| 0 |
D:\phpstudy_pro\WWW\haose.live\framework\lib\core.class.php |
452 |
file_put_contents('D:/phpstudy_pro/WWW/haose.live/tmp/control_common_control.class.php', 'init_timezone();
$this->init_admin();
//$this->conf['runtime'] = &$this->runtime->read_site(); // 析构函数会比 mysql 的析构函数早。所以不用担心mysql被释放。
//$this->check_lang();
$this->init_view();
//$this->init_sid();
//$this->init_user();
//$this->check_ip();
//$this->check_safecode();
//$this->check_domain();
$this->init_cron();
//$this->check_msg();
$this->c('cache_redis');
}
//部分需要CMD运行的需要转码
public function cmd_echo($info){
$op = 'windows';
if($op == 'linux'){
echo $info;
}else if($op == 'windows'){
echo iconv("UTF-8", "GB2312//IGNORE", $info);
}
}
//加解密id数据
public function id_data($type = 1){
$int_to_str = array(
'i' => 0,
'x' => 1,
's' => 2,
'k' => 3,
'l' => 4,
't' => 5,
'w' => 6,
'r' => 7,
'a' => 8,
'f' => 9,
'j' => 0,
'y' => 0,
'e' => 0,
'q' => 0,
);
if($type == 2){
$int_to_str = array_flip($int_to_str);
}
return $int_to_str;
}
//加密site_id
public function en_site_id($site_id){
$int_to_str = $this->id_data(2);
$new_site_id = '';
for($i = 0; $i < strlen($site_id); $i++){
if(isset($int_to_str[$site_id{$i}])){
$new_site_id .= $int_to_str[$site_id{$i}];
}else{
$this->goto_404();
}
}
return $new_site_id;
}
//解密site_id
public function de_site_id($site_id){
$int_to_str = $this->id_data();
$new_site_id = '';
for($i = 0; $i < strlen($site_id); $i++){
if(isset($int_to_str[$site_id{$i}])){
$new_site_id .= $int_to_str[$site_id{$i}];
}else{
$this->goto_404();
}
}
return intval($new_site_id);
}
//进入404页面
public function goto_404() {
header('HTTP/1.1 404 Not Found');
exit();
}
//账户资金锁
public function lock_user($uid, $wait_lock_time = 0, $wait_time = 0, $lock_time = 60) {
$lock_name = 'lock_user_money';
$lock = $this->cache_redis->hSetNx($lock_name, $uid, time());
if($lock != 1){
if($wait_lock_time > 0 && $wait_lock_time < $wait_time){
//继续等待
sleep(1);
$wait_time += 1;
return $this->lock_user($uid, $wait_lock_time, $wait_time);
}else{
//判断死锁
$die_lock = $this->cache_redis->hGet($lock_name, $uid);
if($die_lock < time() - $lock_time){
//死锁
$this->cache_redis->hdel($lock_name, $uid);
return $this->lock_user($uid, $wait_lock_time, $wait_time);
}else{
//返回取锁失败
return 2;
}
}
}else{
//设置资金锁60秒超时,防止死锁
$this->cache_redis->expire($lock_name, $lock_time + 60);
return 1;
}
}
//账户资金锁解锁
public function un_lock_user($uid) {
$del = $this->cache_redis->hdel('lock_user_money', $uid);
return $del;
}
// 初始化 _admin, 解密 cookie
private function init_admin() {
$auth = core::gpc($this->conf['cookiepre'].'admin_auth_'.OLD_SITE_ID, 'R');
$this->view->assign('_admin_auth', $auth);
$this->_admin = $this->admins->decrypt_auth($auth);
if($this->_admin['id'] != 0){
$this->_admin = $this->admins->get($this->_admin['id']);
if($this->_admin['end_session'] != $auth || ($this->conf['system_status'] != 1 && $this->_admin['groupid'] != 1)){
misc::set_cookie($this->conf['cookiepre'].'admin_auth_'.OLD_SITE_ID, '', $_SERVER['time'], '/');
$_SESSION['admin_two_password'] = '';
header("location:./login.htm");
exit;
}
$admingroup = $this->mcache->read('admin', 'models', 'group_cache',$this->conf['site_id']);
unset($this->_admin['password']);
//unset($this->_admin['code']);
$this->_admin['group'] = $admingroup[$this->_admin['groupid']];
if(empty($this->_admin['login_ip'])){
$this->_admin['login_ip_local'] = '无登陆记录';
}else{
$this->_admin['login_ip_local'] = implode(" ", $this->za->ip_to_adds($this->za->inttoip($this->_admin['login_ip']), 2));
}
/*
$this->_admindbinfo = $this->admins->read($this->_admin['id']);
if(!empty($this->_admindbinfo)){
$this->_admin = $this->_admin + $this->_admindbinfo;
$admingroup = $this->mcache->read('admingroup');
$system = explode("|", $admingroup[$this->_admindbinfo['groupid']]['system']);
foreach($system as $k => $v){
$admin_system[$v] = $v;
}
$this->_admin_system = $admin_system;
$this->view->assign('admin_system', $admin_system);
}
*/
$_SESSION['aid'] = $this->_admin['id'];
$_SESSION['end_time'] = $_SERVER['time'];
}
$this->view->assign('_admin', $this->_admin);
}
private function init_timezone() {
// 不需要设置,使用gmdate()
$offset = $this->conf['timeoffset'];
if($offset) {
date_default_timezone_set('Etc/GMT'.$offset);
}
// 今日凌晨0点的开始时间!
