Lock visitor until mysql query is complete - php

I have a bunch of pages on a site for which the actions that can be taken on one page are contingent upon the info in the database for the site visitor. So, let's say Visitor A comes to page B and updates a database to show that they have joined a certain group. Then the visitor goes to page C, the group page. If the user is a group member, they are shown member content. If they are not, they are shown non-member content. Here comes the issue (btw, pages are in php):
In an ideal world, the query run on page B would be completed instantaneously before the user goes to page C so the database is always filled with the most recent info on membership states. However, it can happen that the server is under a lot of load and the query does not complete by the time the user goes to page C. So, even though the user is a member of the group, that is not reflected on page C since the query has yet to complete.
Is there a way to make it so that if a user run a query on a page, until that query completes any other page they try to visit will just "hang" and load after there query is complete, or until a given amount of time has passed? I can make this system manually, but if mysql and php already have something built in, that would be preferable.
In case it matters, I am using a LAMP server.

Unless you do anything fancy like replicated database servers or message que systems, this is in fact how a single MySQL server and PHP already work. Issue the UPDATE or INSERT on page B, and the query wont return until it is committed. So don't return any HTML from page B until you have done the query - which you won't want to anyway, as you will want to make sure there was no error first. Then page C will be fine.

Can't the visitor simply be not shown the link to page C until the confirmation happens in page B? So they join the group in page B which happens by submitting a form post to a separate intermediate form processor page F, and then once that's done (ie mysql insert completed successfully), it loads page B again with the proper new information and directions to page C.
If page C links have to appear always, or the user can have it bookmarked, then perhaps page C can also display the date of the record, offering the user a "Refresh" button in case his record doesn't match what he just did as a way of telling him to wait a bit and try again.
In any case, in mysql you're talking about the concept or row locking but you're trying to apply that to a multi-entry site. I don't know of any such built-in mechanism in PHP but you could fake it with semaphores per user if you'd like:
user initiates action
PHP sets a lock for that user either by creating a unique file, or setting a unique key in a memory store like memcache, or in the user session
that lock indicates that the action has not finished yet
PHP performs action (mysql insert, whatever)
once action is complete and validated, remove lock
Then you can use the existence of the lock to determine wether page C should load and display something descriptive to the user, such as my above suggestion of a Refresh button.

Assuming you have a string that uniquely identifies the current user, say 'identifyuser', pick a reasonable timeout and do a SELECT GET_LOCK('identifyuser',timeout) before any other database activity for a given request and SELECT RELEASE_LOCK('identifyuser') after all database activity for the request.

Related

The most efficient way to handle visitor/user statistics that I want to catch and display?

I am building a link directory style web application. For simplicity all of the following are examples. On my website I have 10 categories. Each category has it's own page and each page has 100 links in a table format. Each link has many columns like name, id, url, etc but the focus of this question deals with the "time last viewed" column. It will display a default text if the user/visitor has never clicked the link however if the link has been clicked by the user prior to the visit it will display the time/date the user last visited that link.
The way I have it set up is when the user clicks the link they are sent to another page/script (using GET method. link 1 is appended with ?rid=1) I use a switch contruct. (Case value is 1 from $_GET execute code block) this code block is where i need the user statistics caputuring to happen. Once the function runs and both captures and stores the visit statistics info the user is sent to the requested resource via header location. So the next time to user sees the list of links on the category page the link they visited will now display the time they visited it.
On my production site i have up to 1000 links. If they clicked each link it would say next to each link the last time they clicked it. Important to include users will be logged in when clicking each link.
How would you go about doing this? Store the info in a cookie or in the database? As there are 1000 links there could be 1000 different values. Thanks in advance.
It isn't a lot of data so you can do both, store in the database as well as store in a cookie. Ideally for performance, you should retrieve from the cookie first and then retrieve from the database if the cookie doesn't contain any user information pertaining to that link. Depending on your performance requirements and the amount of traffic you anticipate, you can use database storage, in-memory storage and asynchronous updates.
database updates are instant but can impact overall performance and page load times
in-memory caching such as apc gives best performance but data needs to be synchronised to the database
asynchronous updates are great for balancing out performance hits because you can register a view from the client side using JavaScript after the page has loaded, rather than during php execution on server side.
Personally I would use all 3 if possible because it gives a good platform for future development.

How to avoid some SQL queries in PHP?

