BBS design based on mysql 2_PHP tutorial
3. Database design
The key is still the efficiency of mysql, reasonable allocation of mysql memory, especially the
size of the table cache. In addition, what happens when the system suddenly loses power? Is mysql robust?
The name of the table is designed to use a prefix to indicate the type, all expressed in lowercase (?), for example:
The database of the system is preceded by s, such as the user table: suser (where is sUSER?), as follows :
s: system table, suser, sclass
m: user message table, msysop, mdrangon
w: user message table, wsysop, wdrangon
a: layout index table, alinux, acampus
b: layout article table, blinux, bcampus
c: special category layout table, cnewboard
i: essence area index table, ilinux, ilinux01, icampus, icampus04
j: essence area article table, jlinux, jcampus,
Also, should we use strings or numbers as identifiers? For example, for an account named sysop, its
id is 1. Is the table of his letter msysop or m00001? Similarly, for a version called campus, the corresponding
code is 5. So, is the table name of the article in this version bcampus or b00005? Maybe using strings will be easier
to understand, let’s check the error.
User information table: suser
usernum int unique, // Unique identifier, up to 30,000 accounts, is it too few?
userid char[20] primary key, // Sorting key, id, all lowercase.
passwd char[20], //Password, stores the encrypted ciphertext.
realid char[20], //actual id, mixed case.
username char[24], // User name
userlevel longint, // 64 kinds of permissions?
numlogins int,
numposts int,
firstlogin time,
lastlogin time,
staytime time, /* Total stay time*/
lasthost char[32],
email varchar[100],
address varchar[100],
// Do you need other data? Do I need to set aside a certain reserved value so that I can use alter table to
// add new fields in the future? How efficient will it be?
Layout classification table: sclass
classnum int unique, // Classification identifier
classid char[20], // Classification English id: computer
classname varchar[100],// Chinese description of the category: Computer World
classtable char[20], // The page table corresponding to the special category
// Generally speaking, each page only belongs to one category. For special categories, such as the fist section,
// New layout can be described with a special table
Layout table: sboard
boardnum int unique, // Identification of the layout (is it necessary?)
boardid char[20], // English name of the board
boardname varchar[100], // Chinese name of the board
boardclass char[20], // Category of the board
boardsysop varchar[100], // List of Bamboos
boardposts int, //The number of posts in the board
boardlevel int, //The read and write permissions of the board
indextable char[20], //The name of the index table corresponding to the board: aboardid?
texttable char[20], //The article table name corresponding to the layout: bboardid?
// Is it necessary for the last two items to appear? Can they be regarded as inevitable correspondences, or does
// allow greater flexibility? In addition, can the capitalization issue of the layout be directly defaulted to
// Only the first letter is capitalized,
Special category layout table: snewboard, sstarboard
boardid char[20], // The id of the layout
// Is such a table necessary?
Form index table: acampus, alinux, afootball. . . . . .
id int, // Article serial number, do you need to adjust it manually? ? ? ?
mark char[1], // Article mark, m, g, b, d. . . .
title varchar[100], // Article title
writer char[20], // Article author id
posttime time, // Publication time
textnum longint, // Corresponding number? ? ? Do not adjust
Layout article table
textnum longint, // Article number?
textword text, // Article content?
// Is it necessary to separate the index and article content? From an efficiency point of view, lazy flush
// is inevitable. To delete, mark it first.
// Are the unread data in the user's page articles relatively complex? Should we build a bunch of tables
// to achieve this?
// The voting function is not considered yet. . . .

Effective methods to prevent session fixed attacks include: 1. Regenerate the session ID after the user logs in; 2. Use a secure session ID generation algorithm; 3. Implement the session timeout mechanism; 4. Encrypt session data using HTTPS. These measures can ensure that the application is indestructible when facing session fixed attacks.

Implementing session-free authentication can be achieved by using JSONWebTokens (JWT), a token-based authentication system where all necessary information is stored in the token without server-side session storage. 1) Use JWT to generate and verify tokens, 2) Ensure that HTTPS is used to prevent tokens from being intercepted, 3) Securely store tokens on the client side, 4) Verify tokens on the server side to prevent tampering, 5) Implement token revocation mechanisms, such as using short-term access tokens and long-term refresh tokens.

The security risks of PHP sessions mainly include session hijacking, session fixation, session prediction and session poisoning. 1. Session hijacking can be prevented by using HTTPS and protecting cookies. 2. Session fixation can be avoided by regenerating the session ID before the user logs in. 3. Session prediction needs to ensure the randomness and unpredictability of session IDs. 4. Session poisoning can be prevented by verifying and filtering session data.

To destroy a PHP session, you need to start the session first, then clear the data and destroy the session file. 1. Use session_start() to start the session. 2. Use session_unset() to clear the session data. 3. Finally, use session_destroy() to destroy the session file to ensure data security and resource release.

How to change the default session saving path of PHP? It can be achieved through the following steps: use session_save_path('/var/www/sessions');session_start(); in PHP scripts to set the session saving path. Set session.save_path="/var/www/sessions" in the php.ini file to change the session saving path globally. Use Memcached or Redis to store session data, such as ini_set('session.save_handler','memcached'); ini_set(

TomodifydatainaPHPsession,startthesessionwithsession_start(),thenuse$_SESSIONtoset,modify,orremovevariables.1)Startthesession.2)Setormodifysessionvariablesusing$_SESSION.3)Removevariableswithunset().4)Clearallvariableswithsession_unset().5)Destroythe

Arrays can be stored in PHP sessions. 1. Start the session and use session_start(). 2. Create an array and store it in $_SESSION. 3. Retrieve the array through $_SESSION. 4. Optimize session data to improve performance.

PHP session garbage collection is triggered through a probability mechanism to clean up expired session data. 1) Set the trigger probability and session life cycle in the configuration file; 2) You can use cron tasks to optimize high-load applications; 3) You need to balance the garbage collection frequency and performance to avoid data loss.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft

SublimeText3 Mac version
God-level code editing software (SublimeText3)

MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

Dreamweaver CS6
Visual web development tools
