estoon® B2B网站管理系统(以下简称destoon)由西安嘉客信息科技有限责任公司独立研发并推出,对其拥有完全知识产权,中国国家版权局计算机软件著作权登记号:2009SR037570。
系统使用当前流行的PHP语言开发,以MySQL为数据库,采用B/S架构,MVC模式开发。融入了模型化、模板、缓存、AJAX、SEO等前沿技术。与同类产品相比,系统功能更加强大、使用更加简单、运行更加稳定、安全性更强,效率更高,用户体验更好。系统开源发布,便于二次开发、功能整合、个性修改。
代码首先包含common.inc.php文件
在common.inc.php文件中,首先定义常量。
define(\'IN_DESTOON\', true);
define(\'IN_ADMIN\', defined(\'DT_ADMIN\') ? true : false);
define(\'DT_ROOT\', str_replace("\\", \'/\', dirname(__FILE__)));
if(defined(\'DT_REWRITE\')) include DT_ROOT.\'/include/rewrite.inc.php\';//是否定义了url伪静态?
$CFG = array();//网站整体配置信息
require DT_ROOT.\'/config.inc.php\';//-----------------网站配置文件
define(\'DT_PATH\', $CFG[\'url\']);
define(\'DT_DOMAIN\', $CFG[\'cookie_domain\'] ? substr($CFG[\'cookie_domain\'], 1) : \'\');
define(\'DT_WIN\', strpos(strtoupper(PHP_OS), \'WIN\') !== false ? true: false);
define(\'DT_CHMOD\', ($CFG[\'file_mod\'] && !DT_WIN) ? $CFG[\'file_mod\'] : 0);
define(\'DT_URL\', $CFG[\'url\']);//Fox 3.x
define(\'DT_LANG\', $CFG[\'language\']);
define(\'DT_KEY\', $CFG[\'authkey\']);
define(\'DT_CHARSET\', $CFG[\'charset\']);
define(\'DT_CACHE\', $CFG[\'cache_dir\'] ? $CFG[\'cache_dir\'] : DT_ROOT.\'/file/cache\');
define(\'DT_SKIN\', DT_PATH.\'skin/\'.$CFG[\'skin\'].\'/\');
define(\'SKIN_PATH\', DT_PATH.\'skin/\'.$CFG[\'skin\'].\'/\');//For 2.x
define(\'VIP\', $CFG[\'com_vip\']);
define(\'errmsg\', \'Invalid Request\');
随后加载网站基本功能
$L = array();
include DT_ROOT.\'/lang/\'.DT_LANG.\'/lang.inc.php\';//语言信息
require DT_ROOT.\'/version.inc.php\';
require DT_ROOT.\'/include/global.func.php\';//--------全局函数
require DT_ROOT.\'/include/tag.func.php\';//-----------标签函数
require DT_ROOT.\'/api/im.func.php\';//----------------聊天工具
require DT_ROOT.\'/api/extend.func.php\';//------------自己写的扩展函数
if(!$MQG && $_POST) $_POST = daddslashes($_POST);
if(!$MQG && $_GET) $_GET = daddslashes($_GET);
if(function_exists(\'date_default_timezone_set\')) date_default_timezone_set($CFG[\'timezone\']);
$DT_PRE = $CFG[\'tb_pre\'];
$DT_QST = $_SERVER[\'QUERY_STRING\'];//----------------querystring
$DT_TIME = time() + $CFG[\'timediff\'];//--------------当前时间
$DT_IP = get_env(\'ip\');
$DT_URL = get_env(\'url\');
$DT_REF = get_env(\'referer\');
$DT_BOT = is_robot();
链接数据库,建立缓存。
header("Content-Type:text/html;charset=".DT_CHARSET);
require DT_ROOT.\'/include/db_\'.$CFG[\'database\'].\'.class.php\';//加载数据库类
require DT_ROOT.\'/include/cache_\'.$CFG[\'cache\'].\'.class.php\';//加载缓存类
if($_POST) extract($_POST, EXTR_SKIP);//解析post请求的数据
if($_GET) extract($_GET, EXTR_SKIP);//解析get请求的数据
$db_class = \'db_\'.$CFG[\'database\'];
$db = new $db_class;
$db->halt = (DT_DEBUG || IN_ADMIN) ? 1 : 0;
$db->pre = $CFG[\'tb_pre\'];
$db->connect($CFG[\'db_host\'], $CFG[\'db_user\'], $CFG[\'db_pass\'], $CFG[\'db_name\'], $CFG[\'db_expires\'], $CFG[\'db_charset\'], $CFG[\'pconnect\']);
$dc = new dcache();
$dc->pre = $CFG[\'cache_pre\'];
加载模块的基本配置
$DT = $MOD = $EXT = $CSS = $DTMP = $CAT = $ARE = $AREA = array();
$CACHE = cache_read(\'module.php\');
if(!$CACHE) {
//没有缓存模块,就读取缓存模块。
require_once DT_ROOT.\'/admin/global.func.php\';
require_once DT_ROOT.\'/include/post.func.php\';
require_once DT_ROOT.\'/include/cache.func.php\';
cache_all();
$CACHE = cache_read(\'module.php\');
}
$DT = $CACHE[\'dt\'];
$MODULE = $CACHE[\'module\'];
$EXT = cache_read(\'module-3.php\');
加载模块,读取模块信息,引入模块文件
if(!isset($moduleid)) {
$moduleid = 1;
$module = \'destoon\';
} else if($moduleid == 1) {
$module = \'destoon\';
} else {
$moduleid = intval($moduleid);
isset($MODULE[$moduleid]) or dheader(DT_PATH);
$module = $MODULE[$moduleid][\'module\'];
$MOD = $moduleid == 3 ? $EXT : cache_read(\'module-\'.$moduleid.\'.php\');
include DT_ROOT.\'/lang/\'.DT_LANG.\'/\'.$module.\'.inc.php\';
}
$forward = isset($forward) ? urldecode($forward) : $DT_REF;//------------来源页面
$action = isset($action) ? trim($action) : \'\';//-------------动作指令
