PageRenderTime 49ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/core/service/fanwe.service.php

https://github.com/alin40404/FanweShare
PHP | 522 lines | 433 code | 63 blank | 26 comment | 78 complexity | a00a211376b47078b2ae9bae4ce410e3 MD5 | raw file
Possible License(s): Apache-2.0 
    

  1. <?php
    2. 

  2. // +----------------------------------------------------------------------
    3. 

  3. // | 方维购物分享网站系统 (Build on ThinkPHP)
    4. 

  4. // +----------------------------------------------------------------------
    5. 

  5. // | Copyright (c) 2011 http://fanwe.com All rights reserved.
    6. 

  6. // +----------------------------------------------------------------------
    7. 

  7. 

  8. /**
    9. 

  9.  * fanwe.service
    10. 

  10.  *
    11. 

  11.  * 全局服务类
    12. 

  12.  *
    13. 

  13.  * @package service
    14. 

  14.  * @author awfigq <awfigq@qq.com>
    15. 

  15.  */
    16. 

  16. 

  17. define('IN_FANWE', true);
    18. 

  18. error_reporting(E_ERROR);
    19. 

  19. 

  20. class FanweService
    21. 

  21. {
    22. 

  22. 	public $db = NULL;
    23. 

  23. 	public $cache = NULL;
    24. 

  24. 	public $session = NULL;
    25. 

  25. 	public $memory = NULL;
    26. 

  26. 	public $is_init = false;
    27. 

  27. 	public $is_memory = true;
    28. 

  28. 	public $is_session = true;
    29. 

  29. 	public $is_admin = false;
    30. 

  30. 	public $is_user = true;
    31. 

  31. 	public $is_cron = true;
    32. 

  32. 	public $is_setting = true;
    33. 

  33. 	public $is_misc = true;
    34. 

  34. 	public $is_group_city = false;
    35. 

  35. 	public $config = array();
    36. 

  36. 	public $var = array();
    37. 

  37. 	public $cache_list = array('goods_category','image_servers','links','navs');
    38. 

  38. 

  39. 	public $allow_global = array(
    40. 

  40. 		'GLOBALS' => 1,
    41. 

  41. 		'_GET' => 1,
    42. 

  42. 		'_POST' => 1,
    43. 

  43. 		'_REQUEST' => 1,
    44. 

  44. 		'_COOKIE' => 1,
    45. 

  45. 		'_SERVER' => 1,
    46. 

  46. 		'_ENV' => 1,
    47. 

  47. 		'_FILES' => 1,
    48. 

  48. 	);
    49. 

  49. 

  50. 

  51. 	public function &instance()
    52. 

  52. 	{
    53. 

  53. 		static $_instance = NULL;
    54. 

  54. 		if($_instance === NULL)
    55. 

  55. 			$_instance = new FanweService();
    56. 

  56. 		return $_instance;
    57. 

  57. 	}
    58. 

  58. 

  59. 	public function FanweService()
    60. 

  60. 	{
    61. 

  61. 		if(phpversion() < '5.3.0')
    62. 

  62. 			set_magic_quotes_runtime(0);
    63. 

  63. 		
    64. 

  64. 		if(!defined('FANWE_ROOT'))
    65. 

  65. 			define('FANWE_ROOT', str_replace('\\', '/',substr(dirname(__FILE__), 0, -12)));
    66. 

  66. 

  67. 		if(!file_exists(FANWE_ROOT.'./public/install.lock'))
    68. 

  68. 		{
    69. 

  69. 			header('Location: install/index.php');
    70. 

  70. 			exit;
    71. 

  71. 		}
    72. 

  72. 		
    73. 

  73. 		define('MAGIC_QUOTES_GPC', function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc());
    74. 

  74. 		define('ICONV_ENABLE', function_exists('iconv'));
    75. 

  75. 		define('MB_ENABLE', function_exists('mb_convert_encoding'));
    76. 

  76. 		define('EXT_OBGZIP', function_exists('ob_gzhandler'));
    77. 

