<?php
002.
/*
003.
[UCenter Home] (C) 2007-2008 Comsenz Inc.
005.
*/
006.
007.
@define(
'IN_UCHOME'
, TRUE);
//定义IN_UCHOME
008.
define(
'D_BUG'
,
'0'
);
//定义错误等级
009.
010.
D_BUG?
error_reporting
(7):
error_reporting
(0);
011.
set_magic_quotes_runtime(0);
//关闭自动转义功能
012.
013.
$_SGLOBAL
=
$_SCONFIG
=
$_SBLOCK
=
$_TPL
=
$_SCOOKIE
=
$_SN
=
$space
=
array
();
014.
015.
//程序目录
016.
define(
'S_ROOT'
, dirname(
__FILE__
).DIRECTORY_SEPARATOR);
//定义程序的根目录
017.
018.
//基本文件
019.
include_once
(S_ROOT.
'./ver.php'
);
//导入uchome的一些版本信息
020.
if
(!@
include_once
(S_ROOT.
'./config.php'
)) {
//判断是否存在网站配置文件,不存在的话,安装网站
021.
header(
"Location: install/index.php"
);
//安装
022.
exit
();
023.
}
024.
include_once
(S_ROOT.
'./source/function_common.php'
);
//引入公共函数文件
025.
026.
//时间
027.
$mtime
=
explode
(
' '
, microtime());
//将当前的时间,微秒与年/月/日 时/分/秒 分隔开
028.
$_SGLOBAL
[
'timestamp'
] =
$mtime
[1];
//取得当前的年/月/日 时/分/钞
029.
$_SGLOBAL
[
'supe_starttime'
] =
$_SGLOBAL
[
'timestamp'
] +
$mtime
[0];
//年/月/日 时/分/钞 + 微秒
030.
031.
//GPC过滤
032.
$magic_quote
= get_magic_quotes_gpc();
//是否开启了自动转义功能
033.
if
(
empty
(
$magic_quote
)) {
//如果没有开启则手动对提交的$_POST,$_GET进行转义
034.
$_GET
= saddslashes(
$_GET
);
035.
$_POST
= saddslashes(
$_POST
);
036.
}
037.
038.
//本站URL
039.
if
(
empty
(
$_SC
[
'siteurl'
]))
$_SC
[
'siteurl'
] = getsiteurl();
040.
041.
//链接数据库
042.
dbconnect();
043.
044.
//缓存文件
045.
if
(!@
include_once
(S_ROOT.
'./data/data_config.php'
)) {
//是否存在网站初始化信息的缓存
046.
include_once
(S_ROOT.
'./source/function_cache.php'
);
//如果不存在,则引入处理缓存的文件
047.
config_cache();
//创建缓存文件
048.
include_once
(S_ROOT.
'./data/data_config.php'
);
//将缓存文件引入
049.
}
050.
foreach
(
array
(
'app'
,
'userapp'
,
'ad'
,
'magic'
)
as
$value
) {
051.
@
include_once
(S_ROOT.
'./data/data_'
.
$value
.
'.php'
);
//导入app,userapp,ad,magic配置文件
052.
}
053.
054.
//COOKIE
055.
$prelength
=
strlen
(
$_SC
[
'cookiepre'
]);
//获取COOKIE前缀长度
056.
foreach
(
$_COOKIE
as
$key
=>
$val
) {
057.
if
(
substr
(
$key
, 0,
$prelength
) ==
$_SC
[
'cookiepre'
]) {
058.
$_SCOOKIE
[(
substr
(
$key
,
$prelength
))] =
empty
(
$magic_quote
) ? saddslashes(
$val
) :
$val
;
059.
}
060.
}
061.
062.
//启用GIP
063.
if
(
$_SC
[
'gzipcompress'
] &amp;&amp; function_exists(
'ob_gzhandler'
)) {
064.
ob_start(
'ob_gzhandler'
);
065.
}
else
{
066.
ob_start();
067.
}
068.
069.
//初始化
070.
$_SGLOBAL
[
'supe_uid'
] = 0;
071.
$_SGLOBAL
[
'supe_username'
] =
''
;
//将用户的uid与username设置为空
072.
$_SGLOBAL
[
'inajax'
] =
empty
(
$_GET
[
'inajax'
])?0:
intval
(
$_GET
[
'inajax'
]);
//是否采用ajax
073.
$_SGLOBAL
[
'mobile'
] =
empty
(
$_GET
[
'mobile'
])?
''
:trim(
$_GET
[
'mobile'
]);
//获取$_GET提交的手机号
074.
