#268 closed Defect (fixed)
Prevent Scraping of userw.php
Reported by: | bryanRS | Owned by: | Rytis |
---|---|---|---|
Priority: | Minor | Milestone: | Undetermined |
Component: | Web - Project | Version: | |
Keywords: | patch | Cc: |
Description
Update userw.php and includes to cache the userw.php file (WAP stats), to prevent "scraping" (remote data pull) to stats/team sites. Recommend this patch to prevent excessive database queries running these signature graphics, as sometimes there are 5-10 requests per second for the same userid.
New userw.php:
<?php require_once("../inc/cache.inc"); require_once("../inc/util.inc"); require_once("../inc/userw.inc"); require_once("../inc/db.inc"); require_once("../inc/wap.inc"); $userid = get_int('id'); $cacheddata=get_cached_data(WAP_STAT_TTL,$userid); if ($cacheddata){ //If we have got the data in cache $wapstr = $cacheddata; // use the cached data } else { //if not do queries etc to generate new data db_init(); $user = lookup_user_id($userid); if (!$user) { sleep(5); error_page("No such user"); } $wapstr = show_user_wap($user); set_cache_data($wapstr,$userid); //save data in cache } wap_begin(); echo $wapstr; wap_end(); ?>
New userw.inc
<?php function show_credit($user) { $retstr = "<br/>User TotCred: " . format_credit($user->total_credit) . "<br/>"; $retstr .= "User AvgCred: " . format_credit($user->expavg_credit) . "<br/>"; /* if ($user->seti_nresults) { row2("SETI@home classic workunits", number_format($user->seti_nresults)); } if ($user->seti_total_cpu) { $x = number_format($user->seti_total_cpu/3600)." hours"; row2("SETI@home classic CPU time", $x); } */ return $retstr; } function show_user_wap($user) { // wap_begin(); if (!$user) { echo "<br/>User not found!<br/>"; // wap_end(); return; } // keep a 'running tab' in wapstr in case exceeds 1K WAP limit $wapstr = PROJECT . "<br/>Account Data<br/>for $user->name<br/>Time: " . wap_timestamp(); $wapstr .= show_credit($user); if ($user->teamid) { $result = mysql_query("select name, total_credit, expavg_credit from team where id = $user->teamid"); $team = mysql_fetch_object($result); $wapstr .= "<br/>Team: $team->name<br/>"; $wapstr .= "Team TotCred: " . format_credit($team->total_credit) . "<br/>"; $wapstr .= "Team AvgCred: " . format_credit($team->expavg_credit) . "<br/>"; mysql_free_result($result); } else { $wapstr .= "<br/>Team: None<br/>"; } // finally get last 5 trickles for user //$wapstr .= show_trickles("u", $user->id, 5, 1); // don't want to send more than 1KB probably? if (strlen($wapstr)>1024) return substr($wapstr,0,1024); else return $wapstr; // wap_end(); } ?>
Add the following line to project/cache_parameters.inc
define('WAP_STAT_TTL',1800);
Something we had to do after a number of teams started creating stats sigs & other pages w/the data. Cuts down the database queries to 2x/hour rather than 3/request. Thought I'd share.
Change History (2)
comment:1 Changed 17 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:2 Changed 17 years ago by
Keywords: | patch added |
---|
(In [13111]) Fix #268: use fullpage cache for WAP stats, cache interval USER_PAGE_TTL (default 60 minutes)