  77. 		define('TIMESTAMP', time());
    78. 

  78. 

  79. 		if(!include(FANWE_ROOT.'./core/function/global.func.php'))
    80. 

  80. 		{
    81. 

  81. 			exit('not found global.func.php');
    82. 

  82. 		}
    83. 

  83. 		
    84. 

  84. 		@require(FANWE_ROOT.'./public/constant.global.php');
    85. 

  85. 		require fimport("function/time");
    86. 

  86. 

  87. 		define('IS_ROBOT', checkRobot());
    88. 

  88. 

  89. 		if(function_exists('ini_get'))
    90. 

  90. 		{
    91. 

  91. 			$memory_limit = @ini_get('memory_limit');
    92. 

  92. 			if($memory_limit && getBytes($memory_limit) < 33554432 && function_exists('ini_set'))
    93. 

  93. 			{
    94. 

  94. 				ini_set('memory_limit', '128M');
    95. 

  95. 			}
    96. 

  96. 		}
    97. 

  97. 			
    98. 

  98. 		if(!$this->is_admin)
    99. 

  99. 		{
    100. 

  100. 			foreach ($GLOBALS as $key => $value)
    101. 

  101. 			{
    102. 

  102. 				if (!isset($this->allow_global[$key]))
    103. 

  103. 				{
    104. 

  104. 					$GLOBALS[$key] = NULL;
    105. 

  105. 					unset($GLOBALS[$key]);
    106. 

  106. 				}
    107. 

  107. 			}
    108. 

  108. 		}
    109. 

  109. 

  110. 		global $_FANWE;
    111. 

  111. 		$_FANWE = array();
    112. 

  112. 		$_FANWE['uid'] = 0;
    113. 

  113. 		$_FANWE['user_name'] = '';
    114. 

  114. 		$_FANWE['gid'] = 0;
    115. 

  115. 		$_FANWE['sid'] = '';
    116. 

  116. 		$_FANWE['form_hash'] = '';
    117. 

  117. 		$_FANWE['client_ip'] = getFClientIp();
    118. 

  118. 		$_FANWE['referer'] = '';
    119. 

  119. 

  120. 		$_FANWE['php_self'] = htmlspecialchars(getPhpSelf());
    121. 

  121. 		if($_FANWE['php_self'] === false)
    122. 

  122. 			systemError('request_tainting');
    123. 

  123. 		
    124. 

  124. 		$_FANWE['module_name'] = MODULE_NAME;
    125. 

  125. 		$_FANWE['module_filename'] = basename($_FANWE['php_self']);
    126. 

  126. 		$_FANWE['site_url'] = '';
    127. 

  127. 		$_FANWE['site_root'] = '';
    128. 

  128. 		$_FANWE['site_port'] = '';
    129. 

  129. 

  130. 		$_FANWE['config'] = array();
    131. 

  131. 		$_FANWE['setting'] = array();
    132. 

  132. 		$_FANWE['user'] = array();
    133. 

  133. 		$_FANWE['group'] = array();
    134. 

  134. 		$_FANWE['cookie'] = array();
    135. 

  135. 		$_FANWE['cache'] = array();
    136. 

  136. 		$_FANWE['session'] = array();
    137. 

  137. 		$_FANWE['lang'] = array();
    138. 

  138. 		$_FANWE['tpl_user_formats'] = array();
    139. 

  139. 

  140. 		$site_path = substr($_FANWE['php_self'], 0, strrpos($_FANWE['php_self'], '/'));
    141. 

  141. 		$_FANWE['site_url'] = htmlspecialchars('http://'.$_SERVER['HTTP_HOST'].$site_path.'/');
    142. 

  142. 

  143. 		$url = parse_url($_FANWE['site_url']);
    144. 

  144. 		$_FANWE['site_root'] = isset($url['path']) ? $url['path'] : '';
    145. 