$_SGLOBAL
[
'ajaxmenuid'
] =
empty
(
$_GET
[
'ajaxmenuid'
])?
''
:
$_GET
[
'ajaxmenuid'
];
075.
$_SGLOBAL
[
'refer'
] =
empty
(
$_SERVER
[
'HTTP_REFERER'
])?
''
:
$_SERVER
[
'HTTP_REFERER'
];
//获取上一页面的url
076.
if
(
empty
(
$_GET
[
'm_timestamp'
]) ||
$_SGLOBAL
[
'mobile'
] != md5(
$_GET
[
'm_timestamp'
].
"\t"
.
$_SCONFIG
[
'sitekey'
]))
$_SGLOBAL
[
'mobile'
] =
''
;
077.
078.
//登录注册防灌水机
079.
if
(
empty
(
$_SCONFIG
[
'login_action'
]))
$_SCONFIG
[
'login_action'
] = md5(
'login'
.md5(
$_SCONFIG
[
'sitekey'
]));
080.
if
(
empty
(
$_SCONFIG
[
'register_action'
]))
$_SCONFIG
[
'register_action'
] = md5(
'register'
.md5(
$_SCONFIG
[
'sitekey'
]));
081.
082.
//整站风格
083.
if
(
empty
(
$_SCONFIG
[
'template'
])) {
//如果没有设置网站的风格则采用default中的
084.
$_SCONFIG
[
'template'
] =
'default'
;
085.
}
086.
if
(
$_SCOOKIE
[
'mytemplate'
]) {
087.
$_SCOOKIE
[
'mytemplate'
] =
str_replace
(
'.'
,
''
,trim(
$_SCOOKIE
[
'mytemplate'
]));
088.
if
(
file_exists
(S_ROOT.
'./template/'
.
$_SCOOKIE
[
'mytemplate'
].
'/style.css'
)) {
089.
$_SCONFIG
[
'template'
] =
$_SCOOKIE
[
'mytemplate'
];
090.
}
else
{
091.
ssetcookie(
'mytemplate'
,
''
, 365000);
092.
}
093.
}
094.
096.
//$_SERVER['REQUEST_URI']得到的:space.php?do=home
097.
//$_SERVER['PHP_SELF'] 得到的:space.php
098.
//$_SERVER['QUERY_STRING'] : do=home
099.
//处理REQUEST_URI
100.
if
(!isset(
$_SERVER
[
'REQUEST_URI'
])) {
101.
$_SERVER
[
'REQUEST_URI'
] =
$_SERVER
[
'PHP_SELF'
];
102.
if
(isset(
$_SERVER
[
'QUERY_STRING'
]))
$_SERVER
[
'REQUEST_URI'
] .=
'?'
.
$_SERVER
[
'QUERY_STRING'
];
103.
}
104.
if
(
$_SERVER
[
'REQUEST_URI'
]) {
105.
$temp
= urldecode(
$_SERVER
[
'REQUEST_URI'
]);
106.
if
(strexists(
$temp
,
'<'
) || strexists(
$temp
,
'"'
)) {
107.
$_GET
= shtmlspecialchars(
$_GET
);
//XSS
108.
}
109.
}
110.
111.
//判断用户登录状态
112.
checkauth();
//判断是否登录
113.
$_SGLOBAL
[
'uhash'
] = md5(
$_SGLOBAL
[
'supe_uid'
].
"\t"
.
substr
(
$_SGLOBAL
[
'timestamp'
], 0, 6));
//将用户的uid与当前时间的前六位进行md5加密
114.
115.
//用户菜单
116.
getuserapp();
117.
118.
//处理UC应用
119.
$_SCONFIG
[
'uc_status'
] = 0;
120.
$_SGLOBAL
[
'appmenus'
] =
$_SGLOBAL
[
'appmenu'
] =
array
();
121.
if
(
$_SGLOBAL
[
'app'
]) {
122.
foreach
(
$_SGLOBAL
[
'app'
]
as
$appid
=>
$value
) {
123.
if
(UC_APPID !=
$appid
) {
124.
$_SCONFIG
[
'uc_status'
] = 1;
125.
}
126.
if
(
$value
[
'open'
]) {
127.
if
(
empty
(
$_SGLOBAL
[
'appmenu'
])) {
128.
$_SGLOBAL
[
'appmenu'
] =
$value
;
129.
}
else
{
130.
$_SGLOBAL
[
'appmenus'
][] =
$value
;
131.
}
132.
}
133.
}
134.
}
135.
136.
?>