Contenu connexe Similaire à Tips for Using CakePHP and MongoDB Similaire à Tips for Using CakePHP and MongoDB (20) Tips for Using CakePHP and MongoDB3. Topic
● What's MongoDB?
● Using MongoDB with CakePHP
● Setup
● Usage
● Security
● Future
@ichikaway http://cake.eizoku.com/blog/
5. Good for
● Social-Apps
● Calculation on distributed servers
● log analysis
● Questionnaire form
@ichikaway http://cake.eizoku.com/blog/
6. Terms
RDB MongoDB
Table Collection
Row Document
Column Field
@ichikaway http://cake.eizoku.com/blog/
7. Schema free
Posts Collection
id, title, body
id, name, tel, fax
id, name, nickname, email
Posts collection
@ichikaway http://cake.eizoku.com/blog/
8. Schema free
Screen
Blog Blog collection
Title xxxx Title : xxxx
Text yyyy Text : yyyy
data Tag: [tag1,tag2,tag3]
tag1,tag2,tag3 Comment:
[
Comment1 comment1,
Comment2 comment2,
Comment3 comment3
]
@ichikaway http://cake.eizoku.com/blog/
9. MongoDB operators
Find operators
$gt, $gte db.posts.find(
$lt, $lte { age : { $gt: 5 }}
$ne )
$in
$nin
$or
http://www.mongodb.org/display/DOCS/Advanced+Queries
@ichikaway http://cake.eizoku.com/blog/
10. MongoDB operators
Update operators
$inc db.posts.update(
$set { name: “Ichi” },
$push { $inc: { cnt: 1 }}
$pull )
$pop
$unset
http://www.mongodb.org/display/DOCS/Updating
@ichikaway http://cake.eizoku.com/blog/
11. Functions
● Geospatial index (location info)
● Map/Reduce
● Binary file saving (GridFS)
● Sharding
● etc
@ichikaway http://cake.eizoku.com/blog/
15. kanael.net
●Server
● VPS(2.4GHz-2core, 1.5GMem) x 1
●Application
● 40% write, 60% read
● 300,000 ducuments
@ichikaway http://cake.eizoku.com/blog/
16. kanael.net
● Peak traffic
● 100,000+ requests/day
● CPU 75% (MongoDB 10%)
@ichikaway http://cake.eizoku.com/blog/
17. Topic
● What's MongoDB?
● Using MongoDB with CakePHP
● Setup
● Usage
● Security
● Future
@ichikaway http://cake.eizoku.com/blog/
20. CakePHP MongoDB
PHP5+
CakePHP1.2, 1.3, 2.0-beta
Pecl Mongo driver
Documents
● https://github.com/ichikaway/cakephp-
mongodb/wiki
@ichikaway http://cake.eizoku.com/blog/
21. Structure
Model
CakePHP-MongoDB Datasource
MongoDB
MongoCollection
MongoCursor
@ichikaway http://cake.eizoku.com/blog/
23. Setup pecl mongo
pecl install mongo
vi php.ini
extension=mongo.so
@ichikaway http://cake.eizoku.com/blog/
25. Setup Cake Mongo(1.3)
cd app/plugins
git clone
git://github.com/ichikaway/cakephp-
mongodb.git mongodb
vi app/config/database.php
@ichikaway http://cake.eizoku.com/blog/
26. database.php Cake1.3
class DATABASE_CONFIG {
public $default = array(
'driver' => 'mongodb.mongodbSource',
'database' => 'blog',
'host' => 'localhost',
'port' => 27017,
);
@ichikaway http://cake.eizoku.com/blog/
28. Setup Cake Mongo(2.0)
cd app/Plugin
git clone
git://github.com/ichikaway/cakephp-
mongodb.git Mongodb
git checkout -b cake2.0 origin/cake2.0
vi app/Config/database.php
@ichikaway http://cake.eizoku.com/blog/
30. Load plugin Cake2.0
//app/Config/bootstrap.php
CakePlugin::load('Mongodb')
@ichikaway http://cake.eizoku.com/blog/
31. Sample Post Model
class Post extends AppModel
{
public $primaryKey = '_id';
}
@ichikaway http://cake.eizoku.com/blog/
33. find data
