Shulou(Shulou.com)06/03 Report--

This article mainly explains "how to configure SESSION mechanism in DiscuziX". The content of the explanation is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn how to configure SESSION mechanism in Discuzix. next, please follow the editor's train of thought.

In Discuz! As in X, SESSION does not use the SESSION mechanism that comes with PHP, but a set of mechanisms that come with the system.

You can see that there are two SESSION tables in the database:

One is pre_common_adminsession, which is the SESSION table where the administrator logs in to the background

The other is the pre_common_session table, which is the SESSION table when all users browse the page in the foreground.

Both tables are memory tables (memory tables read and write much faster than MYISAM tables and text files).

In Discuz! In X, SESSION and COOKIE are inseparable, because SESSION is the COOKIE read from the client.

Then the relevant functions are triggered to execute when browsing the page, and then the database SESSION table is written.

I'll take the login process as an example to explain how the program is executed.

On the front page, click login, a login window pops up, fill in the data, and submit. The URL submitted by the form form is:

The copy code is as follows:

Http://ux.com/member.php?mod=logging&action=login&loginsubmit=yes&floatlogin=yes&inajax=1

The submission data is submitted to the member.php file, and you can see the following code in the program:

$mod =! in_array ($discuz- > var ['mod'], $modarray)? 'logging': $discuz- > var [' mod']; / / the value of mod is the next loaded php page define ('CURMODULE', $mod); $modcachelist = array (' register' = > array ('modreasons',' stamptypeid', 'fields_required',' fields_optional', 'ipctrl')); $cachelist = array (); if (isset ($modcachelist [CURMODULE])) {$cachelist = $modcachelist [CURMODULE];} $discuz- > cachelist = $cachelist;$discuz- > init (); runhooks () Require DISCUZ_ROOT.'./source/module/member/member_'.$mod.'.php'; / / complete the include operation of the program

Open the source/module/member/member_logging.php file, which is a class. In front of the class, you can see the following three lines of code:

$ctl_obj = new logging_ctl (); $method = 'on_'.$_G [' gp_action']; / / $_ G ['gp_action'] equals action, that is, login $ctl_obj- > $method (); / / $ctl_obj- > on_login ()

The login method can be found in the class, where about 56 lines have the following judgment statement:

If (! submitcheck ('loginsubmit', 1, $seccodecheck)) {/ / judgment statement is that when visitors browse, the return value of the submitcheck function is false, inverted, and true. / / when the user logs in, the program goes to the else section, in which you can see the following five lines of code:} else {$_ G ['uid'] = $_ G [' member'] ['uid'] = 0; $_ G [' username'] = $_ G ['member'] [' username'] = $_ G ['member'] [' password'] ='' / / variable assignment $result = userlogin ($_ G ['gp_username'], $_ G [' gp_password'], $_ G ['gp_questionid'], $_ G [' gp_answer'], $_ G ['setting'] [' autoidselect']? 'auto': $_ G [' gp_loginfield']); / / query user data from the database and return the corresponding information if ($result ['status'] > 0) {/ / the status value is greater than 0, indicating that if you have this user, you can log in to setloginstatus ($result [' member'], $_ G ['gp_cookietime']? 2592000: 0) / / set login status, that is, write COOKIE operation. The data in COOKIE is the corresponding data in SESSION, but this function is not responsible for writing SESSION operation.

Let's take a look at the setloginstatus function in source/function/function_login.php, which is a common write COOKIE operation, which is not explained in detail:

Function setloginstatus ($member, $cookietime) {global $_ G; $_ G ['uid'] = $member [' uid']; $_ G ['username'] = $member [' username']; $_ G ['adminid'] = $member [' adminid']; $_ G ['groupid'] = $member [' groupid']; $_ G ['formhash'] = formhash (); $_ G [' session'] ['invisible'] = getuserprofile (' invisible'); $_ G ['member'] = $member $_ G ['core']-> session- > isnew = 1; dsetcookie (' auth', authcode ("{$member ['password']}\ t {$member [' uid']}", 'ENCODE'), $cookietime, 1, true); / / authcode encryption dsetcookie (' loginuser'); dsetcookie ('activationauth'); dsetcookie (' pmnum');}

So far, it can be said that most of the login process has been completed, but when the COOKIE is not cleared, it will always exist on the client side. If it times out, the program will decide to discard the COOKIE and rewrite it.

