php discuz核心类函数分析

 *      [Discuz!] (C)2001-2099 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *      $Id: class_core.php 6914 2010-03-26 12:52:36Z cnteacher $
///TODO 是将要完成的功能,包括禁止ip和禁止访问 
//TODO 禁止ip 
//TODO 禁止访问 
define('IN_DISCUZ', true); 
 * Discuz 核心引擎
 * 其他处理代码当中用到的变量不要在本核心 new 之前设置, 否则会自动清空
class discuz_core { 
    // 数据库存储引擎 
    var $db = null; 
    // 内存缓冲object 
    var $mem = null; 
    // 会话 object 
    var $session = null; 
    // 程序配置 
    var $config = array(); 
    // $_G 数组的映射 
    var $var = array(); 
    // 加载缓存的数组 
    var $cachelist = array(); 
    // 是否初始化 
    var $init_setting = true; //设置 
    var $init_user = true;//用户 
    var $init_session = true;//会话 
    var $init_cron = true;//任务计划 
    var $init_misc = true;//其他功能 
    var $init_memory = true;//内存 
    // 是否已经初始化 
    var $initated = false; 
    var $superglobal = array( 
        'GLOBALS' => 1, 
        '_GET' = 1, 
        '_POST' = 1, 
        '_REQUEST' = 1, 
        '_COOKIE' = 1, 
        '_SERVER' = 1, 
        '_ENV' = 1, 
        '_FILES' = 1, 
    function &instance() { 
        static $object; 
        if(empty($object)) { 
            $object = new discuz_core(); 
        return $object; 
    function discuz_core() { 
    function init() { 
        if(!$this->initated) { 
        $this->initated = true; 
    function _init_env() { 
        error_reporting(E_ALL ^ E_NOTICE); 
//        error_reporting(E_ALL); 
        ///php 5.3前则关闭魔法引号匹配(自动转义) 
        if(phpversion()             set_magic_quotes_runtime(0); 
        ///程序主目录,根据核心文件确定,原来是-7 代表在include下,现在是12代表在source/class下 
        define('DISCUZ_ROOT', substr(dirname(__FILE__), 0, -12)); 
        define('MAGIC_QUOTES_GPC', function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()); 
        define('ICONV_ENABLE', function_exists('iconv')); 
        ///亚洲字符转码函数是否存在, 因为mb_开头字符处理亚洲字符会比较高效,初步判断用于转码时先用mb_来处理: 
        define('MB_ENABLE', function_exists('mb_convert_encoding')); 
        define('EXT_OBGZIP', function_exists('ob_gzhandler')); 
        define('TIMESTAMP', time()); 
        if(!defined('DISCUZ_CORE_FUNCTION') && !@include(DISCUZ_ROOT.'./source/function/function_core.php')) { 
            $this->error('function_core.php is missing'); 
        define('IS_ROBOT', checkrobot()); 
        foreach ($GLOBALS as $key = $value) { 
            if (!isset($this->superglobal[$key])) { 
                $GLOBALS[$key] = null; unset($GLOBALS[$key]); 
        // 配置全局变量 
        global $_G; 
        $_G = array( 
            'uid' = 0, 
            'username' = '', 
            'adminid' = 0, 
            'groupid' = 1, 
            'sid' = '', 
            'formhash' = '', 
            'timestamp' = TIMESTAMP, 
            'starttime' = dmicrotime(), 
            'clientip' = $this->_get_client_ip(), 
            'referer' = '', 
            'charset' = '', 
            'gzipcompress' = '', 
            'authkey' = '', 
            'timenow' = array(), 
            'PHP_SELF' = '', 
            'siteurl' = '', 
            'config' = array(), 
            'setting' = array(), 
            'member' = array(), 
            'group' = array(), 
            'cookie' = array(), 
            'style' = array(), 
            'cache' = array(), 
            'session' = array(), 
            'lang' = array(), 
            'my_app' = array(),//默认应用 
            'my_userapp' = array(),//用户自添加应用 
            'fid' = 0, 
            'tid' = 0, 
            'forum' = array(), 
            'rssauth' = '', 
            //uch 全局定义 
            'home' = array(), 
            'space' = array(), 
            //portal 全局定义 
            'block' = array(), 
            'article' = array(), 
            'action' = array( 
                'action' = APPTYPEID, 
                'fid' = 0, 
                'tid' = 0, 
        $_G['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']); 
        $_G['basescript'] = CURSCRIPT; 
        $_G['siteurl'] = htmlspecialchars('http://'.$_SERVER['HTTP_HOST'].preg_replace("/\/+(api)?\/*$/i", '', substr($_G['PHP_SELF'], 0, strrpos($_G['PHP_SELF'], '/'))).'/'); 
        $this->var = & $_G; 
    function _init_input() { 
        //note 禁止对全局变量注入 
        if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) { 