class PostsController extends AppController
{
public function index() {
$this->Post->find('all', $options);
}
} fields, conditions,
order, limit
@ichikaway http://cake.eizoku.com/blog/
34. Insert data
$data = array('name' => 'Ichi'
'age' => 32 );
$this->Post->save($data);
_id:xxx1, name: 'Ichi', 'age':32
Posts collection
@ichikaway http://cake.eizoku.com/blog/
35. Update data
$data = array( '_id' => 'xxx1',
'name' => 'Yasu' );
$this->Post->save($data);
// in Cake-Mongo DataSource
$MongoCollection->update(
array('_id' => 'xxx001'),
array('$set' => array('name' => 'Yasu')),
);
@ichikaway http://cake.eizoku.com/blog/
36. $set operator
Without $set
id:xxx1, name: 'Yasu'
Posts collection
With $set
id:xxx1, name: 'Yasu', 'age':32
Posts collection
@ichikaway http://cake.eizoku.com/blog/
37. Use other
update
operators
@ichikaway http://cake.eizoku.com/blog/
38. Update operator ($inc)
$data = array( '_id' => 'xxx1',
'$inc' => array('age' => 1) );
$this->Post->save($data);
// in Cake-Mongo DataSource
$MongoCollection->update(
array('_id' => 'xxx001'),
array('$inc' => array('age' => 1)),
);
@ichikaway http://cake.eizoku.com/blog/
39. Update operator(result)
_id:xxx1, name: 'Ichi', 'age':32
Posts collection
_id:xxx1, name: 'Ichi', 'age':33,
Posts collection
@ichikaway http://cake.eizoku.com/blog/
40. Update operator(complex)
$data = array(
'_id' => 'xxx1',
'$inc' => array('age' => 1),
'$push' => array('tags' => array('php', 'mongo'))
);
$this->Post->save($data);
@ichikaway http://cake.eizoku.com/blog/
41. Update operator(result)
_id:xxx1, name: 'Ichi', 'age':32
Posts collection
_id:xxx1, name: 'Ichi', 'age':33,
tags: ['php', 'mongo']
Posts collection
@ichikaway http://cake.eizoku.com/blog/
42. Update operator
●see Wiki
● https://github.com/ichikaway/cakephp-
mongodb/wiki/How-to-use-MongoDB-update-
operators
● see test code
● testUpdate()
● testUpdateWithoutMongoSchemaProperty()
@ichikaway http://cake.eizoku.com/blog/
43. Get
Cake Mongo
DataSource
Object
@ichikaway http://cake.eizoku.com/blog/
44. Source methods
● ensureIndex()
● mapreduce()
● group()
See wiki
https://github.com/ichikaway/cakephp-mongodb/wiki/_pages
@ichikaway http://cake.eizoku.com/blog/
45. ex. make index
$ds = $this->Post->getDataSource();
$ds->ensureIndex(
$this->Post,
array('title' => 1)
);
@ichikaway http://cake.eizoku.com/blog/
47. MongoDB Object
● CakeMongo DataSource
● not support all functions of MongoDB
– gridFs
– DbRef
@ichikaway http://cake.eizoku.com/blog/
48. get MongoDB Object
$mongo =
$this->Post->getMongoDb();
@ichikaway http://cake.eizoku.com/blog/
49. get MongoDB Object
$mongo->getGridFs();
$mongo->setSlaveOkay();
$mongo->createDbRef();
See php manual
http://php.net/manual/en/class.mongodb.php
@ichikaway http://cake.eizoku.com/blog/
51. get Mongo Collection
$mongo =
$this->Model->getMongoDb();
$collection = $mongo->
selectCollection('posts');
@ichikaway http://cake.eizoku.com/blog/
52. get Mongo Collection
$collection->find();
$collection->update();
$collection->insert();
$collection->createDbRef();
See php manual
http://php.net/manual/en/class.mongocollection.php
@ichikaway http://cake.eizoku.com/blog/
54. Replica sets
