在includes/init.php目录下
因为工作原因,需要对ecshop二次开发,顺便记录一下对ecshop源代码的一些分析:
首先是init.php文件,这个文件在ecshop每个页面都会 调用到,习惯就先分析它:
<br /><?<span>php </span><span>/*</span><span>* * ECSHOP 前台公用文件 </span><span>*/</span> <span>//</span><span>防止非法调用 defined-判断常量是否已定义,如果没返回false</span> <span>if</span> (!<span>defined</span>('IN_ECS'<span>)) { </span><span>die</span>('Hacking attempt');<span>//</span><span>die-直接终止程序并输出</span> <span>} </span><span>//</span><span>报告所有错误</span> <span>error_reporting</span>(<span>E_ALL</span><span>); </span><span>//</span><span>如果获取不到本文件</span> <span>if</span> (<span>__FILE__</span> == ''<span>) { </span><span>die</span>('Fatal error code: 0'<span>); } </span><span>/*</span><span>预定义常量 __LINE__ 文件中的当前行号。 __FILE__ 文件的完整路径和文件名。 __FUNCTION__ 函数名称(这是 PHP 4.3.0 新加的)。 __CLASS__ 类的名称(这是 PHP 4.3.0 新加的)。 __METHOD__ 类的方法名(这是 PHP 5.0.0 新加的)。 </span><span>*/</span> <span>/*</span><span> 取得当前商城所在的根目录 </span><span>*/</span> <span>define</span>('ROOT_PATH', <span>str_replace</span>('includes/init.php', '', <span>str_replace</span>('\\', '/', <span>__FILE__</span><span>))); </span><span>//</span><span>检测是否已安装</span> <span>if</span> (!<span>file_exists</span>(ROOT_PATH . 'data/install.lock') && !<span>file_exists</span>(ROOT_PATH . 'includes/install.lock'<span>) </span>&& !<span>defined</span>('NO_CHECK_INSTALL'<span>)) { </span><span>header</span>("Location: ./install/index.php\n"<span>); </span><span>exit</span><span>; } </span><span>/*</span><span> 初始化设置 </span><span>*/</span><span> @</span><span>ini_set</span>('memory_limit', '64M');<span>//</span><span>ini_set设置php.ini中的设置,memory_limit设定一个脚本所能够申请到的最大内存字节数</span> @<span>ini_set</span>('session.cache_expire', 180);<span>//</span><span>指定会话页面在客户端cache中的有效期限(分钟),单位为分钟。</span> @<span>ini_set</span>('session.use_trans_sid', 0);<span>//</span><span>关闭自动把session id嵌入到web的URL中</span> @<span>ini_set</span>('session.use_cookies', 1);<span>//</span><span>允许使用cookie在客户端保存会话ID</span> @<span>ini_set</span>('session.auto_start', 0);<span>//</span><span>在客户访问任何页面时都自动初始化会话,0-禁止</span> @<span>ini_set</span>('display_errors', 1);<span>//</span><span>是否显示错误</span> <span>if</span> (DIRECTORY_SEPARATOR == '\\')<span>//</span><span>如果装在windows上(DIRECTORY_SEPARATOR路径分隔符,linux上就是’/’ windows上是’\’)</span> <span>{ @</span><span>ini_set</span>('include_path', '.;' . ROOT_PATH);<span>//</span><span>include目录为当前目录和网站根目录,windows下用';'分隔</span> <span>} </span><span>else</span><span> { @</span><span>ini_set</span>('include_path', '.:' . ROOT_PATH);<span>//</span><span>include目录为当前目录和网站根目录,linux下用':'分隔</span> <span>} </span><span>require</span>(ROOT_PATH . 'data/config.php');<span>//</span><span>包含配置文件(数据库相关)</span> <span>if</span> (<span>defined</span>('DEBUG_MODE') == <span>false</span>)<span>//</span><span>如果常量DEBUG_MODE没有定义则定义为0,DEBUG_MODE用于设置ecshp的使用模式</span> <span>{ </span><span>define</span>('DEBUG_MODE', 0<span>); } </span><span>//</span><span>设定用于所有日期时间函数的默认时区</span> <span>if</span> (<span>PHP_VERSION</span> >= '5.1' && !