        if(!empty($_GET['rewrite'])) { 
            $query_string = '?mod='; 
            $param = explode('-', $_GET['rewrite']); 
            $query_string .= $_GET['mod'] = $param[0]; 
            $paramc = count($param); 
            for($i = 0;$i                 $_REQUEST[$param[$i]] = $_GET[$param[$i]] = $param[$i + 1]; 
                $query_string .= '&'.$param[$i].'='.$param[$i + 1]; 
            $_SERVER['QUERY_STRING'] = $query_string; 
            unset($param, $paramc, $query_string); 
        // slashes 处理,如果没有魔法引号处理(自动转义),则手动转义GET/POST/COOKIE/FILES中的单双引号、null反斜线\ 
        if(!MAGIC_QUOTES_GPC) { 
            $_GET = daddslashes($_GET); 
            $_POST = daddslashes($_POST); 
            $_COOKIE = daddslashes($_COOKIE); 
            $_FILES = daddslashes($_FILES); 
        //cookie 处理 
        $prelength = strlen($this->config['cookie']['cookiepre']); 
        foreach($_COOKIE as $key = $val) { 
            if(substr($key, 0, $prelength) == $this->config['cookie']['cookiepre']) { 
                $this->var['cookie'][substr($key, $prelength)] = $val; 
        $_GET['diy'] = empty($_GET['diy']) ? '' : $_GET['diy']; 
        foreach(array_merge($_POST, $_GET) as $k = $v) { 
            $this->var['gp_'.$k] = $v; 
        $this->var['mod'] = empty($this->var['gp_mod']) ? '' : htmlspecialchars($this->var['gp_mod']); 
        $this->var['inajax'] = empty($this->var['gp_inajax']) ? 0 : ($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || $_SERVER['REQUEST_METHOD'] == 'POST' ? 1 : 0); 
        $this->var['page'] = empty($this->var['gp_page']) ? 1 : max(1, intval($this->var['gp_page'])); 
        $this->var['sid'] = $this->var['cookie']['sid'] = isset($this->var['cookie']['sid']) ? htmlspecialchars($this->var['cookie']['sid']) : ''; 
    function _init_config() { 
        $_config = array(); 
        @include DISCUZ_ROOT.'./config/config_global.php'; 
        if(empty($_config)) { 
        $_config['security']['authkey'] = empty($config['security']['authkey']) ? md5($_config['cookie']['cookiepre'].$_config['db'][1]['dbname']) : ($config['security']['authkey']); 
        $this->config = & $_config; 
        if(empty($this->config['debug']) || !file_exists(libfile('function/debug'))) { 
            define('DISCUZ_DEBUG', false); 
        } elseif($this->config['debug'] === 1 || $this->config['debug'] === 2 || !empty($_REQUEST['debug']) && $_REQUEST['debug'] === $this->config['debug']) { 
            define('DISCUZ_DEBUG', true); 
            if($this->config['debug'] == 2) { 
        $GLOBALS['_G']['config'] = & $this->config; 
        $GLOBALS['_G']['authkey'] = md5($this->config['security']['authkey'].$_SERVER['HTTP_USER_AGENT']); 
    function _init_output() { 
        ///如果设置中打开xss跨站脚本的防御模式,且网址中存在"         if($this->config['security']['urlxssdefend'] && !empty($_SERVER['REQUEST_URI'])) { 
            $temp = urldecode($_SERVER['REQUEST_URI']); 
            if(strpos($temp, '                 error('request_tainting'); 
        if($this->config['output']['gzip'] && EXT_OBGZIP) { 
            setglobal('gzipcompress', true); 
        } else { 
            setglobal('gzipcompress', false); 
        if($this->config['output']['forceheader']) { 
            @header('Content-Type: text/html; charset='.$this->config['output']['charset']); 
        setglobal('charset', $this->config['output']['charset']); 
        define('CHARSET', $this->config['output']['charset']); 
    function reject_robot() { 
        if(IS_ROBOT) { 
            exit(header("HTTP/1.1 403 Forbidden")); 
    function _get_client_ip() { 
        $clientip = ''; 
        if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) { 
            $clientip = getenv('HTTP_CLIENT_IP'); 
        } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) { 
            $clientip = getenv('HTTP_X_FORWARDED_FOR'); 
        } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) { 
            $clientip = getenv('REMOTE_ADDR'); 
        } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) { 
            $clientip = $_SERVER['REMOTE_ADDR']; 
        preg_match("/[\d\.]{7,15}/", $clientip, $clientipmatches); 
        $clientip = $clientipmatches[0] ? $clientipmatches[0] : 'unknown'; 
        return $clientip; 
