Home > Developer > PHP

Discuzsession _ PHP Tutorial

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Discuzsession mechanism. Php code Discuz! The SESSION mechanism in X is explained in Discuz! As always in X, the SESSION does not use the SESSION mechanism that comes with PHP, but is a set of built-in mechanisms of the system. Php code in data
Discuz! SESSION mechanism in X

In Discuz! As always in X, the SESSION does not use the SESSION mechanism that comes with PHP, but is a set of built-in mechanisms of the system.

There are two SESSION tables in the database:
One is pre_common_adminsession, which is the SESSION table for the administrator to log on to the background;
The other is the pre_common_session table, which is the SESSION table when all users browse the page at the front-end.
Both tables are memory tables (the read/write speed of memory tables is much higher than that of MYISAM tables and text files ).

In Discuz! In X, SESSION and COOKIE are inseparable because SESSION is the COOKIE read from the client,
Then, relevant function execution is triggered when the page is viewed, and then written to the database SESSION table.

I will take the logon process as an example to explain how the program is executed.
On the front-end homepage, click "log on". a logon window is displayed. fill in the data and submit it. The URL of form submission is:

Http://ux.com/member.php? Mod = logging & action = login & loginsubmit = yes & floatlogin = yes & inajax = 1 </a>
Bytes
The data is submitted to the member. php file. the following code is displayed in the program:
01 $ mod =! In_array ($ discuz-> var ['mod'], $ modarray )? 'Logging': $ discuz-> var ['mod']; // The value of mod is the php page to be loaded next.
02 define ('curmodule', $ mod );
03 $ modcachelist = array ('register '=> array ('modreasons', 'stamptypeid', 'fields _ required', 'fields _ optional', 'ipctrl '));
04 $ cachelist = array ();
05 if (isset ($ modcachelist [CURMODULE]) {
06 $ cachelist = $ modcachelist [CURMODULE];
07}
08 $ discuz-> cachelist = $ cachelist;
09 $ discuz-> init ();
10 runhooks ();
11 require DISCUZ_ROOT. './source/module/member _'. $ mod. '. php'; // complete the inclusion operation of the program.

Open the source/module/member/member_logging.php file, which is a class. you can see the following three codes before the class:

Bytes
$ Ctl_obj = new logging_ctl ();
$ Method = 'on _ '. $ _ G ['GP _ action']; // $ _ G ['GP _ action'] is equal to the value of action, that is, login.
$ Ctl_obj-> $ method (); // $ ctl_obj-> on_login ();

The login method can be found in the class. in the method, about 56 rows have the following judgment statement:

Bytes
If (! Submitcheck ('loginsubmit ', 1, $ seccodecheck )){

When the judgment statement is viewed by a visitor, the return value of the submitcheck function is false, and the return value is reversed to true.
When a user logs on, the program follows the else section. the following five codes are displayed:

Bytes
} Else {
$ _ G ['uid'] = $ _ G ['member'] ['uid'] = 0;
$ _ G ['username'] = $ _ G ['member'] ['username'] = $ _ G ['member'] ['password'] = ''; // variable assignment
$ Result = userlogin ($ _ G ['GP _ username'], $ _ G ['GP _ password'], $ _ G ['GP _ questionid '], $ _ G ['GP _ answer '], $ _ G ['setting'] ['autoidselect']? 'Auto': $ _ G ['GP _ loginfield ']); // query user data from the database and return corresponding information.

If ($ result ['status']> 0) {// if the status value is greater than 0, this user is logged on.
Setloginstatus ($ result ['member'], $ _ G ['GP _ cookietime']? 2592000: 0); // Set the logon status, that is, the COOKIE write operation. The data in the COOKIE is the corresponding data in the SESSION, but this function is not responsible for the SESSION write operation.

Let's take a look at the setloginstatus function in source/function/function_login.php, which is a common COOKIE writing operation and will not be explained in detail:

Bytes
Function setloginstatus ($ member, $ cookietime ){
Global $ _ G;
$ _ G ['uid'] = $ member ['uid'];
$ _ G ['username'] = $ member ['username'];
$ _ G ['adminid'] = $ member ['adminid'];
$ _ G ['groupid'] = $ member ['groupid'];
$ _ G ['formhash'] = formhash ();
$ _ G ['session'] ['invisable'] = getuserprofile ('invisable ');
$ _ G ['member'] = $ member;
$ _ G ['core']-> session-> isnew = 1;

Dsetcookie ('auth', authcode ("{$ member ['password']} \ t {$ member ['uid']}", 'encoding'), $ cookietime, 1, true); // authcode encryption
Dsetcookie ('loginuser ');
Dsetcookie ('activationauth ');
Dsetcookie ('pmnum ');
}

This can be said that most of the login process has been completed, but when the COOKIE is not cleared, it will always exist on the client. if the timeout occurs, the program will judge to discard the COOKIE and write it again.