  145. 		$_FANWE['site_port'] = empty($_SERVER['SERVER_PORT']) || $_SERVER['SERVER_PORT'] == '80' ? '' : ':'.$_SERVER['SERVER_PORT'];
    146. 

  146. 

  147. 		if(defined('SUB_DIR'))
    148. 

  148. 		{
    149. 

  149. 			$_FANWE['site_url'] = str_replace(SUB_DIR, '', $_FANWE['site_url']);
    150. 

  150. 			$_FANWE['site_root'] = str_replace(SUB_DIR, '', $_FANWE['site_root']);
    151. 

  151. 		}
    152. 

  152. 		
    153. 

  153. 		define('PUBLIC_ROOT', FANWE_ROOT.'./public/');
    154. 

  154. 		define('PUBLIC_PATH', $_FANWE['site_root'].'public/');
    155. 

  155. 		
    156. 

  156. 		define('SITE_URL', $_FANWE['site_root']);
    157. 

  157. 

  158. 		require fimport("class/cache");
    159. 

  159. 		$this->cache = Cache::getInstance();
    160. 

  160. 

  161. 		$this->var = &$_FANWE;
    162. 

  162. 

  163. 		$this->buildConfig();
    164. 

  164. 		$this->buildInput();
    165. 

  165. 		$this->buildOutput();
    166. 

  166. 	}
    167. 

  167. 

  168. 	public function initialize()
    169. 

  169. 	{
    170. 

  170. 		if(!$this->is_init)
    171. 

  171. 		{
    172. 

  172. 			$this->buildDb();
    173. 

  173. 			$this->buildMemory();
    174. 

  174. 			$this->buildSetting();
    175. 

  175. 			$this->buildSession();
    176. 

  176. 			//$this->buildCron();
    177. 

  177. 			$this->buildCache();
    178. 

  178. 			$this->buildUser();
    179. 

  179. 			//$this->buildRewriteArgs();
    180. 

  180. 			$this->buildMisc();
    181. 

  181. 		}
    182. 

  182. 		
    183. 

  183. 		$this->is_init = true;
    184. 

  184. 

  185. 		define('TPL_PATH', $this->var['site_root'].'tpl/'.$this->var['setting']['site_tmpl'].'/');
    186. 

  186. 		define('TMPL', $this->var['setting']['site_tmpl']);
    187. 

  187. 		@include(FANWE_ROOT.'./tpl/'.$this->var['setting']['site_tmpl'].'/functions.php');
    188. 

  188. 

  189. 		if($this->var['setting']['shop_closed'] == 1 && !$this->is_admin)
    190. 

  190. 		{
    191. 

  191. 			showError(lang('common','site_close'),lang('common','site_close_content'),'',0,true);
    192. 

  192. 		}
    193. 

  193. 	}
    194. 

  194. 

  195. 	private function buildConfig()
    196. 

  196. 	{
    197. 

  197. 		$config = array();
    198. 

  198. 		@include FANWE_ROOT.'./public/config.global.php';
    199. 

  199. 		if(empty($config))
    200. 

  200. 		{
    201. 

  201. 			if(!file_exists(FANWE_ROOT.'./public/install.lock'))
    202. 

  202. 			{
    203. 

  203. 				header('Location: install');
    204. 

  204. 				exit;
    205. 

  205. 			}
    206. 

  206. 			else
    207. 

  207. 			{
    208. 

  208. 				systemError('config_not_found');
    209. 

  209. 			}
    210. 

  210. 		}
    211. 

  211. 

  212. 		if(empty($config['security']['authkey']))
    213. 

  213. 		{
    214. 

  214. 			$config['security']['authkey'] = md5($config['cookie']['cookie_pre'].$config['db'][1]['dbname']);
    215. 

  215. 		}
    216. 

  216. 

  217. 		if(empty($config['debug']) || !file_exists(fimport('function/debug')))
    218. 

  218. 		{
    219. 

  219. 			define('SYS_DEBUG', false);
    220. 

  220. 		}
    221. 