    function _init_db() { 
        $this->db = & DB::object(); 
    function _init_session() { 
        $this->session = new discuz_session(); 
            $this->session->init($this->var['cookie']['sid'], $this->var['clientip'], $this->var['uid']); 
            $this->var['sid'] = $this->session->sid; 
            $this->var['session'] = $this->session->var; 
            if($this->var['sid'] != $this->var['cookie']['sid']) { 
                dsetcookie('sid', $this->var['sid'], 86400); 
            // 首次登陆更新最后访问时间,每隔 10 分钟更新用户最后动作时间 
            if($this->var['uid'] && ($this->session->isnew || ($this->session->get('lastactivity') + 600)  
                $this->session->set('lastactivity', TIMESTAMP); 
                $update = array('lastip' = $this->var['clientip'], 'lastactivity' = TIMESTAMP); 
                if($this->session->isnew) { 
                    $update['lastvisit'] = TIMESTAMP; 
                DB::update('common_member_status', $update, "uid='".$this->var['uid']."'"); 
    function _init_user() { 
        if($this->init_user) { 
            if($auth = getglobal('auth', 'cookie')) { 
                $auth = daddslashes(explode("\t", authcode($auth, 'DECODE'))); 
            list($discuz_pw, $discuz_uid) = empty($auth) || count($auth)  
            if($discuz_uid) { 
                $user = getuserbyuid($discuz_uid); 
            if(!empty($user) && $user['password'] == $discuz_pw) { 
                $this->var['member'] = $user; 
            } else { 
                $user = array(); 
            $this->cachelist[] = 'usergroup_'.$this->var['member']['groupid']; 
            if($user && $user['adminid']  0 && $user['groupid'] != $user['adminid']) { 
                $this->cachelist[] = 'admingroup_'.$this->var['member']['adminid']; 
        } else { 
        if(empty($this->var['cookie']['lastvisit'])) { 
            $this->var['member']['lastvisit'] = TIMESTAMP - 3600; 
            dsetcookie('lastvisit', TIMESTAMP - 3600, 86400 * 30); 
        } else { 
            $this->var['member']['lastvisit'] = empty($this->var['cookie']['lastvisit']); 
        setglobal('uid', getglobal('uid', 'member')); 
        setglobal('username', addslashes(getglobal('username', 'member'))); 
        setglobal('adminid', getglobal('adminid', 'member')); 
        setglobal('groupid', getglobal('groupid', 'member')); 
    function _init_guest() { 
        setglobal('member', array( 'uid' = 0, 'username' = '', 'groupid' = 7, 'credits' = 0, 'timeoffset' = 9999)); 
    function _init_cron() { 
        if($this->init_cron && $this->init_setting) { 
            if($this->var['cache']['cronnextrun']                 discuz_cron::run(); 
    function _init_misc() { 
        if(!$this->init_misc) { 
            return false; 
        // 调入核心语言包 
        if($this->init_setting && $this->init_user) { 
            if(!isset($this->var['member']['timeoffset']) || $this->var['member']['timeoffset'] == 9999 || $this->var['member']['timeoffset'] === '') { 
                $this->var['member']['timeoffset'] = $this->var['setting']['timeoffset']; 
        $timeoffset = $this->init_setting ? $this->var['member']['timeoffset'] : $this->var['setting']['timeoffset']; 
        $this->var['timenow'] = array( 
            'time' = dgmdate(TIMESTAMP), 
            'offset' = $timeoffset = 0 ? ($timeoffset == 0 ? '' : '+'.$timeoffset) : $timeoffset 
        $this->var['formhash'] = formhash(); 
        define('FORMHASH', $this->var['formhash']); 
        // 定义风格常量 
        if(is_array($this->var['style'])) { 
            foreach ($this->var['style'] as $key = $val) { 
                $key = strtoupper($key); 
                if(!defined($key) && !is_array($val)) { 
                    define($key, $val); 
        if($this->var['setting']['**losed'] && !(in_array($this->var['mod'], array('logging', 'seccode')) || getglobal('adminid', 'member') == 1)) { 
            $closedreason = DB::result_first("SELECT svalue FROM ".DB::table('common_setting')." WHERE skey='closedreason'"); 
            showmessage($closedreason ? $closedreason : 'board_closed', NULL, array(), array('login' = 1)); 
        $this->var['tpp'] = $this->var['setting']['topicperpage'] ? intval($this->var['setting']['topicperpage']) : 20; 
