上次问了下DZ的缓存机制,在网上找到了一个common.inc.php的注释版本。
但是还有很多东西不太明白。比如判断用户登录那段,为什么要反复从数据库中读取呢?还有就是$sid是干什么用的?哪里赋值的?希望高人指点一二
因为代码太多,只截取这部分代码上来
<?php
$db = new dbstuff;
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);//处理SID
$sid = daddslashes(($transsidstatus || (defined('CURSCRIPT') && CURSCRIPT == 'wap'))&& (isset($_GET['sid']) || isset($_POST['sid'])) ?
(isset($_GET['sid']) ? $_GET['sid'] : $_POST['sid']) :
(isset($_DCOOKIE['sid']) ? $_DCOOKIE['sid'] : ''));
//生成加密KEY
$discuz_auth_key = md5($_DCACHE['settings']['authkey'].$_SERVER['HTTP_USER_AGENT']);
//解密COOKIE
list($discuz_pw, $discuz_secques, $discuz_uid) = isset($_DCOOKIE['auth']) ? explode("\t", authcode($_DCOOKIE['auth'], 'DECODE')) : array('', '', 0);
//转义输入变量
if(isset($_DCOOKIE['auth']) && !$discuz_uid) {
clearcookies();
}
//初始用户变量
$newpm = $newpmexists = $sessionexists = $seccode = $bloguid = 0;
//判断SID存在
if($sid) {
if($discuz_uid) {
//查询现登陆用户存在SESSION表中的SESSION
$query = $db->query("SELECT s.sid, s.styleid, s.groupid='6' AS ipbanned, s.pageviews AS spageviews, s.lastolupdate, s.seccode, m.uid AS discuz_uid,
m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry,
m.extgroupids, m.email, m.timeoffset, m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3,
m.extcredits4, m.extcredits5, m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound,
m.sigstatus, m.invisible, m.lastvisit, m.lastactivity, m.lastpost, m.newpm, m.accessmasks,m.xspacestatus, m.editormode, m.customshow
FROM {$tablepre}sessions s, {$tablepre}members m
WHERE m.uid=s.uid AND s.sid='$sid' AND CONCAT_WS('.',s.ip1,s.ip2,s.ip3,s.ip4)='$onlineip' AND m.uid='$discuz_uid'
AND m.password='$discuz_pw' AND m.secques='$discuz_secques'");
} else { //查询当前游客存在SESSION表中的SESSION
$query = $db->query("SELECT sid, uid AS sessionuid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");
}
if($_DSESSION = $db->fetch_array($query)) {//当前用户SESSION存在
$sessionexists = 1;//判断是否为游客
if(!empty($_DSESSION['sessionuid'])) { //登陆用户
//完善登陆用户SESSION(更新和添加) //!!!!!!!!!这里为什么又要读取?$query = $db->query("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw,
m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry, m.extgroupids, m.email, m.timeoffset,
m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3, m.extcredits4, m.extcredits5,
m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound, m.sigstatus, m.invisible,
m.lastvisit, m.lastactivity, m.lastpost, m.newpm, m.accessmasks,m.xspacestatus, m.editormode, m.customshow
FROM {$tablepre}members m WHERE uid='$_DSESSION[sessionuid]'");
$_DSESSION = array_merge($_DSESSION, $db->fetch_array($query));
}
} else {//游客
//清除游客本地的COOKIE //!!!!!!!!!!!!!!!!!!!!这里已经清除了cookies那么还要保存用户登陆信息到$_DSESSION?
