discuz代码分析logging.php
<?
php
// 定义操作页面
define ( ' CURscrīpt ' , ' logging ' );
// 包含公共文件
require_once ' ./include/common.inc.php ' ;
// 包含misc函数文件
require_once DISCUZ_ROOT . ' ./include/misc.func.php ' ;
// 判断动作
//注销
if ( $action == ' logout ' && ! empty ( $formhash ) && $formhash == FORMHASH) {
// 清除cookies
clearcookies();
// 重置用户状态为游客
$groupid = 7 ;
$discuz_uid = 0 ;
// 清除用户名密码
$discuz_user = $discuz_pw = '' ;
// 重置页面样式
$styleid = $_DCACHE [ ' settings ' ][ ' styleid ' ];
// 显示注销成功页面
showmessage( ' logout_succeed ' , dreferer());
}
// 登陆
elseif ( $action == ' login ' ) {
// 判断用户是否为游客
if ( $discuz_uid ) {
// 显示登陆成功页面
showmessage( ' login_succeed ' , $indexname );
}
// 登陆用户名的字段名
$field = isset ( $loginfield ) && $loginfield == ' uid ' ? ' uid ' : ' username ' ;
// 验证码检查
//get secure code checking status (pos. -2)
$seccodecheck = substr ( sprintf ( ' %05b ' , $seccodestatus ) , - 2 , 1 );
// 判断是否为提交登陆
if ( ! submitcheck( ' loginsubmit ' , 1 , $seccodecheck )) {
// 显示登陆页面
$discuz_action = 6 ;
$referer = dreferer();
$thetimenow = ' (GMT ' . ( $timeoffset > 0 ? ' + ' : '' ) . $timeoffset . ' ) ' .
gmdate ( " $dateformat $timeformat " , $timestamp + $timeoffset * 3600 ) .
$styleselect = '' ;
$query = $db -> query( " SELECT styleid, name FROM { $tablepre }styles WHERE available='1' " );
while ( $styleinfo = $db -> fetch_array( $query )) {
$styleselect .= " <option value=\ " $styleinfo [styleid]\ " > $styleinfo [name]</option>\n " ;
}
$_DCOOKIE [ ' cookietime ' ] = isset ( $_DCOOKIE [ ' cookietime ' ]) ? $_DCOOKIE [ ' cookietime ' ] : 2592000 ;
$cookietimecheck = array (( isset ( $_DCOOKIE [ ' cookietime ' ]) ? intval ( $_DCOOKIE [ ' cookietime ' ]) : 2592000 ) => ' checked ' );
if ( $seccodecheck ) {
$seccode = random( 4 , 1 );
}
include template( ' login ' );
} else {
// 处理登陆
//用户信息置空
$discuz_uid = 0 ;
$discuz_user = $discuz_pw = $discuz_secques = $md5_password = '' ;
$member = array ();
// 判断是否被限制登陆,返回0,1,2,3。声明在misc.func.php
$loginperm = logincheck();
if ( ! $loginperm ) {
// 显示限制登陆
showmessage( ' login_strike ' );
}
// 安全提问处理,返回一串字符或空。声明在global.func.php
$secques = quescrypt( $questionid , $answer );
// 判断是否安全提问页面登陆
if ( isset ( $loginauth )) {
$field = ' username ' ;
$password = ' VERIFIED ' ;
list ( $username , $md5_password ) = explode ( " \t " , authcode( $loginauth , ' DECODE ' ));
} else {
$md5_password = md5 ( $password );
$password = preg_replace ( " /^(.{ " . round ( strlen ( $password ) / 4 ) . " })(.+?)(.{ " . round ( strlen ( $password ) / 6 ) . " })$/s " , " \\1***\\3 " , $password );
}
// 查询数据表members,usergroups
$query = $db -> query( " SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
m.adminid, m.groupid, m.styleid AS styleidmem, m.lastvisit, m.lastpost, u.allowinvisible
FROM { $tablepre }members m LEFT JOIN { $tablepre }usergroups u USING (groupid)
WHERE m. $field =' $username ' " );
// 取出用户认证信息包括UID,用户名,密码,安全提问,管理权限,用户组ID,页面风格,上次访问,最后发帖,是否允许隐身
$member = $db -> fetch_array( $query );
// 验证登陆
if ( $member [ ' discuz_uid ' ] && $member [ ' discuz_pw ' ] == $md5_password ) {
// 验证安全提问
if ( $member [ ' discuz_secques ' ] == $secques ) {
// 安全提问匹配
//从数组中将变量导入到当前的符号表
extract ( $member );
// 处理用户名
$discuz_userss = $discuz_user ;