<span>empty</span>(<span>$timezone</span><span>)) { date_default_timezone_set(</span><span>$timezone</span>);<span>//</span><span>date_default_timezone_set 设置时区</span> <span>} </span><span>//</span><span>$_SERVER['PHP_SELF']返回当前页面,获取$_SERVER['PHP_SELF']最好用htmlspecialchars过滤一下,存在XSS漏洞</span> <span>$php_self</span> = <span>isset</span>(<span>$_SERVER</span>['PHP_SELF']) ? <span>$_SERVER</span>['PHP_SELF'] : <span>$_SERVER</span>['SCRIPT_NAME'<span>]; </span><span>if</span> ('/' == <span>substr</span>(<span>$php_self</span>, -1))<span>//</span><span>如果是"/"结尾,则加上index.php</span> <span>{ </span><span>$php_self</span> .= 'index.php'<span>; } </span><span>define</span>('PHP_SELF', <span>$php_self</span>);<span>//</span><span>放入常量</span> <span>require</span>(ROOT_PATH . 'includes/inc_constant.php');<span>//</span><span>包含预定义常量文件</span> <span>require</span>(ROOT_PATH . 'includes/cls_ecshop.php');<span>//</span><span>基础类 文件</span> <span>require</span>(ROOT_PATH . 'includes/cls_error.php');<span>//</span><span>错误类 文件</span> <span>require</span>(ROOT_PATH . 'includes/lib_time.php');<span>//</span><span>时间函数</span> <span>require</span>(ROOT_PATH . 'includes/lib_base.php');<span>//</span><span>基础函数库</span> <span>require</span>(ROOT_PATH . 'includes/lib_common.php');<span>//</span><span>基础函数库</span> <span>require</span>(ROOT_PATH . 'includes/lib_main.php');<span>//</span><span>公用函数库</span> <span>require</span>(ROOT_PATH . 'includes/lib_insert.php');<span>//</span><span>动态内容函数库</span> <span>require</span>(ROOT_PATH . 'includes/lib_goods.php');<span>//</span><span>商品相关函数库</span> <span>require</span>(ROOT_PATH . 'includes/lib_article.php');<span>//</span><span>文章及文章分类相关函数库</span> <span>/*</span><span> 对用户传入的变量进行转义操作。</span><span>*/</span> <span>if</span> (!<span>get_magic_quotes_gpc</span><span>()) { </span><span>if</span> (!<span>empty</span>(<span>$_GET</span><span>)) { </span><span>$_GET</span> = addslashes_deep(<span>$_GET</span><span>); } </span><span>if</span> (!<span>empty</span>(<span>$_POST</span><span>)) { </span><span>$_POST</span> = addslashes_deep(<span>$_POST</span><span>); } </span><span>$_COOKIE</span> = addslashes_deep(<span>$_COOKIE</span><span>); </span><span>$_REQUEST</span> = addslashes_deep(<span>$_REQUEST</span><span>); } </span><span>/*</span><span> 创建 ECSHOP 对象 </span><span>*/</span> <span>$ecs</span> = <span>new</span> ECS(<span>$db_name</span>, <span>$prefix</span>);<span>//</span><span>参数说明:数据库名 表前缀</span> <span>define</span>('DATA_DIR', <span>$ecs</span>->data_dir());<span>//</span><span>数据目录</span> <span>define</span>('IMAGE_DIR', <span>$ecs</span>->image_dir());<span>//</span><span>图片目录</span> <span>/*</span><span> 初始化数据库类 </span><span>*/</span> <span>require</span>(ROOT_PATH . 