//判断用户登录
$destoon_auth = get_cookie(\'auth\');
if($destoon_auth) {
$_dauth = explode("\t", decrypt($destoon_auth, md5(DT_KEY.$_SERVER[\'HTTP_USER_AGENT\'])));
//print_r($_dauth);SELECT userid,username,groupid,admin FROM destoon_member
$_userid = isset($_dauth[0]) ? intval($_dauth[0]) : 0;
$_username = isset($_dauth[1]) ? trim($_dauth[1]) : \'\';
$_groupid = isset($_dauth[2]) ? intval($_dauth[2]) : 3;
$_admin = isset($_dauth[4]) ? intval($_dauth[4]) : 0;
if($_userid && !defined(\'DT_NONUSER\')) {
$_password = isset($_dauth[3]) ? trim($_dauth[3]) : \'\';
$user = $db->get_one("SELECT username,passport,company,truename,password,groupid,email,message,chat,sound,online,sms,credit,money,loginip,admin,aid,edittime,trade FROM {$DT_PRE}member WHERE userid=$_userid");
if($user && $user[\'password\'] == $_password) {
if($user[\'groupid\'] == 2) dalert(lang(\'message->common_forbidden\'));//禁止用户访问的组别
extract($user, EXTR_PREFIX_ALL, \'\');
if($user[\'loginip\'] != $DT_IP && ($DT[\'ip_login\'] == 2 || ($DT[\'ip_login\'] == 1 && IN_ADMIN))) {
//单点登录,判断ip
$_userid = 0; set_cookie(\'auth\', \'\');
dalert(lang(\'message->common_login\', array($user[\'loginip\'])), DT_PATH);
}
} else {
//登录失败
$_userid = 0;
if($db->linked && !isset($swfupload) && strpos($_SERVER[\'HTTP_USER_AGENT\'], \'Flash\') === false) set_cookie(\'auth\', \'\');
}
unset($destoon_auth, $user, $_dauth, $_password);
}
}
if($_userid == 0) { $_groupid = 3; $_username = \'\'; }
if(!IN_ADMIN) {
if($_groupid == 1) include DT_ROOT.\'/module/member/admin.inc.php\';
if($_userid && !defined(\'DT_NONUSER\')) {
$db->query("REPLACE INTO {$DT_PRE}online (userid,username,ip,moduleid,online,lasttime) VALUES (\'$_userid\',\'$_username\',\'$DT_IP\',\'$moduleid\',\'$_online\',\'$DT_TIME\')");
}
else {
if(timetodate($DT_TIME, \'i\') == 10) {
$lastime = $DT_TIME - $DT[\'online\'];
$db->query("DELETE FROM {$DT_PRE}online WHERE lasttime<$lastime");
}
}
}
$MG = cache_read(\'group-\'.$_groupid.\'.php\');//读取用户组别配置
$_areaids = \'\';
$_areaid = array();
if($DT[\'city\']) {
$AREA or $AREA = cache_read(\'area.php\');
if($_aid) {
$_areaids = $AREA[$_aid][\'child\'] ? $AREA[$_aid][\'arrchildid\'] : $_aid;
$_areaid = explode(\',\', $_areaids);
}
} else {
$_aid < 1 or dalert(\'系统未开启分站功能,您的分站管理帐号暂不可用\', $MODULE[2][\'linkurl\'].\'logout.php\');
}
$session = new dsession();
require DT_ROOT.\'/admin/global.func.php\';
require DT_ROOT.\'/include/post.func.php\';
require_once DT_ROOT.\'/include/cache.func.php\';
isset($file) or $file = \'index\';
$secretkey = \'admin_\'.strtolower(substr($CFG[\'authkey\'], -6));
//echo $secretkey;exit;
if($DT[\'authadmin\'] == \'session\') {
$_destoon_admin = isset($_SESSION[$secretkey]) ? intval($_SESSION[$secretkey]) : 0;
} else {
$_destoon_admin = get_cookie($secretkey);
$_destoon_admin = $_destoon_admin ? intval($_destoon_admin) : 0;
}
$_founder = $CFG[\'founderid\'] == $_userid ? $_userid : 0;
$_catids = $_childs = \'\';
$_catid = $_child = array();
if($file != \'login\') {
if($_groupid != 1 || $_admin < 1 || !$_destoon_admin) msg(\'\', \'?file=login&forward=\'.urlencode($DT_URL));
//判断用户是否已经登录?如果未登录,直接跳转到登录页面。防止用户构造url。
if(!admin_check()) {
admin_log(1);
$db->query("DELETE FROM {$db->pre}admin WHERE userid=$_userid AND url=\'?".$DT_QST."\'");
msg(\'警告!您无权进行此操作 Error(00)\');
}
}
//是否记录日志
if($DT[\'admin_log\'] && $action != \'import\') admin_log();
if($DT[\'admin_online\']) admin_online();
$psize = isset($psize) ? intval($psize) : 0;
if($psize > 0 && $psize != $pagesize) {
$pagesize = $psize;
$offset = ($page-1)*$pagesize;
}
if($module == \'destoon\') {
(include DT_ROOT.\'/admin/\'.$file.\'.inc.php\') or msg();
} else {
echo $file.\'|\'.$module;
include DT_ROOT.\'/module/\'.$module.\'/common.inc.php\';//加载模块下的common文件
(include MD_ROOT.\'/admin/\'.$file.\'.inc.php\') or msg();//加载模块文件
}