Next let's take a look at the SESSION operation class in DZX, in the source/class/calss_core.php file:
The SESSION will be loaded in each request in the program. this is executed by the _ init_session method in the discuz_core core class. this method is placed in the init method of the class, indicating that the class is loaded each time, the SESSION is automatically written.

Bytes
Function _ init_session (){

$ This-> session = new discuz_session (); // creates a SESSION class

If ($ this-> init_session ){
// Read data from cookies
$ This-> session-> init ($ this-> var ['cookier'] ['Sid '], $ this-> var ['clientip'], $ this-> var ['uid']);
$ This-> var ['Sid '] = $ this-> session-> sid;
$ This-> var ['session '] = $ this-> session-> var;
// Determine whether the SID is equal or not. multiple users log on to the website on the same host and need to re-write the COOKIE.
If ($ this-> var ['Sid ']! = $ This-> var ['cooker'] ['Sid ']) {
Dsetcookie ('Sid ', $ this-> var ['Sid'], 86400 );
}

If ($ this-> session-> isnew ){
If (ipbanned ($ this-> var ['clientip']) {
$ This-> session-> set ('groupid', 6 );
}
}

If ($ this-> session-> get ('groupid') = 6 ){
$ This-> var ['member'] ['groupid'] = 6;
Sysmessage ('User _ banned ');
}
// The UID is not empty, and the update SESSION or SESSION times out. to change the user status, you need to log on again.
If ($ this-> var ['uid'] & ($ this-> session-> isnew | ($ this-> session-> get ('lastactive ') + 600) <TIMESTAMP )){

$ This-> session-> set ('lastactivity', TIMESTAMP );

$ Update = array ('lastip' => $ this-> var ['clientip'], 'lastactive' => TIMESTAMP );
If ($ this-> session-> isnew ){
$ Update ['lastvisit'] = TIMESTAMP;
}
DB: update ('Common _ member_status ', $ update, "uid ='". $ this-> var ['uid']. "'");
}

}
}

The SESSION operation class is discuz_session. let's look at the two methods in this class:

Bytes
// This function is responsible for generating new sessions, but is not responsible for writing data to the database.
Function create ($ ip, $ uid ){
// Create a SESSION and insert data. a random six-digit random number is generated by the random function. that is, the unique time of the session is the current time, and the sid is the sid in the cookie.
$ This-> isnew = true;
$ This-> var = $ this-> newguest;
$ This-> set ('Sid ', random (6 ));
$ This-> set ('uid', $ uid );
$ This-> set ('IP', $ ip );
$ This-> set ('lastactivity', time ());
$ This-> sid = $ this-> var ['Sid'];

Return $ this-> var;
}
// This function updates the SESSION.
Function update (){
If ($ this-> sid! = Null ){

$ Data = daddslashes ($ this-> var );

If ($ this-> isnew ){
$ This-> delete ();
DB: insert ('Common _ session ', $ data, false, false, true );
} Else {
DB: update ('Common _ session', $ data, "sid = '$ data [sid]'");
}
Dsetcookie ('Sid ', $ this-> sid, 86400 );
}
}

So far, we know the specific function used to insert a SESSION into the database and the connection with the COOKIE, but we still don't know how to trigger this operation.
Open the source/function/function_core.php file, find the function, updatesession, which updates the SESSION:

Bytes
Function updatesession ($ force = false ){

Global $ _ G;
Static $ updated = false;
If (! $ Updated ){
$ Discuz = & discuz_core: instance ();
Foreach ($ discuz-> session-> var as $ k => $ v ){
If (isset ($ _ G ['member'] [$ k]) & $ k! = 'Lastactivity '){
$ Discuz-> session-> set ($ k, $ _ G ['member'] [$ k]);
}
}

Foreach ($ _ G ['action'] as $ k => $ v ){
$ Discuz-> session-> set ($ k, $ v );
}

$ Discuz-> session-> update ();

$ Updated = true;
}
Return $ updated;
}

Search for this function in the program source code. the following code is found in many templates:

Bytes
{Eval updatesession ();}

This function is triggered when you browse the page and the SESSION is written to the database.

Sort out your thoughts:
Step 1: When a user logs on, the program writes cookies to the client. These cookies are part of the SESSION data, such as SID, IP, and TIME. They do not contain key information such as the user name and password.
Step 2: After successful login, the program will automatically refresh the page, send a request to the server again, load the discuz_core core class on the server, and read the SESSION information from the COOKIE, but it has not been written into the database.
Step 3: After the core class is loaded, the program continues to execute. Finally, the template is loaded and the updatesession function is triggered. The SESSION is written to the database.

Author "pz9042"

Discuz! The SESSION mechanism in X is explained in Discuz! As always in X, the SESSION does not use the SESSION mechanism that comes with PHP, but is a set of built-in mechanisms of the system. In the data...

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
goutte php tutorial apache php tutorial cassandra php tutorial comet php tutorial best php tutorial best php tutorial site core php programming tutorial

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More