● master/slave replication
● automatic failover
● automatic recovery
@ichikaway http://cake.eizoku.com/blog/
55. Replica sets
Replication
Server1 Server2
Primary Secondary
Replication
Application
Server3
Server
Secondary
(CakePHP)
@ichikaway http://cake.eizoku.com/blog/
56. Replica sets
Replication
Server1 Server2
Primary Secondary
Replication
Application
Server3
Server
Secondary
(CakePHP)
@ichikaway http://cake.eizoku.com/blog/
57. Replica sets
Server1 Server2
Primary Primary
Replication
Application
Server3
Server
Secondary
(CakePHP)
@ichikaway http://cake.eizoku.com/blog/
58. database.php Cake1.3
class DATABASE_CONFIG {
public $default = array(
'driver' => 'mongodb.mongodbSource',
'database' => 'blog',
'replicaset' => array(
'host' =>'mongodb://loginid:password@
Server1:27021,Server2:27022/blog',
'options' => array('replicaSet' => 'myRepl')
),
);
https://github.com/ichikaway/cakephp-mongodb/wiki/How-to-connect-to-replicaset-servers
@ichikaway http://cake.eizoku.com/blog/
59. Topic
● What's MongoDB?
● Using MongoDB with CakePHP
● Setup
● Usage
● Security
● Future
@ichikaway http://cake.eizoku.com/blog/
60. Injection
Attack
@ichikaway http://cake.eizoku.com/blog/
61. ONLY
PHP ( ; ´Д ` )
@ichikaway http://cake.eizoku.com/blog/
63. Injection Attack
$user = $collection->find(array(
"username" => $_GET['username'],
"passwd" => $_GET['passwd']
));
● PHP makes array data from GET/POST request
●
ex. login.php?username=admin&passwd[$ne]=1
@ichikaway http://cake.eizoku.com/blog/
64. Injection Attack
$user = $collection->find(array(
"username" => $_GET['username'],
'admin',
"passwd" => $_GET['passwd']
array("$ne" => 1)
));
● PHP makes array data from GET/POST request
●
ex. login.php?username=admin&passwd[$ne]=1
@ichikaway http://cake.eizoku.com/blog/
65. Solution
●
Don't trust user input data
● GET/POST/Cookie
● Solution
● Cast to string
● Check all keys of array
@ichikaway http://cake.eizoku.com/blog/
66. Solution
Cast to string
@ichikaway http://cake.eizoku.com/blog/
67. Solution(cast to string)
$cursor = $collection->find(array(
"username" => (string)$_GET['username'],
"passwd" => (string)$_GET['passwd']
));
@ichikaway http://cake.eizoku.com/blog/
68. Solution(cast to string)
$cursor = $collection->find(array(
"username" => 'admin',
"passwd" => 'Array'
));
@ichikaway http://cake.eizoku.com/blog/
69. Solution
Check keys
of
input data
@ichikaway http://cake.eizoku.com/blog/
70. Solution(check keys)
SecurePHP
Library
https://github.com/ichikaway/SecurePHP
@ichikaway http://cake.eizoku.com/blog/
71. SecurePHP
●
Check Post/Get/Cookie
● Check all array keys
●
allow: a-z0-9:-_./
● Check null byte
@ichikaway http://cake.eizoku.com/blog/
73. Topic
● What's MongoDB?
● Using MongoDB with CakePHP
● Setup
● Usage
● Security
● Future
@ichikaway http://cake.eizoku.com/blog/
74. In the future
Relational data fetch
coming soon
(hasOne, hasMany, belongsTo)
relation branch
@ichikaway http://cake.eizoku.com/blog/
75. Summary
● What's MongoDB?
● Using MongoDB with CakePHP
● Setup
● Usage(find, save, MongoObject)
● Security
● Injection attack
● Future
● Relational data fetch
@ichikaway http://cake.eizoku.com/blog/