Davy's Blog

Thinkphp如何有效的设置session过期时间

thinkphp提供了一个参数让我们配置session过期时间。 'SESSION_OPTIONS' = array( expire => 3600 ); 然而这一配置是否真的有效？在多次测试之后，不遂人意。 why？那我们试着从源码上分析这个配置参数的，它是怎么让尝试着然我们的session过期的。 上图在中展现了框架对session有效期的操作，它设置了php.ini中的两个变量“session.gc_maxlifetime”和“session.cookie_lifetime”的值。 那么我们继续追问？这个两个参数就能让session按照自己设置的时间过期？ 我们看看这两个参数代表着什么？ session.gc_maxlifetime:session的有效生存时间，过了这个时间session将进入销毁队列。 session.cookie_lifetime:值为0代表关闭浏览器，保存在客户端的sessionid将立即失效。 session.gc_maxlifetime这个是关键，但过了这个时间并不能马上销毁，这又...

thinkphp计划任务使用cronRun

1、先不管是是否是独立分组，必须在你项目名下的Conf文件夹内创建2个文件一个是tages.php 一个是 crons.php。 注意这两个文件名为thinkphp标准文件名，不可以改变 tages.php内容是： crons.php内容是 2、在项目命的Lib文件夹内，新建一个文件夹Cron，然后再在Cron里面创建recommend.php文件,我们在recommend.php文件里面写需要执行的内容。直接写PHP代码就可以 recommend内容是 3、结果： 您好，欢迎光临本站，现在时间是:2014-05-16 10:33:49 该文字显示在网站的所有页面，但是不能刷新浏览器页面 实际开发中，可以再任务脚本中调用远程数据，执行PHP支持的功能操作等。 ** 如果此篇文章有帮助到你，欢迎点击下方/页面上任意广告，支持我们，谢谢！

Detect if link is HTTPS in PHP

How to find spam sending php script on server

This article can help you to track down outgoing spam using PHP. From php version 5.3.0 we can use the directive mail.log to log who’s calling the function mail(). When someone calls the function mail() from a php script we can get some info about the sender in log. PHP mail.log entries include the full path of the script, line number, To address and headers. 1. Check email log 2. Edit php.ini 3. To enable mail.log, add following line in php.ini under 4. Create lo...

Change Domain and Keep All Links with .htaccess

The following RewriteRule lives in the .htaccess file at olddomain.com and tells any request coming in to that domain to swap olddomain.com out and replace it with newdomain.com. This includes ANYTHING after the trailing slash, like a direct link to a previous post. So http://olddomain.com/this/direct/link gets sent properly to http://newdomain.com/this/direct/link The important part is the [R=301] which sends a 301 (Permanent) Redirect header. That tells search engines that the page ha...

How to XSS attack – JS injection in url

Some websites validate some bits and pieces but fail in other cases assuming that user will not pass anything strange there. French OS Con website is and example of that XSS security risk. If you go to this wage: You will see there is a link go back to previous post. Unfortunately this post's id is take straight from the requested URL (GET parameter) without any cast or validation. It is an common case of XSS errors where page number, date or id is passed around in links and it is n...

HowTo install ImageMagick PHP extension

How to install ImageMagick from YUM repository The easiest way to install ImageMagick extension is to install it from yum repository: 1) Run “yum search imagick” command to check if ImageMagick extension is available in your repositories. If you get the line below – ImageMagick extension is available in your repository and you can install it using “yum install” command 2) Run “yum install php-pecl-imagick” to install ImageMagick extension. 3) Restart Apache webserver. How...

PHP Operator ===

PHP’s === Operator enables you to compare or test variables for both equality and type. Refer below for example.

Create a REST API with PHP

One of the latest (sort of) crazes sweeping the net is APIs, more specifically those that leverage REST. It’s really no surprise either, as consuming REST APIs is so incredibly easy… in any language. It’s also incredibly easy to create them as you essentially use nothing more than an HTTP spec that has existed for ages. One of the few things that I give Rails credit for is its well thought-out REST support, both for providing and consuming these APIs (as its been explained by all the R...

ThinkPHP中实现gzip压缩

ThinkPHP中似乎没有对gzip的配置选项。不过实现起来还是挺简单的。以下是对 ThinkPHP 2.1 的修改方法。 首先要确定空间是否支持Zlib, 然后找ThinkPHP的控制输出函数output()。 控制输出的文件在 ThinkPHP/Lib/Think/Core 文件夹下，文件名 View.class.php。