        $this->var['ppp'] = $this->var['setting']['postperpage'] ? intval($this->var['setting']['postperpage']) : 10; 
        if($this->var['setting']['nocacheheaders']) { 
            @header("Expires: -1"); 
            @header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE); 
            @header("Pragma: no-cache"); 
        $lastact = TIMESTAMP."\t".htmlspecialchars(basename($this->var['PHP_SELF']))."\t".htmlspecialchars($this->var['mod']); 
        dsetcookie('lastact', $lastact, 86400); 
    function _init_setting() { 
        if($this->init_setting) { 
            if(empty($this->var['setting'])) { 
                $this->cachelist[] = 'setting'; 
            if(empty($this->var['style'])) { 
                $this->cachelist[] = 'style_default'; 
            if(!isset($this->var['cache']['cronnextrun'])) { 
                $this->cachelist[] = 'cronnextrun'; 
        !empty($this->cachelist) && loadcache($this->cachelist); 
        if(!is_array($this->var['setting'])) { 
            $this->var['setting'] = array(); 
        if($this->var['member'] && $this->var['member']['adminid']  0 && $this->var['member']['groupid'] != $this->var['member']['adminid'] && !empty($this->var['cache']['admingroup_'.$this->var['member']['adminid']])) { 
            $this->var['group'] = array_merge($this->var['group'], $this->var['cache']['admingroup_'.$this->var['member']['adminid']]); 
    function _init_memory() { 
        $this->mem = new discuz_memory(); 
        if($this->init_memory) { 
        $this->var['memory'] = $this->mem->type; 
    function timezone_set($timeoffset = 0) { 
        if(function_exists('date_default_timezone_set')) { 
            @date_default_timezone_set('Etc/GMT'.($timeoffset  0 ? '-' : '+').(abs($timeoffset))); 
    function error($msg, $halt = true) { 
        echo $msg; 
        $halt && exit(); 
    function error_log($message) { 
        $time = date("Y-m-d H:i:s", TIMESTAMP); 
        $file =  DISCUZ_ROOT.'./data/log/errorlog_'.date("Ym").'.txt'; 
        $message = "\n#{$time}:\t".str_replace(array("\t", "\r", "\n"), " ", $message); 
        error_log($message, 3, $file); 

 * Discuz MySQL 类的支持 
class db_mysql 

    var $tablepre; 
    var $version = ''; 
    var $querynum = 0; 
    var $curlink; 
    var $link = array(); 
    var $config = array(); 
    var $sqldebug = array(); 
    function db_mysql($config = array()) { 
        if(!empty($config)) { 
    function set_config($config) { 
        $this->config = &$config; 
        $this->tablepre = $config['1']['tablepre']; 
    function connect() { 
        if(empty($this->config) || empty($this->config[1])) { 
        foreach ($this->config as $id = $config) { 
            $this->link[$id] = $this->_dbconnect( 
        $this->curlink = $this->link[1]; 
    function _dbconnect($dbhost, $dbuser, $dbpw, $dbcharset, $dbname, $pconnect) { 
        $link = null; 
        $func = empty($pconnect) ? 'mysql_connect' : 'mysql_pconnect'; 
        if(!$link = @$func($dbhost, $dbuser, $dbpw, 1)) { 
        } else { 
            $this->curlink = $link; 
            if($this->version()  '4.1') { 
                $serverset = $dbcharset ? 'character_set_connection='.$dbcharset.', character_set_results='.$dbcharset.', character_set_client=binary' : ''; 
                $serverset .= $this->version()  '5.0.1' ? ((empty($serverset) ? '' : ',').'sql_mode=\'\'') : ''; 
                $serverset && mysql_query("SET $serverset", $link); 
            $dbname && @mysql_select_db($dbname, $link); 
        return $link; 
    function table_name($tablename) { 
        return $this->tablepre.$tablename; 
    function select_db($dbname) { 
        return mysql_select_db($dbname, $this->curlink); 
    function fetch_array($query, $result_type = MYSQL_ASSOC) { 
        return mysql_fetch_array($query, $result_type); 
    function fetch_first($sql) { 
        return $this->fetch_array($this->query($sql)); 
    function result_first($sql) { 
        return $this->result($this->query($sql), 0); 
    function query($sql, $type = '') { 
        if(defined('DISCUZ_DEBUG') && DISCUZ_DEBUG) { 
            $starttime = dmicrotime(); 
        $func = $type == 'UNBUFFERED' && @function_exists('mysql_unbuffered_query') ? 
