BBS design based on mysql (4)_PHP tutorial
5. Layout module design
The so-called classification is more for the telnet server. In cq66 mode, users can
classify according to their own wishes. Anyway, in the end, access is directly based on the version. .
For access to layout articles, the entire article is used as a parameter when storing. The chunking of the article is completed by this layer
. If the upper layer transmits it in units of blocks, it will be transmitted completely in the upper layer. After combining, it will be transmitted again. Refer to the decomposition of
in this layer; when reading, this layer is accessed in block units. If the upper layer wants to access
in full-text units, the merge work is done in the upper layer, regardless of this layer.
As for whether to create an independent index without affecting the upper-layer operations, it is mainly related to the lower-layer database structure
and mainly considers feasibility, efficiency requirements, etc.
Where to check permissions? Let’s put it on the upper layer. In fact, on the telnet server side,
and cq66 clients will not display special command menus to ordinary users at all. Of course, users can
directly send cq66 commands, and the server side still To check. But you should check it again
without using the function module layer below it. Class BoardManage {
private:
public:
// Classification-related operations
int GetClassNameInfo( int maxclass, char **classid,
char ** classname );
Returns the classified information, Chinese and English names.
int GetBoardName( int maxboards, char *classid,
char **boardname );
Returns the board information in a certain category, general category, select directly..
from sboard
where boardclass == .... For special categories, check the corresponding table. . . .
// Modification requires privileges above the forum administrator
int NewClass( char * newclassname, int type );
Create a new category, a normal category or a special category,
int DeleteClass( char * newclassname );
Delete the classification, but not cascade, that is, this layer is not responsible for consistency, and the upper layer is responsible for changing the classification information of the corresponding layout of
to something else. To rename a category, delete it first and then create it.
int AddClassBoard( const char *classname, char *newboardname);
Add the already created board to a certain category, specifically for special categories. For general categories,
The effect is the same as modifyboardinfo,
int DeleteClassBoard( const char *classname, char *boardname);
Deleting a certain version from a category is also for special categories, and for general categories, the effect is also
is the same as modifyboardinfo , the category attribute of a version can be empty, that is, it does not belong to any category.
// Operations related to version information.
int NewBoard( const char *boardid, char *boardname);
Create a new board and create a corresponding table. Other parameters take default values.
int DeleteBoard( const char *boardid);
Delete a board and delete the corresponding table.
int GetBoardInfo( const char *boardid, char *boardname,
int& numposts, char *masters, char *class,
long &level);
Get the board information.
int ModifyBoardId( const char *oldid, char *newid);
To change the English id, the name of the corresponding table should also be changed,
int ModifyBoardInfo( const char *boardid, char *boardname,
int numposts, char *masters, char *class,
long level );
Modifying layout information requires privileges.
// Operations related to layout articles.
int AddText( char *boardid, char *title, char *writer,
char *text );
Add an article to the layout and internally divide the long article into 2k blocks.
int DeleteText(char *boardid, int num);
Deleting an article just makes a mark and does not modify the corresponding table immediately.
int FlushTable( char *boardid );
Refresh the layout and delete the corresponding records of the deleted articles.
int MarkText(char *boardid, int num, char mark);
Mark the article.
int ModifyTitle( char *boardid, int num, char *newtitle );
Modify the title of the article.
int ModifyText(char *boardid, int num, char *newtext);
Modifying the content of the article does not require privileges for your own article.
int GetTextInfo( const char *boardid, int num, char *title,
char *writer, char& mark);
Get the title information of the article.
int GetText( const char *boardid, int num, int block,
char *text );
Read the content of the article, in blocks.
// Query articles and authors
// Return all query results at once?
int QueryWriter( const char *boardid, char *writer,
char **result);
Query the articles of a certain author on the page.
int QueryTitle( const char *boardid, char *title,
char **result);
Query articles on the layout whose titles contain the specified content.
}
Parameter passing is a rather annoying thing. From an abstract point of view, we hope that the returned data has nothing to do with the
bottom layer, so it should be processed, but from an efficiency point of view, we do not want the data to be transferred Multiple
copies. On the other hand, should the application for space release be completed in the upper layer or in this layer
? If you are not careful, it is easy to have memory errors.

Effective methods to prevent session fixed attacks include: 1. Regenerate the session ID after the user logs in; 2. Use a secure session ID generation algorithm; 3. Implement the session timeout mechanism; 4. Encrypt session data using HTTPS. These measures can ensure that the application is indestructible when facing session fixed attacks.

Implementing session-free authentication can be achieved by using JSONWebTokens (JWT), a token-based authentication system where all necessary information is stored in the token without server-side session storage. 1) Use JWT to generate and verify tokens, 2) Ensure that HTTPS is used to prevent tokens from being intercepted, 3) Securely store tokens on the client side, 4) Verify tokens on the server side to prevent tampering, 5) Implement token revocation mechanisms, such as using short-term access tokens and long-term refresh tokens.

The security risks of PHP sessions mainly include session hijacking, session fixation, session prediction and session poisoning. 1. Session hijacking can be prevented by using HTTPS and protecting cookies. 2. Session fixation can be avoided by regenerating the session ID before the user logs in. 3. Session prediction needs to ensure the randomness and unpredictability of session IDs. 4. Session poisoning can be prevented by verifying and filtering session data.

To destroy a PHP session, you need to start the session first, then clear the data and destroy the session file. 1. Use session_start() to start the session. 2. Use session_unset() to clear the session data. 3. Finally, use session_destroy() to destroy the session file to ensure data security and resource release.

How to change the default session saving path of PHP? It can be achieved through the following steps: use session_save_path('/var/www/sessions');session_start(); in PHP scripts to set the session saving path. Set session.save_path="/var/www/sessions" in the php.ini file to change the session saving path globally. Use Memcached or Redis to store session data, such as ini_set('session.save_handler','memcached'); ini_set(

TomodifydatainaPHPsession,startthesessionwithsession_start(),thenuse$_SESSIONtoset,modify,orremovevariables.1)Startthesession.2)Setormodifysessionvariablesusing$_SESSION.3)Removevariableswithunset().4)Clearallvariableswithsession_unset().5)Destroythe

Arrays can be stored in PHP sessions. 1. Start the session and use session_start(). 2. Create an array and store it in $_SESSION. 3. Retrieve the array through $_SESSION. 4. Optimize session data to improve performance.

PHP session garbage collection is triggered through a probability mechanism to clean up expired session data. 1) Set the trigger probability and session life cycle in the configuration file; 2) You can use cron tasks to optimize high-load applications; 3) You need to balance the garbage collection frequency and performance to avoid data loss.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

SublimeText3 English version
Recommended: Win version, supports code prompts!

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

SublimeText3 Chinese version
Chinese version, very easy to use

EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
