discuz登錄流程解析,最近在研究,Ucenter的同步登陸機制,就先從discuz的登錄開始了
1.form表單提交
member.php?mod=logging&action=login&loginsubmit=yes&handlekey=login&loginhash=Lm137&inajax=1
處理腳本 source/module/member/member_logging.php
$ctl_obj = new logging_ctl();//初始化登陸對象,source\class\class_member.php=>class logging_ctl $ctl_obj->setting = $_G['setting'];$method = 'on_'.$_GET['action'];//$method='on_login';$ctl_obj->template = 'member/login'; $ctl_obj->$method();//調用source\class\class_member.php=>on_login()下面對source\class\class_member.php的on_login進行分析
2.source\class\class_member.php
on_login函數太長,只貼出其核心部分,該函數也是登錄過程中的核心函數,通過 userlogin(uc_client\control\user.php)進行數據分析,並對返回結果$result進行分析處理,返回結果$result['status']>0時,顯示登陸成功,setloginstatus進行登錄狀態記錄
$result = userlogin($_GET['username'], $_GET['password'], $_GET['questionid'], $_GET['answer'], $this->setting['autoidselect'] ? 'auto' : $_GET['loginfield'], $_G['clientip']);//95行左右,userlogin爲核心處理函數,來至uc_client\client.php//根據$result['status']返回值進行處理············if($result['status'] > 0) //當$result['status']>0時,爲登陸成功setloginstatus($result['member'], $_GET['cookietime'] ? 2592000 : 0);//記錄登錄狀態,完成登錄動作下面對uc_client\client.php的uc_user_login進行分析
3.uc_client\client.php
函數uc_user_login通過call_user_func調用uc_client\control\user.php的onlogin函數
function uc_user_login($username, $password, $isuid = 0, $checkques = 0, $questionid = '', $answer = '', $ip = '') { $isuid = intval($isuid); $return = call_user_func(UC_API_FUNC, 'user', 'login', array('username'=>$username, 'password'=>$password, 'isuid'=>$isuid, 'checkques'=>$checkques, 'questionid'=>$questionid, 'answer'=>$answer, 'ip' => $ip));//UC_API_FUNC= uc_api_mysql,通過call_user_func回調調用uc_api_mysql,進行傳參數,通過uc_api_mysql引入uc_client\control\user.php的onlogin函數 return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);}...................function uc_api_mysql($model, $action, $args=array()) { global $uc_controls; if(empty($uc_controls[$model])) { if(function_exists("mysql_connect")) { include_once UC_ROOT.'./lib/db.class.php'; } else { include_once UC_ROOT.'./lib/dbi.class.php'; } include_once UC_ROOT.'./model/base.php'; include_once UC_ROOT."./control/$model.php";//引入uc_client\control\user.php eval("\$uc_controls['$model'] = new {$model}control();"); } if($action{0} != '_') { $args = uc_addslashes($args, 1, TRUE); $action = 'on'.$action; $uc_controls[$model]->input = $args; return $uc_controls[$model]->$action($args);//調用uc_client\control\user.php的onlogin函數傳參數 } else { return ''; }}
4.uc_client\control\user.php
onlogin函數對數據進行分析,返回結果,回第2步中source\class\class_member.php的
function onlogin() { $this->init_input(); $isuid = $this->input('isuid'); $username = $this->input('username'); $password = $this->input('password'); $checkques = $this->input('checkques'); $questionid = $this->input('questionid'); $answer = $this->input('answer'); $ip = $this->input('ip'); $this->settings['login_failedtime'] = is_null($this->settings['login_failedtime']) ? 5 : $this->settings['login_failedtime']; if($ip && $this->settings['login_failedtime'] && !$loginperm = $_ENV['user']->can_do_login($username, $ip)) { $status = -4; return array($status, '', $password, '', 0); } if($isuid == 1) { $user = $_ENV['user']->get_user_by_uid($username); } elseif($isuid == 2) { $user = $_ENV['user']->get_user_by_email($username); } else { $user = $_ENV['user']->get_user_by_username($username); } $passwordmd5 = preg_match('/^\w{32}$/', $password) ? $password : md5($password); if(empty($user)) { $status = -1; } elseif($user['password'] != md5($passwordmd5.$user['salt'])) { $status = -2; } elseif($checkques && $user['secques'] != $_ENV['user']->quescrypt($questionid, $answer)) { $status = -3; } else { $status = $user['uid']; } if($ip && $this->settings['login_failedtime'] && $status <= 0) { $_ENV['user']->loginfailed($username, $ip); } $merge = $status != -1 && !$isuid && $_ENV['user']->check_mergeuser($username) ? 1 : 0; return array($status, $user['username'], $password, $user['email'], $merge); }
登錄解析完成完成