Let's take a look at the classes for SESSION operations in DZX, in the source/class/calss_core.php file:

SESSION is loaded for each request in the program, which is executed by the _ init_session method in the core class discuz_core, which is placed in the class's init method, indicating that SESSION is automatically written each time the class is loaded.

Function _ init_session () {$this- > session = new discuz_session (); / create SESSION class if ($this- > init_session) {/ / read data from COOKIE $this- > session- > init ($this- > var ['cookie'] [' sid'], $this- > var ['clientip'], $this- > var [' uid']); $this- > var ['sid'] = $this- > session- > sid; $this- > var [' session'] = $this- > session- > var / / determine whether the SID is equal or different, indicating that multiple users log in to the website on the same host and need to rewrite COOKIE if ($this- > var ['sid']! = $this- > var [' cookie'] ['sid']) {dsetcookie (' sid', $this- > var ['sid'], 86400) } if ($this- > session- > isnew) {if (ipbanned ($this- > var ['clientip'])) {$this- > session- > set (' groupid', 6);}} if ($this- > session- > get ('groupid') = = 6) {$this- > var [' member'] ['groupid'] = 6; sysmessage (' user_banned') } / / UID is not empty, and you need to update SESSION or SESSION timed out. To change the user status, you need to log in to if again ($this- > var ['uid'] & & ($this- > session- > isnew | | ($this- > session- > get (' lastactivity') + 600)

Session- > set ('lastactivity', TIMESTAMP); $update = array (' lastip' = > $this- > var ['clientip'],' lastactivity' = > TIMESTAMP); if ($this- > session- > isnew) {$update ['lastvisit'] = TIMESTAMP;} DB::update (' common_member_status', $update, "uid='". $this- > var ['uid']. ");}

The class that operates SESSION is discuz_session. Let's look at the two methods in this class:

/ / this function is responsible for generating a new SESSION, but is not responsible for writing to the database function create ($ip, $uid) {/ / create SESSION and performing insert data. A six-digit random number generated by a random function is the current time, and sid is sid $this- > isnew = true; $this- > var = $this- > newguest; $this- > set ('sid', random (6)); $this- > set (' uid', $uid) in cookie $this- > set ('ip', $ip); $this- > set (' lastactivity', time ()); $this- > sid = $this- > var ['sid']; return $this- > var;} / / this function is responsible for updating SESSION function update () {if ($this- > sid! = null) {$data = daddslashes ($this- > var); if ($this- > isnew) {$this- > delete (); DB::insert (' common_session', $data, false, false, true) } else {DB::update ('common_session', $data, "sid='$ data [sid]'");} dsetcookie ('sid', $this- > sid, 86400);}}

At this point, we know the specific function that SESSION inserts into the database and the connection with COOKIE, but it is not clear how this operation is triggered.

Open the source/function/function_core.php file and find the function, updatesession, which updates SESSION:

Function updatesession ($force = false) {global $_ G; static $updated = false; if (! $updated) {$discuz = & discuz_core::instance (); foreach ($discuz- > session- > var as $k = > $v) {if (isset ($_ G ['member'] [$k]) & $k! =' lastactivity') {$discuz- > session- > set ($k, $_ G ['member'] [$k]) }} foreach ($_ G ['action'] as $k = > $v) {$discuz- > session- > set ($k, $v);} $discuz- > session- > update (); $updated = true;} return $updated;}

When we search for this function in the program source code, we can see that there is the following code in many templates:

The copy code is as follows:

{eval updatesession ();}

This function is triggered when browsing the page and the SESSION is written to the database.

Sort out your thoughts:

The first step: the user logs in, and the program writes COOKIE to the client. These COOKIE are part of the data of SESSION, such as SID, IP, TIME, and do not contain user name, password and other key information.

In the second step, after the login is successful, the program will automatically refresh the page and send the request to the server again. The server loads the discuz_core core class and reads the relevant information of SESSION from COOKIE, but has not written to the database yet.

In the third step, the core class is loaded, the program continues to execute, and finally the template is loaded, the updatesession function is triggered, and the SESSION is written to the database.

Thank you for reading, the above is the content of "how to configure SESSION mechanism in Discuzhuang X". After the study of this article, I believe you have a deeper understanding of how to configure SESSION mechanism in Discuzix. the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.