UCHome 中的common.php代码分析

001.<?php

003. [UCenter Home] (C) 2007-2008 Comsenz Inc.
004. $Id: common.php 13217 2009-9-25 ymaozi
005.*/
006.

007.@define('IN_UCHOME', TRUE); //定义IN_UCHOME
008.define('D_BUG', '0'); //定义错误等级
009.

010.D_BUG?error_reporting(7):error_reporting(0);
011.set_magic_quotes_runtime(0); //关闭自动转义功能
012.

013.$_SGLOBAL = $_SCONFIG = $_SBLOCK = $_TPL = $_SCOOKIE = $_SN = $space = array();
014.

015.//程序目录
016.define('S_ROOT', dirname(__FILE__).DIRECTORY_SEPARATOR); //定义程序的根目录
017.

018.//基本文件
019.include_once(S_ROOT.'./ver.php'); //导入uchome的一些版本信息
020.if(!@include_once(S_ROOT.'./config.php')) { //判断是否存在网站配置文件，不存在的话，安装网站
021. header("Location: install/index.php");//安装
022. exit();
023.}
024.include_once(S_ROOT.'./source/function_common.php'); //引入公共函数文件
025.

026.//时间
027.$mtime = explode(' ', microtime()); //将当前的时间，微秒与年/月/日时/分/秒 分隔开
028.$_SGLOBAL['timestamp'] = $mtime[1]; //取得当前的年/月/日 时/分/钞
029.$_SGLOBAL['supe_starttime'] = $_SGLOBAL['timestamp'] + $mtime[0]; //年/月/日时/分/钞 + 微秒
030.

031.//GPC过滤
032.$magic_quote = get_magic_quotes_gpc(); //是否开启了自动转义功能
033.if(empty($magic_quote)) { //如果没有开启则手动对提交的$_POST,$_GET进行转义
034. $_GET = saddslashes($_GET);
035. $_POST = saddslashes($_POST);
036.}
037.

038.//本站URL
039.if(empty($_SC['siteurl'])) $_SC['siteurl'] = getsiteurl();
040.

041.//链接数据库
042.dbconnect();
043.

044.//缓存文件
045.if(!@include_once(S_ROOT.'./data/data_config.php')) { //是否存在网站初始化信息的缓存
046. include_once(S_ROOT.'./source/function_cache.php'); //如果不存在，则引入处理缓存的文件
047. config_cache(); //创建缓存文件
048. include_once(S_ROOT.'./data/data_config.php'); //将缓存文件引入
049.}
050.foreach (array('app', 'userapp', 'ad', 'magic') as $value) {
051. @include_once(S_ROOT.'./data/data_'.$value.'.php'); //导入app,userapp,ad,magic配置文件
052.}
053.

054.//COOKIE
055.$prelength = strlen($_SC['cookiepre']); //获取COOKIE前缀长度
056.foreach($_COOKIE as $key => $val) {
057. if(substr($key, 0, $prelength) == $_SC['cookiepre']) {
058. $_SCOOKIE[(substr($key, $prelength))] = empty($magic_quote) ? saddslashes($val) : $val;
059. }
060.}
061.

062.//启用GIP
063.if ($_SC['gzipcompress'] &amp;amp;&amp;amp; function_exists('ob_gzhandler')) {
064. ob_start('ob_gzhandler');
065.} else {
066. ob_start();
067.}
068.

069.//初始化
070.$_SGLOBAL['supe_uid'] = 0;
071.$_SGLOBAL['supe_username'] = ''; //将用户的uid与username设置为空
072.$_SGLOBAL['inajax'] = empty($_GET['inajax'])?0:intval($_GET['inajax']); //是否采用ajax
073.$_SGLOBAL['mobile'] = empty($_GET['mobile'])?'':trim($_GET['mobile']); //获取$_GET提交的手机号
074.$_SGLOBAL['ajaxmenuid'] = empty($_GET['ajaxmenuid'])?'':$_GET['ajaxmenuid'];
075.$_SGLOBAL['refer'] = empty($_SERVER['HTTP_REFERER'])?'':$_SERVER['HTTP_REFERER']; //获取上一页面的url
076.if(empty($_GET['m_timestamp']) || $_SGLOBAL['mobile'] != md5($_GET['m_timestamp']."\t".$_SCONFIG['sitekey'])) $_SGLOBAL['mobile'] = '';
077.

078.//登录注册防灌水机
079.if(empty($_SCONFIG['login_action'])) $_SCONFIG['login_action'] = md5('login'.md5($_SCONFIG['sitekey']));
080.if(empty($_SCONFIG['register_action'])) $_SCONFIG['register_action'] = md5('register'.md5($_SCONFIG['sitekey']));
081.

082.//整站风格
083.if(empty($_SCONFIG['template'])) { //如果没有设置网站的风格则采用default中的
084. $_SCONFIG['template'] = 'default';
085.}
086.if($_SCOOKIE['mytemplate']) {
087. $_SCOOKIE['mytemplate'] = str_replace('.','',trim($_SCOOKIE['mytemplate']));
088. if(file_exists(S_ROOT.'./template/'.$_SCOOKIE['mytemplate'].'/style.css')) {
089. $_SCONFIG['template'] = $_SCOOKIE['mytemplate'];
090. } else {
091. ssetcookie('mytemplate', '', 365000);
092. }
093.}
094.

095.//url:http://u.codedesign.cn/space.php?do=home
096.//$_SERVER['REQUEST_URI']得到的:space.php?do=home
097.//$_SERVER['PHP_SELF'] 得到的:space.php
098.//$_SERVER['QUERY_STRING'] : do=home
099.//处理REQUEST_URI
100.if(!isset($_SERVER['REQUEST_URI'])) {
101. $_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'];
102. if(isset($_SERVER['QUERY_STRING'])) $_SERVER['REQUEST_URI'] .= '?'.$_SERVER['QUERY_STRING'];
103.}
104.if($_SERVER['REQUEST_URI']) {
105. $temp = urldecode($_SERVER['REQUEST_URI']);
106. if(strexists($temp, '<') || strexists($temp, '"')) {
107. $_GET = shtmlspecialchars($_GET);//XSS
108. }
109.}
110.

111.//判断用户登录状态
112.checkauth(); //判断是否登录
113.$_SGLOBAL['uhash'] = md5($_SGLOBAL['supe_uid']."\t".substr($_SGLOBAL['timestamp'], 0, 6)); //将用户的uid与当前时间的前六位进行md5加密
114.

115.//用户菜单
116.getuserapp();
117.

118.//处理UC应用
119.$_SCONFIG['uc_status'] = 0;
120.$_SGLOBAL['appmenus'] = $_SGLOBAL['appmenu'] = array();
121.if($_SGLOBAL['app']) {
122. foreach ($_SGLOBAL['app'] as $appid => $value) {
123. if(UC_APPID != $appid) {
124. $_SCONFIG['uc_status'] = 1;
125. }
126. if($value['open']) {
127. if(empty($_SGLOBAL['appmenu'])) {
128. $_SGLOBAL['appmenu'] = $value;
129. } else {
130. $_SGLOBAL['appmenus'][] = $value;
131. }
132. }
133. }
134.}
135.

136.?>