcookie();
115.
} else {
116.
$_SGLOBAL['username'] = $member['username'];
117.
}
118.
}