  221. 		elseif($config['debug'] === 1 || $config['debug'] === 2 || !empty($_REQUEST['debug']) && $_REQUEST['debug'] === $config['debug'])
    222. 

  222. 		{
    223. 

  223. 			define('SYS_DEBUG', true);
    224. 

  224. 			if($config['debug'] == 2)
    225. 

  225. 				error_reporting(E_ALL);
    226. 

  226. 		}
    227. 

  227. 		else
    228. 

  228. 		{
    229. 

  229. 			define('SYS_DEBUG', false);
    230. 

  230. 		}
    231. 

  231. 

  232. 		timezoneSet($config['time_zone']);
    233. 

  233. 		define('TIME_UTC', fGmtTime());
    234. 

  234. 

  235. 		$this->config = & $config;
    236. 

  236. 		$this->var['config'] = & $config;
    237. 

  237. 

  238. 		if(substr($config['cookie']['cookie_path'], 0, 1) != '/')
    239. 

  239. 			$this->var['config']['cookie']['cookie_path'] = '/'.$this->var['config']['cookie']['cookie_path'];
    240. 

  240. 

  241. 		$this->var['config']['cookie']['cookie_pre'] = $this->var['config']['cookie']['cookie_pre'].substr(md5($this->var['config']['cookie']['cookie_path'].'|'.$this->var['config']['cookie']['cookie_domain']), 0, 4).'_';
    242. 

  242. 	}
    243. 

  243. 

  244. 	private function buildInput()
    245. 

  245. 	{
    246. 

  246. 		if (isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_COOKIE['GLOBALS']) || isset($_FILES['GLOBALS']))
    247. 

  247. 		{
    248. 

  248. 			systemError('request_tainting');
    249. 

  249. 		}
    250. 

  250. 

  251. 		if(!MAGIC_QUOTES_GPC && !$this->is_admin)
    252. 

  252. 		{
    253. 

  253. 			$_GET = fAddslashes($_GET);
    254. 

  254. 			$_POST = fAddslashes($_POST);
    255. 

  255. 			$_COOKIE = fAddslashes($_COOKIE);
    256. 

  256. 			$_FILES = fAddslashes($_FILES);
    257. 

  257. 		}
    258. 

  258. 

  259. 		$pre_length = strlen($this->config['cookie']['cookie_pre']);
    260. 

  260. 		foreach($_COOKIE as $key => $val)
    261. 

  261. 		{
    262. 

  262. 			if(substr($key, 0, $pre_length) == $this->config['cookie']['cookie_pre'])
    263. 

  263. 			{
    264. 

  264. 				$this->var['cookie'][substr($key, $pre_length)] = $val;
    265. 

  265. 			}
    266. 

  266. 		}
    267. 

  267. 

  268. 		if($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST))
    269. 

  269. 			$_GET = array_merge($_GET, $_POST);
    270. 

  270. 

  271. 		foreach($_GET as $k => $v)
    272. 

  272. 		{
    273. 

  273. 			$this->var['request'][$k] = $v;
    274. 

  274. 		}
    275. 

  275. 		
    276. 

  276. 		$this->var['isajax'] = empty($this->var['request']['isajax']) ? 0 : 1;
    277. 

  277. 		$this->var['page'] = empty($this->var['request']['page']) ? 1 : max(1, intval($this->var['request']['page']));
    278. 

  278. 		$this->var['sid'] = $this->var['cookie']['sid'] = isset($this->var['cookie']['sid']) ? htmlspecialchars($this->var['cookie']['sid']) : '';
    279. 

  279. 		if(empty($this->var['cookie']['saltkey']))
    280. 

  280. 		{
    281. 

  281. 			$this->var['cookie']['saltkey'] = random(8);
    282. 

  282. 			fSetCookie('saltkey', $this->var['cookie']['saltkey'], 86400 * 30, 1, 1);
    283. 

  283. 		}
    284. 

  284. 		$this->var['authkey'] = md5($this->var['config']['security']['authkey'].$this->var['cookie']['saltkey']);
    285. 