'includes/cls_mysql.php'<span>); </span><span>$db</span> = <span>new</span> cls_mysql(<span>$db_host</span>, <span>$db_user</span>, <span>$db_pass</span>, <span>$db_name</span><span>); </span><span>/*</span><span> 设置不允许进行缓存的表 </span><span>*/</span> <span>$db</span>->set_disable_cache_tables(<span>array</span>(<span>$ecs</span>->table('sessions'), <span>$ecs</span>->table('sessions_data'), <span>$ecs</span>->table('cart'<span>))); </span><span>$db_host</span> = <span>$db_user</span> = <span>$db_pass</span> = <span>$db_name</span> = <span>NULL</span><span>; </span><span>/*</span><span> 创建错误处理对象 </span><span>*/</span> <span>$err</span> = <span>new</span> ecs_error('message.dwt'<span>); </span><span>/*</span><span> 载入系统参数 </span><span>*/</span> <span>$_CFG</span> = load_config(); <span>//</span><span>载入配置信息函数在lib_common.php</span> <span>/*</span><span> 载入语言文件 </span><span>*/</span> <span>require</span>(ROOT_PATH . 'languages/' . <span>$_CFG</span>['lang'] . '/common.php'<span>); </span><span>if</span> (<span>$_CFG</span>['shop_closed'] == 1<span>) { </span><span>/*</span><span> 商店关闭了,输出关闭的消息 </span><span>*/</span> <span>header</span>('Content-type: text/html; charset='.<span>EC_CHARSET); </span><span>die</span>('<div>$_LANG</span>['shop_closed'] . '</p><p>' . <span>$_CFG</span>['close_comment'] . '</p></div>'<span>); } </span><span>//</span><span>判断是否为搜索引擎蜘蛛 函数在lib_main.php</span> <span>if</span><span> (is_spider()) { </span><span>/*</span><span> 如果是蜘蛛的访问,那么默认为访客方式,并且不记录到日志中 </span><span>*/</span> <span>if</span> (!<span>defined</span>('INIT_NO_USERS'<span>)) { </span><span>define</span>('INIT_NO_USERS', <span>true</span><span>); </span><span>/*</span><span> 整合UC后,如果是蜘蛛访问,初始化UC需要的常量 </span><span>*/</span> <span>if</span>(<span>$_CFG</span>['integrate_code'] == 'ucenter'<span>) { </span><span>$user</span> = &<span> init_users(); } } </span><span>$_SESSION</span> = <span>array</span><span>(); </span><span>$_SESSION</span>['user_id'] = 0<span>; </span><span>$_SESSION</span>['user_name'] = ''<span>; </span><span>$_SESSION</span>['email'] = ''<span>; </span><span>$_SESSION</span>['user_rank'] = 0<span>; </span><span>$_SESSION</span>['discount'] = 1.00<span>; } </span><span>//</span><span>非搜索引擎蜘蛛,记录session</span> <span>if</span> (!<span>defined</span>('INIT_NO_USERS'<span>)) { </span><span>/*</span><span> 初始化session </span><span>*/</span> <span>include</span>(ROOT_PATH . 'includes/cls_session.php'<span>); </span><span>$sess</span> = <span>new</span> cls_session(<span>$db</span>, <span>$ecs</span>->table('sessions'), <span>$ecs</span>->table('sessions_data'<span>)); </span><span>define</span>('SESS_ID', <span>$sess</span>-><span>get_session_id()); } </span><span>//</span><span>如果使用Smarty</span> <span>if</span> (!<span>defined</span>('INIT_NO_SMARTY'<span>)) { </span><span>header</span>('Cache-control: private'<span>); </span><span>header</span>('Content-type: text/html; charset='.