$discuz_user = addslashes ( $discuz_user );
// 判断隐身模式
if (( $allowinvisible && $loginmode == ' invisible ' ) || $loginmode == ' normal ' ) {
// 更新members表用户现在的模式:隐身或普通
$db -> query( " UPDATE { $tablepre }members SET invisible=' " . ( $loginmode == ' invisible ' ? 1 : 0 ) . " ' WHERE uid=' $member [discuz_uid]' " , ' UNBUFFERED ' );
}
$styleid = intval ( empty ( $_POST [ ' styleid ' ]) ? ( $styleidmem ? $styleidmem :
$_DCACHE [ ' settings ' ][ ' styleid ' ]) : $_POST [ ' styleid ' ]);
$cookietime = intval ( isset ( $_POST [ ' cookietime ' ]) ? $_POST [ ' cookietime ' ] :
( $_DCOOKIE [ ' cookietime ' ] ? $_DCOOKIE [ ' cookietime ' ] : 0 ));
// 写cookie
dsetcookie( ' cookietime ' , $cookietime , 31536000 );
dsetcookie( ' auth ' , authcode( " $discuz_pw \t $discuz_secques \t $discuz_uid " , ' ENCODE ' ) , $cookietime );
$sessionexists = 0 ;
// 判断是否为等待验证会员
if ( $groupid == 8 ) {
showmessage( ' login_succeed_inactive_member ' , ' memcp.php ' );
} else {
showmessage( ' login_succeed ' , dreferer());
}
} elseif ( empty ( $secques )) {
// 安全提问不匹配且安全提问不为空
$username = dhtmlspecialchars( $member [ ' discuz_user ' ]);
$loginmode = dhtmlspecialchars( $loginmode );
$styleid = intval ( $styleid );
$cookietime = intval ( $cookietime );
// 加密已接受的用户名和密码
$loginauth = authcode( addslashes ( $member [ ' discuz_user ' ]) . " \t " . addslashes ( $member [ ' discuz_pw ' ]) , ' ENCODE ' );
// 显示回答安全提问
include template( ' login_secques ' );
dexit();
}
}
// 生成密码错误日志记录
$errorlog = " <?PHP exit('Access Denied'); ?>\t " . $timestamp . " \t " .
dhtmlspecialchars( $member [ ' discuz_user ' ] ? $member [ ' discuz_user ' ] : stripslashes ( $username )) . " \t " .
$password . " \t " .
( $secques ? " Ques # " . dhtmlspecialchars( $questionid ) : '' ) . " \t " .
$onlineip . " \n " ;
loginfailed( $loginperm );
// 日志记录加入日志文件
@ $fp = fopen (DISCUZ_ROOT . ' ./forumdata/illegallog.php ' , ' a ' );
@ flock ( $fp , 2 );
@ fwrite ( $fp , $errorlog );
@ fclose ( $fp );
// 显示登陆出错页面
showmessage( ' login_invalid ' , NULL , ' HALTED ' );
}
}
else {
showmessage( ' undefined_action ' );
}
?>
// 定义操作页面
define ( ' CURscrīpt ' , ' logging ' );
// 包含公共文件
require_once ' ./include/common.inc.php ' ;
// 包含misc函数文件
require_once DISCUZ_ROOT . ' ./include/misc.func.php ' ;
// 判断动作
//注销
if ( $action == ' logout ' && ! empty ( $formhash ) && $formhash == FORMHASH) {
// 清除cookies
clearcookies();
// 重置用户状态为游客
$groupid = 7 ;
$discuz_uid = 0 ;
// 清除用户名密码
$discuz_user = $discuz_pw = '' ;
// 重置页面样式
$styleid = $_DCACHE [ ' settings ' ][ ' styleid ' ];
// 显示注销成功页面
showmessage( ' logout_succeed ' , dreferer());
}
// 登陆
elseif ( $action == ' login ' ) {
// 判断用户是否为游客
if ( $discuz_uid ) {
// 显示登陆成功页面
showmessage( ' login_succeed ' , $indexname );
}
// 登陆用户名的字段名
$field = isset ( $loginfield ) && $loginfield == ' uid ' ? ' uid ' : ' username ' ;
// 验证码检查
//get secure code checking status (pos. -2)
$seccodecheck = substr ( sprintf ( ' %05b ' , $seccodestatus ) , - 2 , 1 );
// 判断是否为提交登陆
if ( ! submitcheck( ' loginsubmit ' , 1 , $seccodecheck )) {
// 显示登陆页面
$discuz_action = 6 ;
$referer = dreferer();
$thetimenow = ' (GMT ' . ( $timeoffset > 0 ? ' + ' : '' ) . $timeoffset . ' ) ' .
gmdate ( " $dateformat $timeformat " , $timestamp + $timeoffset * 3600 ) .
