UCHome中关于公共函数(function_common.php)页面的代码分析(一)

view sourceprint?
01.<?php
02./*
03.    [UCenter Home] (C) 2007-2008 Comsenz Inc.
04.    $Id: function_common.php 2009-10-20 21:12:00
05.    @author ymaozi
06.    @copyright http://www.codedesign.cn/
07.    @uchome源码交流QQ群:83400263
08.*/
09.  
10.if(!defined('IN_UCHOME')) {
11.    exit('Access Denied');
12.}
13./**
14. * SQL ADDSLASHES 对sql的一些字符进行转义
15. * @param string or array $string
16. * @return string or array
17. */
18.function saddslashes($string) {
19.    if(is_array($string)) { //如果转入的是数组则对数组中的value进行递归转义
20.        foreach($string as $key => $val) {
21.            $string[$key] = saddslashes($val);
22.        }
23.    } else {
24.        $string = addslashes($string); //对单引号(')、双引号(")、反斜线(\)与 NUL(NULL 字符),进行转义
25.    }
26.    return $string;
27.}
28.  
29./**
30. * 取消HTML代码
31. * @param string or array $string
32. * @return string or array
33. */
34.function shtmlspecialchars($string) {
35.    if(is_array($string)) {
36.        foreach($string as $key => $val) {
37.            $string[$key] = shtmlspecialchars($val);
38.        }
39.    } else {
40.        $string = preg_replace('/&((#(\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1',
41.            str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string));//将传入的html中的&,",<,>,进行替换
42.    }
43.    return $string;
44.}

view sourceprint?
001./**
002. * 清空cookie与一些判断用户登录的信息
003. */
004.function clearcookie() {
005.    global $_SGLOBAL;
006.  
007.    obclean(); //清除缓存
008.    ssetcookie('auth', '', -86400 * 365); //设置cookie名为auth的过期
009.    $_SGLOBAL['supe_uid'] = 0;
010.    $_SGLOBAL['supe_username'] = '';
011.    $_SGLOBAL['member'] = array(); //将这些全局变量清空
012.}
013.  
014.//cookie设置
015./**
016. * 设置cookie
017. * @param   string  cookie名
018. * @param   string  cookie值
019. * @param   int     cookie存储时间
020. * @return void
021. */
022.function ssetcookie($var, $value, $life=0) {
023.    global $_SGLOBAL, $_SC, $_SERVER;
024.    setcookie($_SC['cookiepre'].$var, $value, $life?($_SGLOBAL['timestamp']+$life):0, $_SC['cookiepath'], $_SC['cookiedomain'], $_SERVER['SERVER_PORT']==443?1:0);
025.}
026.  
027.//
028./**
029. * 创建数据库连接对象
030. */
031.function dbconnect() {
032.    global $_SGLOBAL, $_SC;
033.  
034.    include_once(S_ROOT.'./source/class_mysql.php'); //引入数据库操作类
035.  
036.    if(empty($_SGLOBAL['db'])) { //如果没有创建数据库对象,则创建
037.        $_SGLOBAL['db'] = new dbstuff;
038.        $_SGLOBAL['db']->charset = $_SC['dbcharset'];
039.        $_SGLOBAL['db']->connect($_SC['dbhost'], $_SC['dbuser'], $_SC['dbpw'], $_SC['dbname'], $_SC['pconnect']);
040.    }
041.}
042.  
043.//获取在线IP
044.function getonlineip($format=0) {
045.    global $_SGLOBAL;
046.  
047.    if(empty($_SGLOBAL['onlineip'])) {
048.        if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
049.            //如果存在客户端ip,并通过strcasecmp(),比较不等于unknown,则获取客户端ip
050.                        $onlineip = getenv('HTTP_CLIENT_IP');
051.        } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
052.            //如果存在代理ip,则获取代理ip
053.                        $onlineip = getenv('HTTP_X_FORWARDED_FOR');
054.        } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
055.            //代理服务器 IP
056.                        $onlineip = getenv('REMOTE_ADDR');
057.        } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
058.            $onlineip = $_SERVER['REMOTE_ADDR'];
059.        }
060.        preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches);
061.                //通过正则检验,是否是ip地址的格式
062.        $_SGLOBAL['onlineip'] = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';
063.    }
064.    if($format) {
065.        $ips = explode('.', $_SGLOBAL['onlineip']); //将ip地址,以.为分隔存入到数组
066.        for($i=0;$i<3;$i++) {
067.            $ips[$i] = intval($ips[$i]);
068.        }
069.        return sprintf('%03d%03d%13d', $ips[0], $ips[1], $ips[2]);//返回ip地十的前三段,03d:三位整数,如果不足刚以0填充
070.    } else {
071.        return $_SGLOBAL['onlineip'];
072.    }
073.}
074.  
075.//
076./**
077. * 判断当前用户登录状态
078. */
079.function checkauth() {
080.    global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;
081.  
082.    if($_SGLOBAL['mobile'] && $_GET['m_auth']) $_SCOOKIE['auth'] = $_GET['m_auth'];
083.    if($_SCOOKIE['auth']) { //如果设置了名了auth的cookie
084.        @list($password, $uid) = explode("\t", authcode($_SCOOKIE['auth'], 'DECODE')); //通过authcode()函数将加密过的auth进行解密,将解密的信息分别存在$password与$uid中
085.        $_SGLOBAL['supe_uid'] = intval($uid); //将$uid设置给全局的supe_uid
086.        if($password && $_SGLOBAL['supe_uid']) { //如果密码与uid都存在,则判断用户信息的正确性
087.            $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('session')." WHERE uid='$_SGLOBAL[supe_uid]'");
088.            if($member = $_SGLOBAL['db']->fetch_array($query)) {
089.                if($member['password'] == $password) {
090.                    $_SGLOBAL['supe_username'] = addslashes($member['username']);
091.                    $_SGLOBAL['session'] = $member;
092.                } else {
093.                    $_SGLOBAL['supe_uid'] = 0;
094.                }
095.            } else {//如果用户表中不存在该用户,则到用户表中查找
096.                $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('member')." WHERE uid='$_SGLOBAL[supe_uid]'");
097.                if($member = $_SGLOBAL['db']->fetch_array($query)) {
098.                    if($member['password'] == $password) {
099.                        $_SGLOBAL['supe_username'] = addslashes($member['username']);
100.                        $session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);
101.                        include_once(S_ROOT.'./source/function_space.php');
102.                        insertsession($session);//将信息插入到session表中
103.                    } else {
104.                        $_SGLOBAL['supe_uid'] = 0;
105.                    }
106.                } else {
107.                    $_SGLOBAL['supe_uid'] = 0;
108.                }
109.            }
110.        }
111.    }
112.    if(empty($_SGLOBAL['supe_uid'])) {
113.                //如果supe_uid为空,则清除cookie
114.        clearcookie();
115.    } else {
116.        $_SGLOBAL['username'] = $member['username'];
117.    }
118.}
posted on 2010-05-11 13:39  小炒花生米  阅读(615)  评论(0编辑  收藏  举报