  285. 	}
    286. 

  286. 

  287. 	private function buildOutput()
    288. 

  288. 	{
    289. 

  289. 		if($this->config['security']['url_xss_defend'] && $_SERVER['REQUEST_METHOD'] == 'GET' && !empty($_SERVER['REQUEST_URI']))
    290. 

  290. 		{
    291. 

  291. 			$this->_xssCheck();
    292. 

  292. 		}
    293. 

  293. 		
    294. 

  294. 		$attack_evasive = true;
    295. 

  295. 		if(!empty($this->var['cookie']['from_header']))
    296. 

  296. 		{
    297. 

  297. 			$from_header_time = (int)authcode($this->var['cookie']['from_header'], 'DECODE');
    298. 

  298. 			$attack_evasive = (TIME_UTC - $from_header_time < 10) ? false : true;
    299. 

  299. 			fSetCookie('from_header','');
    300. 

  300. 		}
    301. 

  301. 		
    302. 

  302. 		/*$module_action = strtolower(MODULE_NAME.'/'.ACTION_NAME);
    303. 

  303. 		if($this->config['security']['attack_evasive'] && $attack_evasive && !in_array($module_action, $this->config['security']['attack_ignore']))
    304. 

  304. 		{
    305. 

  305. 			require_once fimport('include/security');
    306. 

  306. 		}*/
    307. 

  307. 

  308. 		if(!empty($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') === false)
    309. 

  309. 		{
    310. 

  310. 			$this->config['output']['gzip'] = false;
    311. 

  311. 		}
    312. 

  312. 

  313. 		$allow_gzip = $this->config['output']['gzip'] && empty($this->var['ajax']) && EXT_OBGZIP;
    314. 

  314. 		$this->config['gzip_compress'] = $allow_gzip;
    315. 

  315. 		ob_start($allow_gzip ? 'ob_gzhandler' : NULL);
    316. 

  316. 		$this->config['charset'] = $this->config['output']['charset'];
    317. 

  317. 		define('CHARSET', $this->config['output']['charset']);
    318. 

  318. 		if($this->config['output']['forceheader'])
    319. 

  319. 			@header('Content-Type: text/html; charset='.CHARSET);
    320. 

  320. 	}
    321. 

  321. 

  322. 	private function buildDb()
    323. 

  323. 	{
    324. 

  324. 		require fimport('class/db');
    325. 

  325. 		require fimport('class/mysql');
    326. 

  326. 		$class = 'FDbMySql';
    327. 

  327. 		if(count($this->var['config']['db']['slave']))
    328. 

  328. 		{
    329. 

  329. 			require fimport('class/mysqlslave');
    330. 

  330. 			$class = 'FDbMysqlSlave';
    331. 

  331. 		}
    332. 

  332. 

  333. 		$this->db = &FDB::object($class);
    334. 

  334. 		$this->db->setConfig($this->config['db']);
    335. 

  335. 		$this->db->connect();
    336. 

  336. 	}
    337. 

  337. 

  338. 	private function buildMemory()
    339. 

  339. 	{
    340. 

  340. 		require fimport('class/memory');
    341. 

  341. 		$this->memory = new Memory();
    342. 

  342. 		if($this->is_memory)
    343. 

  343. 		{
    344. 

  344. 			$this->memory->init($this->config['memory']);
    345. 

  345. 		}
    346. 

  346. 		$this->var['memory'] = $this->memory->type;
    347. 

  347. 	}
    348. 

  348. 

  349. 	private function buildSession()
    350. 

  350. 	{
    351. 

  351. 		if($this->is_session)
    352. 

  352. 		{
    353. 

  353. 			require fimport('class/session');
    354. 

  354. 			$this->session = new Session();
    355. 

  355. 			$this->session->init($this->var['cookie']['sid'], $this->var['client_ip'], $this->var['uid']);
    356. 

  356. 			$this->var['sid'] = $this->session->sid;
    357. 