$styleselect = '' ;
$query = $db -> query( " SELECT styleid, name FROM { $tablepre }styles WHERE available='1' " );
while ( $styleinfo = $db -> fetch_array( $query )) {
$styleselect .= " <option value=\ " $styleinfo [styleid]\ " > $styleinfo [name]</option>\n " ;
}
$_DCOOKIE [ ' cookietime ' ] = isset ( $_DCOOKIE [ ' cookietime ' ]) ? $_DCOOKIE [ ' cookietime ' ] : 2592000 ;
$cookietimecheck = array (( isset ( $_DCOOKIE [ ' cookietime ' ]) ? intval ( $_DCOOKIE [ ' cookietime ' ]) : 2592000 ) => ' checked ' );
if ( $seccodecheck ) {
$seccode = random( 4 , 1 );
}
include template( ' login ' );
} else {
// 处理登陆
//用户信息置空
$discuz_uid = 0 ;
$discuz_user = $discuz_pw = $discuz_secques = $md5_password = '' ;
$member = array ();
// 判断是否被限制登陆,返回0,1,2,3。声明在misc.func.php
$loginperm = logincheck();
if ( ! $loginperm ) {
// 显示限制登陆
showmessage( ' login_strike ' );
}
// 安全提问处理,返回一串字符或空。声明在global.func.php
$secques = quescrypt( $questionid , $answer );
// 判断是否安全提问页面登陆
if ( isset ( $loginauth )) {
$field = ' username ' ;
$password = ' VERIFIED ' ;
list ( $username , $md5_password ) = explode ( " \t " , authcode( $loginauth , ' DECODE ' ));
} else {
$md5_password = md5 ( $password );
$password = preg_replace ( " /^(.{ " . round ( strlen ( $password ) / 4 ) . " })(.+?)(.{ " . round ( strlen ( $password ) / 6 ) . " })$/s " , " \\1***\\3 " , $password );
}
// 查询数据表members,usergroups
$query = $db -> query( " SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,
m.adminid, m.groupid, m.styleid AS styleidmem, m.lastvisit, m.lastpost, u.allowinvisible
FROM { $tablepre }members m LEFT JOIN { $tablepre }usergroups u USING (groupid)
WHERE m. $field =' $username ' " );
// 取出用户认证信息包括UID,用户名,密码,安全提问,管理权限,用户组ID,页面风格,上次访问,最后发帖,是否允许隐身
$member = $db -> fetch_array( $query );
// 验证登陆
if ( $member [ ' discuz_uid ' ] && $member [ ' discuz_pw ' ] == $md5_password ) {
// 验证安全提问
if ( $member [ ' discuz_secques ' ] == $secques ) {
// 安全提问匹配
//从数组中将变量导入到当前的符号表
extract ( $member );
// 处理用户名
$discuz_userss = $discuz_user ;
$discuz_user = addslashes ( $discuz_user );
// 判断隐身模式
if (( $allowinvisible && $loginmode == ' invisible ' ) || $loginmode == ' normal ' ) {
// 更新members表用户现在的模式:隐身或普通
$db -> query( " UPDATE { $tablepre }members SET invisible=' " . ( $loginmode == ' invisible ' ? 1 : 0 ) . " ' WHERE uid=' $member [discuz_uid]' " , ' UNBUFFERED ' );
}
$styleid = intval ( empty ( $_POST [ ' styleid ' ]) ? ( $styleidmem ? $styleidmem :
$_DCACHE [ ' settings ' ][ ' styleid ' ]) : $_POST [ ' styleid ' ]);
$cookietime = intval ( isset ( $_POST [ ' cookietime ' ]) ? $_POST [ ' cookietime ' ] :
( $_DCOOKIE [ ' cookietime ' ] ? $_DCOOKIE [ ' cookietime ' ] : 0 ));
// 写cookie
dsetcookie( ' cookietime ' , $cookietime , 31536000 );
dsetcookie( ' auth ' , authcode( " $discuz_pw \t $discuz_secques \t $discuz_uid " , ' ENCODE ' ) , $cookietime );
$sessionexists = 0 ;
// 判断是否为等待验证会员
if ( $groupid == 8 ) {
showmessage( ' login_succeed_inactive_member ' , ' memcp.php ' );
} else {
showmessage( ' login_succeed ' , dreferer());
}
} elseif ( empty ( $secques )) {
// 安全提问不匹配且安全提问不为空
$username = dhtmlspecialchars( $member [ ' discuz_user ' ]);
$loginmode = dhtmlspecialchars( $loginmode );
$styleid = intval ( $styleid );
$cookietime = intval ( $cookietime );
// 加密已接受的用户名和密码
$loginauth = authcode( addslashes ( $member [ ' discuz_user ' ]) . " \t " . addslashes ( $member [ ' discuz_pw ' ]) , ' ENCODE ' );
// 显示回答安全提问
include template( ' login_secques ' );
dexit();
}
}
// 生成密码错误日志记录
$errorlog = " <?PHP exit('Access Denied'); ?>\t " . $timestamp . " \t " .
dhtmlspecialchars( $member [ ' discuz_user ' ] ? $member [ ' discuz_user ' ] : stripslashes ( $username )) . " \t " .
$password . " \t " .
( $secques ? " Ques # " . dhtmlspecialchars( $questionid ) : '' ) . " \t " .
$onlineip . " \n " ;
loginfailed( $loginperm );
// 日志记录加入日志文件
@ $fp = fopen (DISCUZ_ROOT . ' ./forumdata/illegallog.php ' , ' a ' );
@ flock ( $fp , 2 );
@ fwrite ( $fp , $errorlog );
@ fclose ( $fp );
// 显示登陆出错页面
showmessage( ' login_invalid ' , NULL , ' HALTED ' );
}
}
else {
showmessage( ' undefined_action ' );
}
?>