$_SERVER['time_fmt'] = gmdate('Y-n-d H:i', $_SERVER['time'] + $offset * 3600); // +8 hours
$arr = explode(' ', $_SERVER['time_fmt']);
list($y, $n, $d) = explode('-', $arr[0]);
$_SERVER['time_today'] = gmmktime(0, 0, 0, $n, $d, $y) - $offset * 3600; // -8 hours
}
private function init_view() {
$this->view->assign('conf', $this->conf);
$this->view->assign('_title', $this->_title);
$this->view->assign('_nav', $this->_nav);
$this->view->assign('_checked', $this->_checked);
$this->view->assign('cron_1_run', $this->_cron_1_run);
if(defined('FORM_HASH') == false){
define('FORM_HASH', misc::form_hash($this->conf['public_key']));
}
}
// 初始化 sid
private function init_sid() {
$key = $this->conf['cookiepre'].'sid';
$sid = core::gpc($key, 'R');
if(!$sid) {
$sid = substr(md5($_SERVER['REMOTE_ADDR'].rand(1, 2147483647)), 0, 16); // 兼容32,64位
misc::set_cookie($key, $sid, $_SERVER['time'] + 86400 * 30, '/');
}
$this->_sid = $sid;
$this->view->assign('_sid', $this->_sid);
}
private function ip() {
$ip['ip'] = $this->za->get_ip();
$ip['data'] = array();
if($ip['ip'] != 'unknown'){
$data = $this->ip->find($ip['ip'], 'CN');
$ip['data']['guo'] = $data[0];
$ip['data']['sheng'] = $data[1];
$ip['data']['shi'] = $data[2];
}
return $ip;
}
// 开始事务模式
public function shiwu_start(){
if(empty($this->conf['shiwu'])){
throw new Exception('未开启事务模式!');
}else if($this->conf['shiwu'] == 2){
//$shiwu_sql1 = "start transaction";
//$query_sql1 = $this->za->mysqlquery( $shiwu_sql1 );
$shiwu_sql3 = "BEGIN";
$query_sql3 = $this->za->mysqlquery( $shiwu_sql3 );
$shiwu_sql2 = "SET AUTOCOMMIT=0";
$query_sql2 = $this->za->mysqlquery( $shiwu_sql2 );
}
}
// 事务保存
public function shiwu_ok(){
if(empty($this->conf['shiwu'])){
throw new Exception('未开启事务模式!');
}else if($this->conf['shiwu'] == 2){
$shiwu_sql2 = "COMMIT";
$query_sql2 = $this->za->mysqlquery( $shiwu_sql2 );
$shiwu_sql1 = "SET AUTOCOMMIT=1";
$query_sql1 = $this->za->mysqlquery( $shiwu_sql1 );
}
}
// 事务退回
public function shiwu_back(){
if(empty($this->conf['shiwu'])){
throw new Exception('未开启事务模式!');
}else if($this->conf['shiwu'] == 2){
$shiwu_sql2 = "ROLLBACK";
$query_sql2 = $this->za->mysqlquery( $shiwu_sql2 );
$shiwu_sql1 = "SET AUTOCOMMIT=1";
$query_sql1 = $this->za->mysqlquery( $shiwu_sql1 );
}else{
//$db = $this->moneylog->get(2);
//echo "888";print_r($db);
print_r($this->_class_list);
}
}
// 检查IP
private function check_ip() {
// IP 规则
if($this->conf['iptable_on']) {
$arr = include BBS_PATH.'conf/iptable.php';
$blacklist = $arr['blacklist'];
$whitelist = $arr['whitelist'];
$ip = $_SERVER['REMOTE_ADDR'];
if(!empty($blacklist)) {
foreach($blacklist as $black) {
if(substr($ip, 0, strlen($black)) == $black) {
$this->message('对不起,您的IP ['.$ip.'] 已经被禁止,如果有疑问,请联系管理员。', 0);
}
}
}
if(!empty($whitelist)) {
$ipaccess = FALSE;
foreach($whitelist as $white) {
if(substr($ip, 0, strlen($white)) == $white) {
$ipaccess = TRUE;
break;
}
}
if(!$ipaccess) {
$this->message('对不起,您的IP ['.$ip.'] 不允许访问,如果有疑问,请联系管理员。', 0);
}
}
}
}
//加载语言包
private function check_lang() {
$this->site_lang = "";