$query = $db->query("SELECT sid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");
if($_DSESSION = $db->fetch_array($query)) {
clearcookies();
$sessionexists = 1;
}
}
}
if(!$sessionexists) { //SESSION不存在
if($discuz_uid) {//登陆用户
//取登陆用户信息
$query = $db->query("SELECT uid AS discuz_uid, username AS discuz_user, password AS discuz_pw, secques AS discuz_secques,
adminid, groupid, groupexpiry, extgroupids, email, timeoffset, styleid, tpp, ppp, posts, digestposts, oltime, pageviews, credits,
extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, timeformat,
dateformat, pmsound, sigstatus, invisible, lastvisit, lastactivity, lastpost, newpm, accessmasks, xspacestatus, editormode, customshow
FROM {$tablepre}members WHERE uid='$discuz_uid' AND password='$discuz_pw' AND secques='$discuz_secques'");
if(!($_DSESSION = $db->fetch_array($query))) {
clearcookies();
}
}//判断当前用户IP是否受限 if(ipbanned($onlineip)) {
$_DSESSION['ipbanned'] = 1;
} //生成SID和验证码 $_DSESSION['sid'] = random(6);
$_DSESSION['seccode'] = random(4, 1);
}
$_DSESSION['dateformat'] = empty($_DSESSION['dateformat']) ? $_DCACHE['settings']['dateformat'] : $_DSESSION['dateformat'];
$_DSESSION['timeformat'] = empty($_DSESSION['timeformat']) ? $_DCACHE['settings']['timeformat'] : ($_DSESSION['timeformat'] == 1 ? 'h:i A' : 'H:i');
$_DSESSION['timeoffset'] = isset($_DSESSION['timeoffset']) && $_DSESSION['timeoffset'] != 9999 ? $_DSESSION['timeoffset'] : $_DCACHE['settings']['timeoffset'];@extract($_DSESSION);//上次访问
$lastvisit = empty($lastvisit) ? $timestamp - 86400 : $lastvisit;//当前时间,格式为用户定义的格式(游客为默认设置)
$timenow = array('time' => gmdate("$dateformat $timeformat", $timestamp + 3600 * $timeoffset),
'offset' => ($timeoffset >= 0 ? ($timeoffset == 0 ? '' : '+'.$timeoffset) : $timeoffset));//判断是否为登陆用户
//游客扩展信息设为默认
if(empty($discuz_uid) || empty($discuz_user)) {
$discuz_user = $extgroupids = '';
$discuz_uid = $adminid = $posts = $digestposts = $pageviews = $oltime = $invisible
= $credits = $extcredits1 = $extcredits2 = $extcredits3 = $extcredits4
= $extcredits5 = $extcredits6 = $extcredits7 = $extcredits8 = 0;
$groupid = empty($groupid) || $groupid != 6 ? 7 : 6;
$avatarshowid = 0;
} else {
$discuz_userss = $discuz_user;
$discuz_user = addslashes($discuz_user);
}//包含统计页面$statstatus && require_once DISCUZ_ROOT.'./include/counter.inc.php';
$rssauth = $rssstatus && $discuz_uid ? authcode("$discuz_uid\t$fid\t".substr(md5($discuz_pw.$discuz_secques), 0, 8), 'ENCODE', md5($_DCACHE['settings']['authkey'])) : '0';$navtitle = $navigation = '';
$extra = isset($extra) && preg_match("/^[&=;a-z0-9]+$/i", $extra) ? $extra : '';
$tpp = intval(empty($_DSESSION['tpp']) ? $topicperpage : $_DSESSION['tpp']);
$ppp = intval(empty($_DSESSION['ppp']) ? $postperpage : $_DSESSION['ppp']);//note 用户访问权限
if($discuz_uid && $accessmasks) {
$accessadd1 = ', a.allowview, a.allowpost, a.allowreply, a.allowgetattach, a.allowpostattach';
$accessadd2 = "LEFT JOIN {$tablepre}access a ON a.uid='$discuz_uid' AND a.fid=f.fid";
} else {
$accessadd1 = $accessadd2 = '';
}
if($discuz_uid && $adminid == 3) {
$modadd1 = ', m.uid AS ismoderator';
$modadd2 = "LEFT JOIN {$tablepre}moderators m ON m.uid='$discuz_uid' AND m.fid=f.fid";
} else {
$modadd1 = $modadd2 = '';
}//载入缓存$_DSESSION['groupid'] = $groupid = empty($ipbanned) ? (empty($groupid) ? 7 : intval($groupid)) : 6;
if(!@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.$groupid.'.php') {
$query = $db->query("SELECT type FROM {$tablepre}usergroups WHERE groupid='$groupid'");
$grouptype = $db->result($query, 0);
if(!empty($grouptype)) {
$cachelost .= ' usergroup_'.$groupid;
} else {
$grouptype = 'member';
}
}//登陆,登出,注册的URL设置
//判断通行证设置if($passport_status) {
$passport_forward = rawurlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
$link_login = $passport_url.$passport_login_url.(strpos($passport_login_url, '?') === FALSE ? '?' : '&').'forward='.$passport_forward;
$link_logout = $passport_url.$passport_logout_url.(strpos($passport_logout_url, '?') === FALSE ? '?' : '&').'forward='.$passport_forward;