<span>EC_CHARSET); </span><span>/*</span><span> 创建 Smarty 对象。</span><span>*/</span> <span>require</span>(ROOT_PATH . 'includes/cls_template.php'<span>); </span><span>$smarty</span> = <span>new</span><span> cls_template; </span><span>$smarty</span>->cache_lifetime = <span>$_CFG</span>['cache_time'];<span>//</span><span>缓存时间</span> <span>$smarty</span>->template_dir = ROOT_PATH . 'themes/' . <span>$_CFG</span>['template'];<span>//</span><span>模板所在</span> <span>$smarty</span>->cache_dir = ROOT_PATH . 'temp/caches';<span>//</span><span>缓存所在</span> <span>$smarty</span>->compile_dir = ROOT_PATH . 'temp/compiled';<span>//</span><span>模板编译后的文件所在</span> <span>if</span> ((DEBUG_MODE & 2) == 2)<span>//</span><span>如果常量DEBUG_MODE值为 2、3、6、7.时</span> <span> { </span><span>$smarty</span>->direct_output = <span>true</span>; <span>//</span><span>不使用缓存直接输出</span> <span>$smarty</span>->force_compile = <span>true</span>; <span>//</span><span>强行编译</span> <span> } </span><span>else</span><span> { </span><span>$smarty</span>->direct_output = <span>false</span><span>; </span><span>$smarty</span>->force_compile = <span>false</span><span>; } </span><span>$smarty</span>->assign('lang', <span>$_LANG</span><span>); </span><span>$smarty</span>->assign('ecs_charset',<span> EC_CHARSET); </span><span>if</span> (!<span>empty</span>(<span>$_CFG</span>['stylename']))<span>//</span><span>如果自己定义样式文件就用自己的</span> <span> { </span><span>$smarty</span>->assign('ecs_css_path', 'themes/' . <span>$_CFG</span>['template'] . '/style_' . <span>$_CFG</span>['stylename'] . '.css'<span>); } </span><span>else</span><span> { </span><span>$smarty</span>->assign('ecs_css_path', 'themes/' . <span>$_CFG</span>['template'] . '/style.css'<span>); } } </span><span>//</span><span>非搜索引擎爬虫,记录用户信息</span> <span>if</span> (!<span>defined</span>('INIT_NO_USERS'<span>)) { </span><span>/*</span><span> 会员信息 初始化会员数据 lib_common.php </span><span>*/</span> <span>$user</span> =&<span> init_users(); </span><span>if</span> (!<span>isset</span>(<span>$_SESSION</span>['user_id'<span>])) { </span><span>/*</span><span> 获取投放站点的名称 </span><span>*/</span> <span>$site_name</span> = <span>isset</span>(<span>$_GET</span>['from']) ? <span>$_GET</span>['from'] : <span>addslashes</span>(<span>$_LANG</span>['self_site'<span>]); </span><span>$from_ad</span> = !<span>empty</span>(<span>$_GET</span>['ad_id']) ? <span>intval</span>(<span>$_GET</span>['ad_id']) : 0<span>; </span><span>$_SESSION</span>['from_ad'] = <span>$from_ad</span>; <span>//</span><span> 用户点击的广告ID</span> <span>$_SESSION</span>['referer'] = <span>stripslashes</span>(<span>$site_name</span>); <span>//</span><span> 用户来源</span> <span>unset</span>(<span>$site_name</span><span>); </span><span>if</span> (!