discuz X3登入流程分析
公司最近要將discuz論壇升級至最新版discuz X3。但是公司要用自己的通行證同步登陸。故必須要知道discuzX3的登入流程及原理,才能進行二次開發。
一、涉及到的檔案
discuzX3/source/template/default/member/login.htm
discuzX3/member.php
discuzX3/source/module/member/member_logging.php
discuzX3/source/class/class_member.php
discuzX3/source/function/function_member.php
discuzX3/uc_client/client.php
discuzX3/uc_client/control/user.php
二、流程注意:流程順序也是按照上面檔案依次向下)
1、前台輸入帳號/email,密碼登入,根據login.htm裡面的form action=“xxxx”看到將資料提交到member.php中處理。
2、流入member_logging.php
3、流入class_member.php中的on_login)方法進行處理大約在30行)。大約在87行:
$result = userlogin($_GET['username'], $_GET['password'], $_GET['questionid'], $_GET['answer'], $this->setting['autoidselect'] ? 'auto' : $_GET['loginfield'], $_G['clientip']);
將資料丟入到function_member.php中處理。
4、流入function_member.php中大約第14行userlogin)方法。
大約33行:
if($isuid == 3) { if(!strcmp(dintval($username), $username) && getglobal('setting/uidlogin')) { $return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer, $ip); } elseif(isemail($username)) { $return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer, $ip); } if($return['ucresult'][0] <= 0 && $return['ucresult'][0] != -3) { $return['ucresult'] = uc_user_login(addslashes($username), $password, 0, 1, $questionid, $answer, $ip); }}else { $return['ucresult'] = uc_user_login(addslashes($username), $password, $isuid, 1, $questionid, $answer, $ip);}
5、流入client.php大於304行。
function uc_user_login($username, $password, $isuid = 0, $checkques = 0, $questionid = '', $answer = '') { $isuid = intval($isuid); $return = call_user_func(UC_API_FUNC, 'user', 'login', array('username'=>$username, 'password'=>$password, 'isuid'=>$isuid, 'checkques'=>$checkques, 'questionid'=>$questionid, 'answer'=>$answer)); return UC_CONNECT == 'mysql' ? $return : uc_unserialize($return);}
6、最後流入user.php大約106行,onlogin()方法做最終的帳號密碼正確性驗證。
function onlogin() { $this->init_input(); $isuid = $this->input('isuid'); $username = $this->input('username'); $password = $this->input('password'); $checkques = $this->input('checkques'); $questionid = $this->input('questionid'); $answer = $this->input('answer'); if($isuid == 1) { $user = $_ENV['user']->get_user_by_uid($username); } elseif($isuid == 2) { $user = $_ENV['user']->get_user_by_email($username); } else { $user = $_ENV['user']->get_user_by_username($username);//從資料庫中擷取使用者資料 }//showmessage($user['password']); $passwordmd5 = preg_match('/^\w{32}$/', $password) ? $password : md5($password); if(empty($user)) { $status = -1; //使用者不存在,或者被刪除 } //elseif($user['password'] != md5($passwordmd5.$user['salt'])) { //$status = -2; //密碼錯 //} //elseif($checkques && $user['secques'] != '' && $user['secques'] != $_ENV['user']->quescrypt($questionid, $answer)) { //$status = -3; //安全提問錯 //} else { $status = $user['uid']; } $merge = $status != -1 && !$isuid && $_ENV['user']->check_mergeuser($username) ? 1 : 0; return array($status, $user['username'], $password, $user['email'], $merge); }
附:discuz X3使用者登入uc_user_login()函數詳解
本文出自 “PHPer許琴-專註於PHP技術” 部落格,請務必保留此出處http://xuqin.blog.51cto.com/5183168/1293599
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