$link_register = $passport_url.$passport_register_url.(strpos($passport_register_url, '?') === FALSE ? '?' : '&').'forward='.$passport_forward;
} else {
$link_login = 'logging.php?action=login';
$link_logout = 'logging.php?action=logout&formhash='.FORMHASH;
$link_register = 'register.php';
}//用户组初始化if($discuz_uid && $_DSESSION) {
if(!empty($groupexpiry) && $groupexpiry < $timestamp && (!defined('CURSCRIPT') || (CURSCRIPT != 'wap' && CURSCRIPT != 'member'))) {
header("Location: {$boardurl}member.php?action=groupexpiry");
dexit();
} elseif($grouptype && $groupid != getgroupid($discuz_uid, array
(
'type' => $grouptype,
'creditshigher' => $groupcreditshigher,
'creditslower' => $groupcreditslower
), $_DSESSION)) {
@extract($_DSESSION);
$cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.intval($groupid).'.php') ? '' : ' usergroup_'.$groupid;
}
}//管理权限初始化
if(!in_array($adminid, array(1, 2, 3))) {
if(!$errorreport) {
error_reporting(E_ALL);
}
$alloweditpost = $alloweditpoll = $allowstickthread = $allowmodpost = $allowdelpost = $allowmassprune
= $allowrefund = $allowcensorword = $allowviewip = $allowbanip = $allowedituser = $allowmoduser
= $allowbanuser = $allowpostannounce = $allowviewlog = $disablepostctrl = $supe_allowpushthread = 0;
} elseif(isset($radminid) && $adminid != $radminid && $adminid != $groupid) {
$cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/admingroup_'.intval($adminid).'.php') ? '' : ' admingroup_'.$groupid;
}
?>
但是还有很多东西不太明白。比如判断用户登录那段,为什么要反复从数据库中读取呢?还有就是$sid是干什么用的?哪里赋值的?希望高人指点一二
因为代码太多,只截取这部分代码上来
<?php
$db = new dbstuff;
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);//处理SID
$sid = daddslashes(($transsidstatus || (defined('CURSCRIPT') && CURSCRIPT == 'wap'))&& (isset($_GET['sid']) || isset($_POST['sid'])) ?
(isset($_GET['sid']) ? $_GET['sid'] : $_POST['sid']) :
(isset($_DCOOKIE['sid']) ? $_DCOOKIE['sid'] : ''));
//生成加密KEY
$discuz_auth_key = md5($_DCACHE['settings']['authkey'].$_SERVER['HTTP_USER_AGENT']);
//解密COOKIE
list($discuz_pw, $discuz_secques, $discuz_uid) = isset($_DCOOKIE['auth']) ? explode("\t", authcode($_DCOOKIE['auth'], 'DECODE')) : array('', '', 0);
//转义输入变量
if(isset($_DCOOKIE['auth']) && !$discuz_uid) {
clearcookies();
}
//初始用户变量
$newpm = $newpmexists = $sessionexists = $seccode = $bloguid = 0;
//判断SID存在
if($sid) {
if($discuz_uid) {
//查询现登陆用户存在SESSION表中的SESSION
$query = $db->query("SELECT s.sid, s.styleid, s.groupid='6' AS ipbanned, s.pageviews AS spageviews, s.lastolupdate, s.seccode, m.uid AS discuz_uid,
m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry,
m.extgroupids, m.email, m.timeoffset, m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3,
m.extcredits4, m.extcredits5, m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound,
m.sigstatus, m.invisible, m.lastvisit, m.lastactivity, m.lastpost, m.newpm, m.accessmasks,m.xspacestatus, m.editormode, m.customshow
FROM {$tablepre}sessions s, {$tablepre}members m
WHERE m.uid=s.uid AND s.sid='$sid' AND CONCAT_WS('.',s.ip1,s.ip2,s.ip3,s.ip4)='$onlineip' AND m.uid='$discuz_uid'
AND m.password='$discuz_pw' AND m.secques='$discuz_secques'");
} else { //查询当前游客存在SESSION表中的SESSION
$query = $db->query("SELECT sid, uid AS sessionuid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");
}
if($_DSESSION = $db->fetch_array($query)) {//当前用户SESSION存在
$sessionexists = 1;//判断是否为游客
if(!empty($_DSESSION['sessionuid'])) { //登陆用户
//完善登陆用户SESSION(更新和添加) //!!!!!!!!!这里为什么又要读取?$query = $db->query("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw,
m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry, m.extgroupids, m.email, m.timeoffset,
m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3, m.extcredits4, m.extcredits5,
m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound, m.sigstatus, m.invisible,
m.lastvisit, m.lastactivity, m.lastpost, m.newpm, m.accessmasks,m.xspacestatus, m.editormode, m.customshow
FROM {$tablepre}members m WHERE uid='$_DSESSION[sessionuid]'");
$_DSESSION = array_merge($_DSESSION, $db->fetch_array($query));
}
} else {//游客
//清除游客本地的COOKIE //!!!!!!!!!!!!!!!!!!!!这里已经清除了cookies那么还要保存用户登陆信息到$_DSESSION?