$uri = $this->za->url_uri();
if(empty($uri['lang'])){
$this->site_lang = $lang = "cn";
}else{
$this->site_lang = $lang = $uri['lang'];
}
$langfile = BBS_PATH.'conf/'.$lang.'.php';
if(!file_exists($langfile)){
$langfile = BBS_PATH.'conf/cn.php';
}
include $langfile;
$this->langs = $langs;
$this->view->assign('site_lang', $this->site_lang);
$this->view->assign('langs', $langs);
}
// 检查域名,如果不在安装域名下,跳转到安装域名。
private function check_domain() {
$host = core::gpc('HTTP_HOST', 'S');
if($host != $m[1] and $host != $installhosts) {
$currurl = misc::get_script_uri();
$newurl = preg_replace('#^http://([^/]+)/#', "http://$installhost/", $currurl);
header("Location: $newurl");
exit;
}
}
private function init_cron() {
}
/*
* 功 能:
* 提示单条信息
*
* 用 法:
$this->message('站点维护中,请稍后访问!');
$this->message('提交成功!', TRUE, '?index-123.htm');
$this->message('校验错误!', FALSE);
*/
public function message($message, $status = 1, $goto = '') {
if(core::gpc('ajax', 'R')) {
// 可能为窗口,也可能不为。
$json = array('servererror'=>'', 'status'=>$status, 'message'=>$message);
echo core::json_encode($json);
exit;
} else {
$this->conf['view_path'] = array(BBS_PATH.'framework/errorpage/');
$this->view->assign('message', $message);
$this->view->assign('status', $status);
$this->view->assign('goto', $goto);
$this->view->display('message.htm');
exit;
}
}
/*
* 功 能:
* 提示错误或者警告或者正常信息
*
* 用 法:
$error = array(
'stuat' = 1,//状态,1为成功,2为失败,3为警告
'info' = '充值成功!',//状态内容,例如:充值成功!
);
$this->error($error);
*/
public function error($error) {
if($error['stuat'] == 1){
$error['stuat'] = "success";
}else if($error['stuat'] == 2){
$error['stuat'] = "error";
}else if($error['stuat'] == 3){
$error['stuat'] = "warning";
}else{
$error['stuat'] = "error";
}
$this->view->assign('error', $error);
$this->view->display('msg.htm');
exit;
}
// relocation
public function location($url) {
header("Location: ".$url);
exit;
}
public function form_submit() {
return misc::form_submit($this->conf['public_key']);
}
// --------------------------> 权限相关和公共的方法
// 检查是否登录
public function check_login() {
ob_start();
session_start();
if(empty($this->_user['id'])) {
$_SESSION['two_password'] = '';
$url = "http://".core::gpc('HTTP_HOST', 'S').core::gpc('REQUEST_URI', 'S');
echo "";
exit;
header("Location: ./");
exit;
//$this->message('您还没有登录,请先登录。', -1); // .print_r($_COOKIE, 1)
}
}
// 检查是否登录,登陸則返回首頁
public function logincheck() {
if(!empty($this->_user['id'])) {
$url = "http://".core::gpc('HTTP_HOST', 'S').core::gpc('REQUEST_URI', 'S');
header("Location: ./");
exit;
//$this->message('您还没有登录,请先登录。', -1); // .print_r($_COOKIE, 1)
}
}
protected function check_user_exists($user) {
if(empty($user)) {
$this->message('用户不存在!可能已经被删除。', 0);
}
}
// upload 相关,可能会给人偶然扫描到。todo: 安全性
protected function get_aid_from_tmp($uid) {
$file = $this->conf['tmp_path'].$uid.'_aids.tmp';
if(!is_file($file)) {
return array();
}
$aids = trim(file_get_contents($file));
return explode(' ', $aids);
}
// upload 相关
protected function clear_aid_from_tmp($uid) {
$file = $this->conf['tmp_path'].$uid.'_aids.tmp';