  357. 			$this->var['session'] = $this->session->var;
    358. 

  358. 

  359. 			if($this->var['sid'] != $this->var['cookie']['sid'])
    360. 

  360. 			{
    361. 

  361. 				fSetCookie('sid', $this->var['sid'], 86400);
    362. 

  362. 			}
    363. 

  363. 

  364. 			if($this->session->is_new)
    365. 

  365. 			{
    366. 

  366. 				if(ipBanned($this->var['client_ip']))
    367. 

  367. 					$this->session->set('gid', 6);
    368. 

  368. 			}
    369. 

  369. 

  370. 			/*if($this->session->get('gid') == 6)
    371. 

  371. 			{
    372. 

  372. 				$this->var['user']['gid'] = 6;
    373. 

  373. 				systemError('user_banned');
    374. 

  374. 			}*/
    375. 

  375. 

  376. 			if($this->var['uid'] && ($this->session->isnew || ($this->session->get('last_activity') + 600) < TIME_UTC))
    377. 

  377. 			{
    378. 

  378. 				$this->session->set('last_activity', TIME_UTC);
    379. 

  379. 				if($this->session->is_new)
    380. 

  380. 				{
    381. 

  381. 					//FDB::update('user_status', array('last_ip' => $this->var['client_ip'], 'last_visit' => TIME_UTC), "uid='".$this->var['uid']."'");
    382. 

  382. 				}
    383. 

  383. 			}
    384. 

  384. 		}
    385. 

  385. 	}
    386. 

  386. 

  387. 	public function buildUser($uid)
    388. 

  388. 	{
    389. 

  389. 		if($this->is_user)
    390. 

  390. 		{
    391. 

  391. 			if($auth = $this->var['cookie']['auth'])
    392. 

  392. 			{
    393. 

  393. 				$auth = fAddslashes(explode("\t", authcode($auth, 'DECODE')));
    394. 

  394. 			}
    395. 

  395. 			
    396. 

  396. 			list($password, $uid) = empty($auth) || count($auth) < 2 ? array('','') : $auth;
    397. 

  397. 

  398. 			if($uid)
    399. 

  399. 			{
    400. 

  400. 				$user = FS('user')->getUserById($uid);
    401. 

  401. 			}
    402. 

  402. 			
    403. 

  403. 			if(!empty($user) && $user['password'] == $password)
    404. 

  404. 			{
    405. 

  405. 				$this->var['user'] = $user;
    406. 

  406. 				$this->var['authoritys'] = FS('User')->getAuthoritys($uid);
    407. 

  407. 				FS('User')->init($user);
    408. 

  408. 			}
    409. 

  409. 			else
    410. 

  410. 			{
    411. 

  411. 				$this->buildGuest();
    412. 

  412. 			}
    413. 

  413. 		}
    414. 

  414. 		else
    415. 

  415. 		{
    416. 

  416. 			$this->buildGuest();
    417. 

  417. 		}
    418. 

  418. 		if(empty($this->var['cookie']['last_visit']))
    419. 

  419. 		{
    420. 

  420. 			$this->var['user']['last_visit'] = TIME_UTC - 3600;
    421. 

  421. 			fSetCookie('last_visit', TIME_UTC - 3600, 86400 * 30);
    422. 

  422. 		}
    423. 

  423. 		else
    424. 

  424. 		{
    425. 

  425. 			$this->var['user']['last_visit'] = $this->var['cookie']['last_visit'];
    426. 

  426. 		}
    427. 

  427. 		
    428. 

  428. 		$this->var['uid'] = $this->var['user']['uid'];
    429. 

  429. 		$this->var['user_name'] = addslashes($this->var['user']['user_name']);
    430. 

  430. 		$this->var['gid'] = $this->var['user']['gid'];
    431. 

  431. 		FS('User')->setReferrals();
    432. 

  432. 	}
    433. 

  433. 

  434. 	private function buildGuest()
    435. 

  435. 	{
    436. 