$query = $db->query("SELECT sid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");
if($_DSESSION = $db->fetch_array($query)) {
clearcookies();
$sessionexists = 1;
}
}
}
if(!$sessionexists) { //SESSION不存在
if($discuz_uid) {//登陆用户
//取登陆用户信息
$query = $db->query("SELECT uid AS discuz_uid, username AS discuz_user, password AS discuz_pw, secques AS discuz_secques,
adminid, groupid, groupexpiry, extgroupids, email, timeoffset, styleid, tpp, ppp, posts, digestposts, oltime, pageviews, credits,
extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, timeformat,
dateformat, pmsound, sigstatus, invisible, lastvisit, lastactivity, lastpost, newpm, accessmasks, xspacestatus, editormode, customshow
FROM {$tablepre}members WHERE uid='$discuz_uid' AND password='$discuz_pw' AND secques='$discuz_secques'");
if(!($_DSESSION = $db->fetch_array($query))) {
clearcookies();
}
}//判断当前用户IP是否受限 if(ipbanned($onlineip)) {
$_DSESSION['ipbanned'] = 1;
} //生成SID和验证码 $_DSESSION['sid'] = random(6);
$_DSESSION['seccode'] = random(4, 1);
}
$_DSESSION['dateformat'] = empty($_DSESSION['dateformat']) ? $_DCACHE['settings']['dateformat'] : $_DSESSION['dateformat'];
$_DSESSION['timeformat'] = empty($_DSESSION['timeformat']) ? $_DCACHE['settings']['timeformat'] : ($_DSESSION['timeformat'] == 1 ? 'h:i A' : 'H:i');
$_DSESSION['timeoffset'] = isset($_DSESSION['timeoffset']) && $_DSESSION['timeoffset'] != 9999 ? $_DSESSION['timeoffset'] : $_DCACHE['settings']['timeoffset'];@extract($_DSESSION);//上次访问
$lastvisit = empty($lastvisit) ? $timestamp - 86400 : $lastvisit;//当前时间,格式为用户定义的格式(游客为默认设置)
$timenow = array('time' => gmdate("$dateformat $timeformat", $timestamp + 3600 * $timeoffset),
'offset' => ($timeoffset >= 0 ? ($timeoffset == 0 ? '' : '+'.$timeoffset) : $timeoffset));//判断是否为登陆用户
//游客扩展信息设为默认
if(empty($discuz_uid) || empty($discuz_user)) {
$discuz_user = $extgroupids = '';
$discuz_uid = $adminid = $posts = $digestposts = $pageviews = $oltime = $invisible
= $credits = $extcredits1 = $extcredits2 = $extcredits3 = $extcredits4
= $extcredits5 = $extcredits6 = $extcredits7 = $extcredits8 = 0;
$groupid = empty($groupid) || $groupid != 6 ? 7 : 6;
$avatarshowid = 0;
} else {
$discuz_userss = $discuz_user;
$discuz_user = addslashes($discuz_user);
}//包含统计页面$statstatus && require_once DISCUZ_ROOT.'./include/counter.inc.php';
$rssauth = $rssstatus && $discuz_uid ? authcode("$discuz_uid\t$fid\t".substr(md5($discuz_pw.$discuz_secques), 0, 8), 'ENCODE', md5($_DCACHE['settings']['authkey'])) : '0';$navtitle = $navigation = '';
$extra = isset($extra) && preg_match("/^[&=;a-z0-9]+$/i", $extra) ? $extra : '';
$tpp = intval(empty($_DSESSION['tpp']) ? $topicperpage : $_DSESSION['tpp']);
$ppp = intval(empty($_DSESSION['ppp']) ? $postperpage : $_DSESSION['ppp']);//note 用户访问权限
if($discuz_uid && $accessmasks) {
$accessadd1 = ', a.allowview, a.allowpost, a.allowreply, a.allowgetattach, a.allowpostattach';