is_file($file) && unlink($file);
}
protected function check_user_delete($user) {
if(empty($user)) {
misc::set_cookie($this->conf['cookiepre'].'auth', '', 0, '/');
$this->message('您的账户已经被删除。', 0);
}
}
protected function check_msg() {
if(!empty($this->_admin["id"])){
$msgstuat = $msgnum = 0;
$systemmsg = $this->admins->systemmsg();
if(count($systemmsg) >= 1){
$msgnum = count($systemmsg);
$msgstuat = 1;
}
$this->view->assign('systemmsg', $systemmsg);
$this->view->assign('msgstuat', $msgstuat);
$this->view->assign('msgnum', $msgnum);
}
}
public function pay_api($class = '') {
if(!empty($class)){
$file = BBS_PATH.'api/'.$class.'.pay.php';
if(is_file($file)) {
include_once $file;
$this->$class = new $class();
}else{
$this->$class = array();
}
}else{
$this->$class = array();
}
}
//获得加载指定模式文件路径
public function load_pattern($pattern_id, $file) {
$pattern_file = BBS_PATH.'pattern/'.$pattern_id.'/'.$file.'.php';
if(is_file($pattern_file)){
return $pattern_file;
}else if(is_file(BBS_PATH.'pattern/0/'.$file.'.php')){
return BBS_PATH.'pattern/0/'.$file.'.php';
}else{
return '';
//throw new Exception('模式文件:'.$file.'不存在!');
}
}
public function c($class = '') {
if(!empty($class)) {
$file = BBS_PATH.'class/'.$class.'.class.php';
if(is_file($file)) {
include_once $file;
if(!empty($this->conf['shiwu']) and empty($this->_class_list[$class])){
$this->_class_list[$class] = $_SERVER['time'];
}
$this->$class = new $class();
}else{
$this->$class = array();
}
}else{
$this->$class = array();
}
}
public function m($models = '', $model = 'model') {
if($model == 'model'){
$class_name = $models;
}else{
$class_name = $model;
}
if(!empty($this->conf['shiwu']) and empty($this->_class_list[$class_name])){
$this->_class_list[$class_name] = $_SERVER['time'];
}
$this->$class_name = $this->mcache->m($models, $model);
}
public function check_mobileapi() {
$error = array();
$imei = core::gpc('imei', 'P');
$timestamp = core::gpc('timestamp', 'P');
$apicode = core::gpc('apicode', 'P');
if(empty($imei) or empty($timestamp) or empty($apicode)){
$error = array(
'status' => 2,
'msg' => '参数缺失,请勿尝试非法操作!',
);
}else{
$md5_code = md5($imei.$timestamp.$this->conf['mobileapi_md5code']);
if($md5_code != $apicode){
$error = array(
'status' => 2,
'msg' => '请勿尝试非法操作!',
);
}
}
if(!empty($error)){
echo json_encode($error);
exit;
}
}
public function check_mobile_user() {
$error = array();
$token = core::gpc('token', 'P');
$username = core::gpc('username', 'P');
if(empty($token) or empty($username)){
$error = array(
'status' => 2,
'msg' => '参数缺失,请勿尝试非法操作!',
);
}else{
$this->m('user');
$user_list = $this->user->index_fetch(array('username' => $username), array('id' => 2), 0, 1);
if(count($user_list) >= 1){
list($userk, $user) = each($user_list);
$md5_code = md5($user['id'].$user['username'].$user['password']);
if($md5_code != $token){
$error = array(
'status' => 2,
'msg' => '非法操作!',
);
}else{
$this->_user = $user;
}
}else{
$error = array(
'status' => 2,
'msg' => '非法操作!',
);
}
}
if(!empty($error)){
echo json_encode($error);
exit;
}
}
}
?>') |