  436. 		$this->var['user'] = array( 'uid' => 0, 'user_name' => '', 'email' => '', 'gid' => 6);
    437. 

  437. 	}
    438. 

  438. 

  439. 	private function buildCron()
    440. 

  440. 	{
    441. 

  441. 		if($this->is_cron)
    442. 

  442. 		{
    443. 

  443. 			require fimport("class/cron");
    444. 

  444. 			Cron::run();
    445. 

  445. 		}
    446. 

  446. 	}
    447. 

  447. 

  448. 	private function buildMisc()
    449. 

  449. 	{
    450. 

  450. 		if(!$this->is_misc)
    451. 

  451. 			return false;
    452. 

  452. 

  453. 		$this->var['form_hash'] = formHash();
    454. 

  454. 		define('FORM_HASH', $this->var['form_hash']);
    455. 

  455. 

  456. 		if($this->init_user)
    457. 

  457. 		{
    458. 

  458. 			if($this->var['user']['status'] == -1)
    459. 

  459. 			{
    460. 

  460. 				systemError('user_banned',null);
    461. 

  461. 			}
    462. 

  462. 		}
    463. 

  463. 

  464. 		if($this->var['setting']['ip_access'] && !ipAccess($this->var['client_ip'], $this->var['setting']['ip_access']))
    465. 

  465. 		{
    466. 

  466. 			systemError('user_banned', null);
    467. 

  467. 		}
    468. 

  468. 

  469. 		if($this->var['setting']['nocacheheaders'])
    470. 

  470. 		{
    471. 

  471. 			@header("Expires: -1");
    472. 

  472. 			@header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
    473. 

  473. 			@header("Pragma: no-cache");
    474. 

  474. 		}
    475. 

  475. 	}
    476. 

  476. 

  477. 	private function buildSetting()
    478. 

  478. 	{
    479. 

  479. 		if($this->is_setting)
    480. 

  480. 			$this->cache->loadCache('setting');
    481. 

  481. 

  482. 		if(!is_array($this->var['setting']))
    483. 

  483. 			$this->var['setting'] = array();
    484. 

  484. 	}
    485. 

  485. 

  486. 	private function buildCache()
    487. 

  487. 	{
    488. 

  488. 		!empty($this->cache_list) && $this->cache->loadCache($this->cache_list);
    489. 

  489. 	}
    490. 

  490. 

  491. 	private function buildRewriteArgs()
    492. 

  492. 	{
    493. 

  493. 		if(intval($this->var['setting']['url_route']) > 0)
    494. 

  494. 		{
    495. 

  495. 			switch(MODULE_NAME.'/'.ACTION_NAME)
    496. 

  496. 			{
    497. 

  497. 				case 'index/index':
    498. 

  498. 				case 'index/search':
    499. 

  499. 				case 'index/today':
    500. 

  500. 				case 'index/custom':
    501. 

  501. 					getRewriteArgs(array('cat','city_py','sort','prices','keyword','page'));
    502. 

  502. 				break;
    503. 

  503. 

  504. 				case 'goods/index':
    505. 

  505. 				case 'goods/search':
    506. 

  506. 					getRewriteArgs(array('site','cat','date','city_py','sort','prices','keyword','page'));
    507. 

  507. 				break;
    508. 

  508. 			}
    509. 

  509. 		}
    510. 

  510. 	}
    511. 

  511. 

  512. 	private function _xssCheck()
    513. 

  513. 	{
    514. 

  514. 		$temp = strtoupper(urldecode(urldecode($_SERVER['REQUEST_URI'])));
    515. 

  515. 		if(strpos($temp, '<') !== false || strpos($temp, '"') !== false || strpos($temp, 'CONTENT-TRANSFER-ENCODING') !== false)
    516. 

  516. 		{
    517. 

  517. 			systemError('request_tainting');
    518. 

  518. 		}
    519. 

  519. 		return true;
    520. 

  520. 	}
    521. 

  521. }
    522. 

  522. ?>
    523.