<span>defined</span>('INGORE_VISIT_STATS'<span>)) { visit_stats(); } } </span><span>if</span> (<span>empty</span>(<span>$_SESSION</span>['user_id'<span>])) { </span><span>if</span> (<span>$user</span>-><span>get_cookie()) { </span><span>/*</span><span> 如果会员已经登录并且还没有获得会员的帐户余额、积分以及优惠券 </span><span>*/</span> <span>if</span> (<span>$_SESSION</span>['user_id'] > 0<span>) { update_user_info(); } } </span><span>else</span><span> { </span><span>$_SESSION</span>['user_id'] = 0<span>; </span><span>$_SESSION</span>['user_name'] = ''<span>; </span><span>$_SESSION</span>['email'] = ''<span>; </span><span>$_SESSION</span>['user_rank'] = 0<span>; </span><span>$_SESSION</span>['discount'] = 1.00<span>; </span><span>if</span> (!<span>isset</span>(<span>$_SESSION</span>['login_fail'<span>])) { </span><span>$_SESSION</span>['login_fail'] = 0<span>; } } } </span><span>/*</span><span> 设置推荐会员 </span><span>*/</span> <span>if</span> (<span>isset</span>(<span>$_GET</span>['u'<span>])) { set_affiliate(); } </span><span>if</span> (<span>isset</span>(<span>$smarty</span><span>)) { </span><span>$smarty</span>->assign('ecs_session', <span>$_SESSION</span><span>); } } </span><span>if</span> ((DEBUG_MODE & 1) == 1)<span>//</span><span>如果常量DEBUG_MODE值为 1、3、5、7.时</span> <span>{ </span><span>error_reporting</span>(<span>E_ALL</span>);<span>//</span><span>报告全部错误</span> <span>} </span><span>else</span><span> { </span><span>error_reporting</span>(<span>E_ALL</span> ^ <span>E_NOTICE</span>); <span>//</span><span>报告除E_NOTICE以外的所有错误</span> <span>} </span><span>if</span> ((DEBUG_MODE & 4) == 4)<span>//</span><span>如果常量DEBUG_MODE值为 4、5、6、7.时,调试程序</span> <span>{ </span><span>include</span>(ROOT_PATH . 'includes/lib.debug.php');<span>// </span><span>} </span><span>/*</span><span> 判断是否支持 Gzip 模式 如果使用SMARTY同时设置了网页压缩,则启用压缩 </span><span>*/</span> <span>if</span> (!<span>defined</span>('INIT_NO_SMARTY') &&<span> gzip_enabled()) { </span><span>ob_start</span>('ob_gzhandler');<span>//</span><span>压缩后放入缓冲区</span> <span>} </span><span>else</span><span> { </span><span>ob_start</span>();<span>//</span><span>打开缓冲区,把下面要显示的内容先缓在服务器</span> <span>} </span><span>/*</span><span> ob_start相关函数了解: 1、Flush:刷新缓冲区的内容,输出。 函数格式:flush() 说明:这个函数经常使用,效率很高。 2、ob_start :打开输出缓冲区 函数格式:void ob_start(void) 说明:当缓冲区激活时,所有来自PHP程序的非文件头信息均不会发送,而是保存在内部缓冲区。为了输出缓冲区的内容,可以使用ob_end_flush()或flush()输出缓冲区的内容。 、ob_get_contents :返回内部缓冲区的内容。 使用方法:string ob_get_contents(void) 说明:这个函数会返回当前缓冲区中的内容,如果输出缓冲区没有激活,则返回 FALSE 。 4、ob_get_length:返回内部缓冲区的长度。 使用方法:int ob_get_length(void) 说明:这个函数会返回当前缓冲区中的长度;和ob_get_contents一样,如果输出缓冲区没有激活。则返回 FALSE。 5、ob_end_flush :发送内部缓冲区的内容到浏览器,并且关闭输出缓冲区。 使用方法:void ob_end_flush(void) 说明:这个函数发送输出缓冲区的内容(如果有的话)。 6、ob_end_clean:删除内部缓冲区的内容,并且关闭内部缓冲区 使用方法:void ob_end_clean(void) 说明:这个函数不会输出内部缓冲区的内容而是把它删除! 7、ob_implicit_flush:打开或关闭绝对刷新 使用方法:void ob_implicit_flush ([int flag]) 说明:使用过Perl的人都知道$|=x的意义,这个字符串可以打开/关闭缓冲区,而ob_implicit_flush函数也和那个一样,默认为关闭缓冲区,打开绝对输出后,每个脚本输出都直接发送到浏览器,不再需要调用 flush() </span><span>*/</span> ?>