UCHome中关于公共函数(function_common.php)页面的代码分析(一)

view sourceprint?

01.<?php

02./*

03.    [UCenter Home] (C) 2007-2008 Comsenz Inc.

04.    $Id: function_common.php 2009-10-20 21:12:00

05.    @author ymaozi

06.    @copyright http://www.codedesign.cn/

07.    @uchome源码交流ＱＱ群：83400263

08.*/

09.  

10.if(!defined('IN_UCHOME')) {

11.    exit('Access Denied');

12.}

13./**

14. * SQL ADDSLASHES 对sql的一些字符进行转义

15. * @param string or array $string

16. * @return string or array

17. */

18.function saddslashes($string) {

19.    if(is_array($string)) { //如果转入的是数组则对数组中的value进行递归转义

20.        foreach($string as $key => $val) {

21.            $string[$key] = saddslashes($val);

22.        }

23.    } else {

24.        $string = addslashes($string); //对单引号（'）、双引号（"）、反斜线（\）与 NUL（NULL 字符），进行转义

25.    }

26.    return $string;

27.}

28.  

29./**

30. * 取消HTML代码

31. * @param string or array $string

32. * @return string or array

33. */

34.function shtmlspecialchars($string) {

35.    if(is_array($string)) {

36.        foreach($string as $key => $val) {

37.            $string[$key] = shtmlspecialchars($val);

38.        }

39.    } else {

40.        $string = preg_replace('/&((#(\d{3,5}|x[a-fA-F0-9]{4})|[a-zA-Z][a-z0-9]{2,5});)/', '&\\1',

41.            str_replace(array('&', '"', '<', '>'), array('&', '"', '<', '>'), $string));//将传入的html中的&,",<,>,进行替换

42.    }

43.    return $string;

44.}

view sourceprint?

001./**

002. * 清空cookie与一些判断用户登录的信息

003. */

004.function clearcookie() {

005.    global $_SGLOBAL;

006.  

007.    obclean(); //清除缓存

008.    ssetcookie('auth', '', -86400 * 365); //设置cookie名为auth的过期

009.    $_SGLOBAL['supe_uid'] = 0;

010.    $_SGLOBAL['supe_username'] = '';

011.    $_SGLOBAL['member'] = array(); //将这些全局变量清空

012.}

013.  

014.//cookie设置

015./**

016. * 设置cookie

017. * @param   string  cookie名

018. * @param   string  cookie值

019. * @param   int     cookie存储时间

020. * @return void

021. */

022.function ssetcookie($var, $value, $life=0) {

023.    global $_SGLOBAL, $_SC, $_SERVER;

024.    setcookie($_SC['cookiepre'].$var, $value, $life?($_SGLOBAL['timestamp']+$life):0, $_SC['cookiepath'], $_SC['cookiedomain'], $_SERVER['SERVER_PORT']==443?1:0);

025.}

026.  

027.//

028./**

029. * 创建数据库连接对象

030. */

031.function dbconnect() {

032.    global $_SGLOBAL, $_SC;

033.  

034.    include_once(S_ROOT.'./source/class_mysql.php'); //引入数据库操作类

035.  

036.    if(empty($_SGLOBAL['db'])) { //如果没有创建数据库对象，则创建

037.        $_SGLOBAL['db'] = new dbstuff;

038.        $_SGLOBAL['db']->charset = $_SC['dbcharset'];

039.        $_SGLOBAL['db']->connect($_SC['dbhost'], $_SC['dbuser'], $_SC['dbpw'], $_SC['dbname'], $_SC['pconnect']);

040.    }

041.}

042.  

043.//获取在线IP

044.function getonlineip($format=0) {

045.    global $_SGLOBAL;

046.  

047.    if(empty($_SGLOBAL['onlineip'])) {

048.        if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {

049.            //如果存在客户端ip,并通过strcasecmp(),比较不等于unknown,则获取客户端ip

050.                        $onlineip = getenv('HTTP_CLIENT_IP');

051.        } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {

052.            //如果存在代理ip,则获取代理ip

053.                        $onlineip = getenv('HTTP_X_FORWARDED_FOR');

054.        } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {

055.            //代理服务器 IP

056.                        $onlineip = getenv('REMOTE_ADDR');

057.        } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {

058.            $onlineip = $_SERVER['REMOTE_ADDR'];

059.        }

060.        preg_match("/[\d\.]{7,15}/", $onlineip, $onlineipmatches);

061.                //通过正则检验，是否是ip地址的格式

062.        $_SGLOBAL['onlineip'] = $onlineipmatches[0] ? $onlineipmatches[0] : 'unknown';

063.    }

064.    if($format) {

065.        $ips = explode('.', $_SGLOBAL['onlineip']); //将ip地址，以.为分隔存入到数组

066.        for($i=0;$i<3;$i++) {

067.            $ips[$i] = intval($ips[$i]);

068.        }

069.        return sprintf('%03d%03d%13d', $ips[0], $ips[1], $ips[2]);//返回ip地十的前三段,03d：三位整数，如果不足刚以0填充

070.    } else {

071.        return $_SGLOBAL['onlineip'];

072.    }

073.}

074.  

075.//

076./**

077. * 判断当前用户登录状态

078. */

079.function checkauth() {

080.    global $_SGLOBAL, $_SC, $_SCONFIG, $_SCOOKIE, $_SN;

081.  

082.    if($_SGLOBAL['mobile'] && $_GET['m_auth']) $_SCOOKIE['auth'] = $_GET['m_auth'];

083.    if($_SCOOKIE['auth']) { //如果设置了名了auth的cookie

084.        @list($password, $uid) = explode("\t", authcode($_SCOOKIE['auth'], 'DECODE')); //通过authcode()函数将加密过的auth进行解密，将解密的信息分别存在$password与$uid中

085.        $_SGLOBAL['supe_uid'] = intval($uid); //将$uid设置给全局的supe_uid

086.        if($password && $_SGLOBAL['supe_uid']) { //如果密码与uid都存在，则判断用户信息的正确性

087.            $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('session')." WHERE uid='$_SGLOBAL[supe_uid]'");

088.            if($member = $_SGLOBAL['db']->fetch_array($query)) {

089.                if($member['password'] == $password) {

090.                    $_SGLOBAL['supe_username'] = addslashes($member['username']);

091.                    $_SGLOBAL['session'] = $member;

092.                } else {

093.                    $_SGLOBAL['supe_uid'] = 0;

094.                }

095.            } else {//如果用户表中不存在该用户，则到用户表中查找

096.                $query = $_SGLOBAL['db']->query("SELECT * FROM ".tname('member')." WHERE uid='$_SGLOBAL[supe_uid]'");

097.                if($member = $_SGLOBAL['db']->fetch_array($query)) {

098.                    if($member['password'] == $password) {

099.                        $_SGLOBAL['supe_username'] = addslashes($member['username']);

100.                        $session = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'password' => $password);

101.                        include_once(S_ROOT.'./source/function_space.php');

102.                        insertsession($session);//将信息插入到session表中

103.                    } else {

104.                        $_SGLOBAL['supe_uid'] = 0;

105.                    }

106.                } else {

107.                    $_SGLOBAL['supe_uid'] = 0;

108.                }

109.            }

110.        }

111.    }

112.    if(empty($_SGLOBAL['supe_uid'])) {

113.                //如果supe_uid为空，则清除cookie

114.        clearcookie();

115.    } else {

116.        $_SGLOBAL['username'] = $member['username'];

117.    }

118.}