common.php

002. /*

003. [UCenter Home] (C) 2007-2008 Comsenz Inc.

004. $Id: common.php 13217 2009-9-25 ymaozi http://www.codedesign.cn

005. */

006.

007. @define('IN_UCHOME', TRUE); //定义IN_UCHOME

008. define('D_BUG', '0'); //定义错误等级

009.

010. D_BUG?error_reporting(7):error_reporting(0);

011. set_magic_quotes_runtime(0); //关闭自动转义功能

012.

013. $_SGLOBAL = $_SCONFIG = $_SBLOCK = $_TPL = $_SCOOKIE = $_SN = $space = array();

014.

015. //程序目录

016. define('S_ROOT', dirname(__FILE__).DIRECTORY_SEPARATOR); //定义程序的根目录

017.

018. //基本文件

019. include_once(S_ROOT.'./ver.php'); //导入uchome的一些版本信息

020. if(!@include_once(S_ROOT.'./config.php')) { //判断是否存在网站配置文件，不存在的话，安装网站

021. header("Location: install/index.php");//安装

022. exit();

023. }

024. include_once(S_ROOT.'./source/function_common.php'); //引入公共函数文件

025.

026. //时间

027. $mtime = explode(' ', microtime()); //将当前的时间，微秒与年/月/日 时/分/秒 分隔开

028. $_SGLOBAL['timestamp'] = $mtime[1]; //取得当前的年/月/日 时/分/钞

029. $_SGLOBAL['supe_starttime'] = $_SGLOBAL['timestamp'] + $mtime[0]; //年/月/日 时/分/钞 + 微秒

030.

031. //GPC过滤

032. $magic_quote = get_magic_quotes_gpc(); //是否开启了自动转义功能

033. if(empty($magic_quote)) { //如果没有开启则手动对提交的$_POST,$_GET进行转义

034. $_GET = saddslashes($_GET);

035. $_POST = saddslashes($_POST);

036. }

037.

038. //本站URL

039. if(empty($_SC['siteurl'])) $_SC['siteurl'] = getsiteurl();

040.

041. //链接数据库

042. dbconnect();

043.

044. //缓存文件

045. if(!@include_once(S_ROOT.'./data/data_config.php')) { //是否存在网站初始化信息的缓存

046. include_once(S_ROOT.'./source/function_cache.php'); //如果不存在，则引入处理缓存的文件

047. config_cache(); //创建缓存文件

048. include_once(S_ROOT.'./data/data_config.php'); //将缓存文件引入

049. }

050. foreach (array('app', 'userapp', 'ad', 'magic') as $value) {

051. @include_once(S_ROOT.'./data/data_'.$value.'.php'); //导入app,userapp,ad,magic配置文件

052. }

053.

054. //COOKIE

055. $prelength = strlen($_SC['cookiepre']); //获取COOKIE前缀长度

056. foreach($_COOKIE as $key => $val) {

057. if(substr($key, 0, $prelength) == $_SC['cookiepre']) {

058. $_SCOOKIE[(substr($key, $prelength))] = empty($magic_quote) ? saddslashes($val) : $val;

059. }

060. }

061.

062. //启用GIP

063. if ($_SC['gzipcompress'] && function_exists('ob_gzhandler')) {

064. ob_start('ob_gzhandler');

065. } else {

066. ob_start();

067. }

068.

069. //初始化

070. $_SGLOBAL['supe_uid'] = 0;

071. $_SGLOBAL['supe_username'] = ''; //将用户的uid与username设置为空

072. $_SGLOBAL['inajax'] = empty($_GET['inajax'])?0:intval($_GET['inajax']); //是否采用ajax

073. $_SGLOBAL['mobile'] = empty($_GET['mobile'])?'':trim($_GET['mobile']); //获取$_GET提交的手机号

074. $_SGLOBAL['ajaxmenuid'] = empty($_GET['ajaxmenuid'])?'':$_GET['ajaxmenuid'];

075. $_SGLOBAL['refer'] = empty($_SERVER['HTTP_REFERER'])?'':$_SERVER['HTTP_REFERER']; //获取上一页面的url

076. if(empty($_GET['m_timestamp']) || $_SGLOBAL['mobile'] != md5($_GET['m_timestamp']."\t".$_SCONFIG['sitekey'])) $_SGLOBAL['mobile'] = '';

077.

078. //登录注册防灌水机

079. if(empty($_SCONFIG['login_action'])) $_SCONFIG['login_action'] = md5('login'.md5($_SCONFIG['sitekey']));

080. if(empty($_SCONFIG['register_action'])) $_SCONFIG['register_action'] = md5('register'.md5($_SCONFIG['sitekey']));

081.

082. //整站风格

083. if(empty($_SCONFIG['template'])) { //如果没有设置网站的风格则采用default中的

084. $_SCONFIG['template'] = 'default';

085. }

086. if($_SCOOKIE['mytemplate']) {

087. $_SCOOKIE['mytemplate'] = str_replace('.','',trim($_SCOOKIE['mytemplate']));

088. if(file_exists(S_ROOT.'./template/'.$_SCOOKIE['mytemplate'].'/style.css')) {

089. $_SCONFIG['template'] = $_SCOOKIE['mytemplate'];

090. } else {

091. ssetcookie('mytemplate', '', 365000);

092. }

093. }

094.

095. //url:http://u.codedesign.cn/space.php?do=home

096. //$_SERVER['REQUEST_URI']得到的:space.php?do=home

097. //$_SERVER['PHP_SELF'] 得到的:space.php

098. //$_SERVER['QUERY_STRING'] : do=home

099. //处理REQUEST_URI

100. if(!isset($_SERVER['REQUEST_URI'])) {

101. $_SERVER['REQUEST_URI'] = $_SERVER['PHP_SELF'];

102. if(isset($_SERVER['QUERY_STRING'])) $_SERVER['REQUEST_URI'] .= '?'.$_SERVER['QUERY_STRING'];

103. }

104. if($_SERVER['REQUEST_URI']) {

105. $temp = urldecode($_SERVER['REQUEST_URI']);

106. if(strexists($temp, '

107. $_GET = shtmlspecialchars($_GET);//XSS

108. }

109. }

110.

111. //判断用户登录状态

112. checkauth(); //判断是否登录

113. $_SGLOBAL['uhash'] = md5($_SGLOBAL['supe_uid']."\t".substr($_SGLOBAL['timestamp'], 0, 6)); //将用户的uid与当前时间的前六位进行md5加密

114.

115. //用户菜单

116. getuserapp();

117.

118. //处理UC应用

119. $_SCONFIG['uc_status'] = 0;

120. $_SGLOBAL['appmenus'] = $_SGLOBAL['appmenu'] = array();

121. if($_SGLOBAL['app']) {

122. foreach ($_SGLOBAL['app'] as $appid => $value) {

123. if(UC_APPID != $appid) {

124. $_SCONFIG['uc_status'] = 1;

125. }

126. if($value['open']) {

127. if(empty($_SGLOBAL['appmenu'])) {

128. $_SGLOBAL['appmenu'] = $value;

129. } else {

130. $_SGLOBAL['appmenus'][] = $value;

131. }

132. }

133. }

134. }

135.

136. ?>