$accessadd2 = "LEFT JOIN {$tablepre}access a ON a.uid='$discuz_uid' AND a.fid=f.fid";
} else {
$accessadd1 = $accessadd2 = '';
}
if($discuz_uid && $adminid == 3) {
$modadd1 = ', m.uid AS ismoderator';
$modadd2 = "LEFT JOIN {$tablepre}moderators m ON m.uid='$discuz_uid' AND m.fid=f.fid";
} else {
$modadd1 = $modadd2 = '';
}//载入缓存$_DSESSION['groupid'] = $groupid = empty($ipbanned) ? (empty($groupid) ? 7 : intval($groupid)) : 6;
if(!@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.$groupid.'.php') {
$query = $db->query("SELECT type FROM {$tablepre}usergroups WHERE groupid='$groupid'");
$grouptype = $db->result($query, 0);
if(!empty($grouptype)) {
$cachelost .= ' usergroup_'.$groupid;
} else {
$grouptype = 'member';
}
}//登陆,登出,注册的URL设置
//判断通行证设置if($passport_status) {
$passport_forward = rawurlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
$link_login = $passport_url.$passport_login_url.(strpos($passport_login_url, '?') === FALSE ? '?' : '&').'forward='.$passport_forward;
$link_logout = $passport_url.$passport_logout_url.(strpos($passport_logout_url, '?') === FALSE ? '?' : '&').'forward='.$passport_forward;
$link_register = $passport_url.$passport_register_url.(strpos($passport_register_url, '?') === FALSE ? '?' : '&').'forward='.$passport_forward;
} else {
$link_login = 'logging.php?action=login';
$link_logout = 'logging.php?action=logout&formhash='.FORMHASH;
$link_register = 'register.php';
}//用户组初始化if($discuz_uid && $_DSESSION) {
if(!empty($groupexpiry) && $groupexpiry < $timestamp && (!defined('CURSCRIPT') || (CURSCRIPT != 'wap' && CURSCRIPT != 'member'))) {
header("Location: {$boardurl}member.php?action=groupexpiry");
dexit();
} elseif($grouptype && $groupid != getgroupid($discuz_uid, array
(
'type' => $grouptype,
'creditshigher' => $groupcreditshigher,
'creditslower' => $groupcreditslower
), $_DSESSION)) {
@extract($_DSESSION);
$cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/usergroup_'.intval($groupid).'.php') ? '' : ' usergroup_'.$groupid;
}
}//管理权限初始化
if(!in_array($adminid, array(1, 2, 3))) {
if(!$errorreport) {
error_reporting(E_ALL);
}
$alloweditpost = $alloweditpoll = $allowstickthread = $allowmodpost = $allowdelpost = $allowmassprune
= $allowrefund = $allowcensorword = $allowviewip = $allowbanip = $allowedituser = $allowmoduser
= $allowbanuser = $allowpostannounce = $allowviewlog = $disablepostctrl = $supe_allowpushthread = 0;
} elseif(isset($radminid) && $adminid != $radminid && $adminid != $groupid) {
$cachelost .= (@include DISCUZ_ROOT.'./forumdata/cache/admingroup_'.intval($adminid).'.php') ? '' : ' admingroup_'.$groupid;
}
?>
连接数据库,初始化各种系统变量,处理session,处理缓存,判断用户数据等
if($sid) {
if($discuz_uid) {
//查询现登陆用户存在SESSION表中的SESSION
$query = $db->query("SELECT s.sid, s.styleid, s.groupid='6' AS ipbanned, s.pageviews AS spageviews, s.lastolupdate, s.seccode, m.uid AS discuz_uid,
m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry,
