Category Archives: Memo

PHP session

Posted on by
Reply

Use both Session and cookie to keep security for the website
$_COOKIE[session_name()]
the session name is stored as cookie, other variables are stored as session var

auth.php

<?php
session_set_cookie_params(7200,’/’,”,true);
session_start();
if($_SESSION[‘auth’]!=’xxx’){
session_destroy();
header(“Location: ./login.php\n\n”);
exit;
}else{
//check fingerprint
$fp = $_SERVER[“HTTP_USER_AGENT”];
$fp .= $_SERVER[“REMOTE_ADDR”];

$fp = md5($fp);
if($_SESSION[‘par’] != $fp){
header(“Location: ./login.php\n\n”);
exit;
}
}
?>

login.php
check if ID, pass are matched with those in db….then

session_start();
$_SESSION[‘user_id’] = $uid;
$_SESSION[‘grp_id’] = $gid;
$_SESSION[‘auth’] = 1;

$fp = $_SERVER[“HTTP_USER_AGENT”];
$fp .= $_SERVER[“REMOTE_ADDR”];
$_SESSION[‘remote’] = md5($fp);
header(“Location: ./index.php”);

logout.php

session_set_cookie_params(7200,’/’,”,true);
session_start();
$_SESSION = array();
if(isset($_COOKIE[session_name()])){
$params = session_get_cookie_params();
setcookie(session_name(), ”, time()-3600,
$params[“path”], $params[“domain”],
$params[“secure”], $params[“httponly”]
);
}
session_destroy();
header(“Location: ./login.php\n\n”);
exit;

session_destroy() destroy the session, and cookie will be deleted as setting the cookie lifetime as a time past

SQL — MySQL

Posted on by
Reply

Insert

INSERT INTO tablename (col1, col2) VALUES(‘data1’, ‘data2’ );

Grant
GRANT ALL PRIVILEGES ON dbname.* to dbuser@localhost;
GRANT ALL PRIVILEGES ON dbname.* to dbuser@”%”;
GRANT SELECT ON dbname.dbtable to dbuser@”111.111.111.111″;
GRANT SELECT(colname) ON dbname.dbtable to dbuser@”111.111.111.111″;

set password for username = password(‘password’);
flush privileges;

Find

Posted on by
Reply

To avoid files started with “.” in find result

find . -name ‘.snapshot’ -prune -o -name ‘file.mp4’

To delete files older than 7*24h

find /var/tmp -mtime +7 -exec rm -f {} \;

mysqldump

Posted on by
Reply

1. dump all database into backup file

mysqldump –opt  –all-databases > /tmp/databkup

(–opt includes lock table option)

2. dump several databases

mysqldump –opt –databases db1 db2 db3 > /tmp/databkup

3. dump single table

mysqldump –opt db1 table1 > /tmp/databkup

Touble shooting
Error: Access denied for user x@y to database z when using lock tables
mysqldump -u username -p database –single-transaction >dump.sql

User tar to back up db

mysql> FLUSH TABLES WITH READ LOCK;

(This will lock the db so it won’t be updated by other threads. Write threads by other process will wait till the lock is released)

#tar cvzf /var/tmp/datadump.tgz /var/lib/mysql/*

mysql> UNLOCK TABLES;

Restore data
lock tables bbb write;
mysql bbb < /data_backup/databkup
unlock tables;