        'mysql_unbuffered_query' : 'mysql_query'; 
        if(!($query = $func($sql, $this->curlink))) { 
            if(in_array($this->errno(), array(2006, 2013)) && substr($type, 0, 5) != 'RETRY') { 
                return $this->query($sql, 'RETRY'.$type); 
            if($type != 'SILENT' && substr($type, 5) != 'SILENT') { 
                $this->halt('query_error', $sql); 
        if(defined('DISCUZ_DEBUG') && DISCUZ_DEBUG) { 
            $this->sqldebug[] = array($sql, number_format((dmicrotime() - $starttime), 6), debug_backtrace()); 
        return $query; 
    function affected_rows() { 
        return mysql_affected_rows($this->curlink); 
    function error() { 
        return (($this->curlink) ? mysql_error($this->curlink) : mysql_error()); 
    function errno() { 
        return intval(($this->curlink) ? mysql_errno($this->curlink) : mysql_errno()); 
    function result($query, $row = 0) { 
        $query = @mysql_result($query, $row); 
        return $query; 
    function num_rows($query) { 
        $query = mysql_num_rows($query); 
        return $query; 
    function num_fields($query) { 
        return mysql_num_fields($query); 
    function free_result($query) { 
        return mysql_free_result($query); 
    function insert_id() { 
        return ($id = mysql_insert_id($this->curlink)) = 0 ? $id : $this->result($this->query("SELECT last_insert_id()"), 0); 
    function fetch_row($query) { 
        $query = mysql_fetch_row($query); 
        return $query; 
    function fetch_fields($query) { 
        return mysql_fetch_field($query); 
    function version() { 
        if(empty($this->version)) { 
            $this->version = mysql_get_server_info($this->curlink); 
        return $this->version; 
    function close() { 
        return mysql_close($this->curlink); 
    function halt($message = '', $sql = '') { 
        global $_G; 
        $dberror = $this->error(); 
        $dberrno = $this->errno(); 
        $phperror = '

        foreach (debug_backtrace() as $error) { 
            $error['file'] = str_replace(DISCUZ_ROOT, '', $error['file']); 
            $error['class'] = isset($error['class']) ? $error['class'] : ''; 
            $error['type'] = isset($error['type']) ? $error['type'] : ''; 
            $error['function'] = isset($error['function']) ? $error['function'] : ''; 
            $phperror .= ""; 
        $phperror .= '
File Line Function
$error[file] $error[line] $error[class]$error[type]$error[function]()
        $helplink = "http://faq.comsenz.com/?type=mysql&dberrno=".rawurlencode($dberrno)."&dberror=".rawurlencode($dberror); 
        @header('Content-Type: text/html; charset='.$_G['config']['output']['charset']); 
        echo '
        error('db_error', array( 
            '$message' = error('db_'.$message, array(), true), 
            '$info' = $dberror ? error('db_error_message', array('$dberror' = $dberror), true) : '', 
            '$sql' = $sql ? error('db_error_sql', array('$sql' = $sql), true) : '', 
            '$errorno' = $dberrno ? error('db_error_no', array('$dberrno' = $dberrno), true) : '', 
            '$helplink' = $helplink, 
            ), true); 
        echo "PHP Backtrace

 * 对Discuz CORE 中 DB Object中的主要方法进行二次封装,方便程序调用
class DB 

     * 返回表名(pre_$table)
     * @param 原始表名 $table
     * @return 增加pre之后的名字
    function table($table) { 
        $a = & DB::object(); 
        return $a->table_name($table); 
     * 删除一条或者多条记录
     * @param string $table 原始表名
     * @pa