m.extgroupids, m.email, m.timeoffset, m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3,
m.extcredits4, m.extcredits5, m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound,
m.sigstatus, m.invisible, m.lastvisit, m.lastactivity, m.lastpost, m.newpm, m.accessmasks,m.xspacestatus, m.editormode, m.customshow
FROM {$tablepre}sessions s, {$tablepre}members m
WHERE m.uid=s.uid AND s.sid='$sid' AND CONCAT_WS('.',s.ip1,s.ip2,s.ip3,s.ip4)='$onlineip' AND m.uid='$discuz_uid'
AND m.password='$discuz_pw' AND m.secques='$discuz_secques'");
} else { //查询当前游客存在SESSION表中的SESSION
$query = $db->query("SELECT sid, uid AS sessionuid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");//--得到uid
}
if($_DSESSION = $db->fetch_array($query)) {//当前用户SESSION存在
$sessionexists = 1;//判断是否为游客
if(!empty($_DSESSION['sessionuid'])) {//--根据得到的uid是否为空,判断是否为登陆用户 //登陆用户
//完善登陆用户SESSION(更新和添加) //!!!!!!!!!这里为什么又要读取?$query = $db->query("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw,
m.secques AS discuz_secques, m.adminid, m.groupid, m.groupexpiry, m.extgroupids, m.email, m.timeoffset,
m.tpp, m.ppp, m.posts, m.digestposts, m.oltime, m.pageviews, m.credits, m.extcredits1, m.extcredits2, m.extcredits3, m.extcredits4, m.extcredits5,
m.extcredits6, m.extcredits7, m.extcredits8, m.timeformat, m.dateformat, m.pmsound, m.sigstatus, m.invisible,
m.lastvisit, m.lastactivity, m.lastpost, m.newpm, m.accessmasks,m.xspacestatus, m.editormode, m.customshow
FROM {$tablepre}members m WHERE uid='$_DSESSION[sessionuid]'");
$_DSESSION = array_merge($_DSESSION, $db->fetch_array($query));
}//从用户表中得到更多用户信息,得到的值放到$_DSESSION, array_merge -- 合并一个或多个数组
} else {//游客
//清除游客本地的COOKIE //!!!!!!!!!!!!!!!!!!!!这里已经清除了cookies那么还要保存用户登陆信息到$_DSESSION?
$query = $db->query("SELECT sid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, lastolupdate, seccode
FROM {$tablepre}sessions WHERE sid='$sid' AND CONCAT_WS('.',ip1,ip2,ip3,ip4)='$onlineip'");//--uid为空
if($_DSESSION = $db->fetch_array($query)) {//得到游客信息中不包括uid
clearcookies();
$sessionexists = 1;//SESSION存在
}
}
}
if(!$sessionexists) { //SESSION不存在
if($discuz_uid) {//登陆用户
//取登陆用户信息
$query = $db->query("SELECT uid AS discuz_uid, username AS discuz_user, password AS discuz_pw, secques AS discuz_secques,
adminid, groupid, groupexpiry, extgroupids, email, timeoffset, styleid, tpp, ppp, posts, digestposts, oltime, pageviews, credits,
extcredits1, extcredits2, extcredits3, extcredits4, extcredits5, extcredits6, extcredits7, extcredits8, timeformat,
dateformat, pmsound, sigstatus, invisible, lastvisit, lastactivity, lastpost, newpm, accessmasks, xspacestatus, editormode, customshow
FROM {$tablepre}members WHERE uid='$discuz_uid' AND password='$discuz_pw' AND secques='$discuz_secques'");
if(!($_DSESSION = $db->fetch_array($query))) {
clearcookies();
}
}
我一直以为clearcookies函数是清除cookies,刚才看了下,原来是重新写入cookie。
TNND,太阴险了起这么个名字搞得我一直看不懂
不过好像有点眉目了,看懂一点点了
还有就是他怎么判断用户是否已经登陆,如果没有登陆怎么处理,登陆了怎么处理。我就是不懂
哪位大哥能给详细解释解释啊~~