I am developing a PHP web app with jQuery and Twitter Bootstrap. And it uses AJAX for everything. So, I show a form in HTML5, the user press a button (class="btn"), the form is sent to PHP (jQuery, AJAX), PHP makes a query to the MySQL and echoes an answer, which is shown in the form (jQuery). This is basically how the web app works.
But here's the deal, the first form it is showed, it's a div that shows some news. For example:
A new user was created.
There is new important date.
Someone wants to text you.
So I've created a table in MySQL called News where I saved some values than mean something like:
1: A new user was created
...
Everytime the user log in will se that. It means that there will be a query and a response as soon as the HTML5 get loaded when a user log in.
The index.html file has a navbar (Bootstrap), and a option call News. When the user clicks it, the same query will be executed, but not necessarily the same response.
I thought in modifying the div with news whenever the user does an action. But, an action can also be done by another user. So it is necessary to make the query again!
Is there any solution that allows me to avoid querying the database when the user wants to get the news? Or how can I know that it is necessary to update the div right now? I was taking a look at caching queries but didn't arrive to a conclution.
Sorry if my english is not too good, it is not my native language.
Thank you.
You can send a timestamp in every news response from the server and save it in javascript. The next time you make a request, send the timestamp you saved and the server checks if there are more recent news, sending nothing if there is none as the last response is still the newest.
Well, there is a downside here, you still need to make a query to the database (filtring the results with a WHERE clause like 'WHERE ... TIMESTAMP > last_timestamp_from_browser') which is perfectly valid, SGBDs are designed for this, and if you don't have thousands of users accessing your website at the same time there will not be any problem. With this approach you will only save bandwitdh as the connection to the database is still made.
There is another way that prevents this connection from being made, cache some values of last news inserted which could be user specific or global and save them in APC module (or memcached). You'll need to discover what to cache and when (you can't cache the entire database, just some well organized timestamps and maybe the most requested news for example). This way you prevent the database connection from being made. This will force you to do many many more code, so, use it only if you really need it, like thousands of user connections at once.

How do I prevent people from opening a record if someone else has it open?

I'm creating a PHP Web application, which would involve:
1) Users opening a record
2) Users making changes to the record
3) Saving changes to the record
Since this is a multi-user application, I want to prevent situations where two users have the same record open at the same time, and one user's changes overwrites the next, preferrably by enforcing some sort of locking method when a record is opened that automatically unlocks when the user navigates away from the page.
By record, you mean SQL records? If so, you could add another column isOpen. Set it to 1 as long as someone else has it open, and in that case, do not serve it to anyone else.
In situations like this, it works best to also implement a timeout mechanism, where a record can be open only for 'x' min before being forcibly closed.
(Edit: This answer is assuming you want to keep a record locked the entire duration a user is viewing the info fetched from the table. If you want to lock a record only for the instant that a read/write operation is occuring on that record, MySQL engines have inbuilt mechanisms for that)
In response to your comment
To make a record accessible to others when the active user navigates away, off the top of my head, I can think of two ways to achieve it:
Allow the timeout mechanism to take care of it. Depending on your scenario, a short enough time window could work fine.
In addition to the timeout, also implement a heartbeat mechanism - an Ajax script on the page polls the server letting it know the page is still open. If the user navigates away, the server recognizes the skipped heartbeat, and unsets the record. In this case, the timeout would still take precedence. So, if the user leaves the window open and walks away, the server would still receive the heartbeat, but when the time window closes, the server unsets the record (despite still receiving heartbeats).
I use a field update_date. When user reads the record I write a cookie with this date. When user updates the record and submits the new data I'am adding WHERE update_date = '$my_escaped_date' AND id = '$the_edited_id' and if mysql_affected_rows is zero I'm showing error message that the edited data is old. It's not perfect as if you edit old data you must reenter it, but it does the job.
A locking method is exactly what is available in mysql:
http://dev.mysql.com/doc/refman/5.0/en/lock-tables.html
It's not automatic but it allows you to lock a table, do stuff and then unlock it again.
Be carefull tho' that the system does not become locked up if you forget to unlock a table or a user takes a long time to change something and you only unlock it when that user submits the form.
A better way might be to read data from the table and upon submission of the form, check to see if the data has not been altered. If it has you can notify the user of the changes and other wise you can lock the table, perform the changes and unlock it again.
You can add a field in_use to the records table,
when a user open that record update its value to 1 and when he saves it
update it back to 0.
If the value is 1 - the record is locked and won't be opened for other users.

Page refresh on record in database changing

Okay so I'm running into a small problem.
Basicly my whole website runs through the AJAX system, content is loaded in the middle page, and theres a left and right menu which dont refresh.
Currently I'm trying to look for a PHP->Ajax feature that refreshes the whole website incase a certain record changes in the MYSQL table
Okay so every user has a record called "State" which indicates the state of their account, this can be changed by anyone, for example the account gets shot and killed by someone. How do I make it so it checks what state you have and if it changes from the "standart" state that it performs a full page refresh.
I tried to find an answer for this everywhere but haven't been able to figure something out.
-----Edit-----
Okay so I'll also notify, I kind of know how to perform a full page refresh, and I know how to retrieve data from the mysql database, this isn't the problem.
I have a table with all the users accounts in it, one of the records for every user is called "State" everybodies state will be 1 which means alive. when its 0 it means its a dead account.
On a part of my website theres an auto refresh with always fetches data from the database every 5 seconds, to check if your online if you have money etc. it also checks what state you have.
the only thing I want to do, is that when it sees your state is 0, it performs a full page refresh, considering state 0 means death, you should be seeing a deathscreen, I want it to perform a full page refresh cause the menu's have to dissapear. and it has to redirect you to the deathpage.
You need long pooling / comet - basically you keep open connection between the client and the server, and when the state is changed, the server sends the response to the client.
Basically, you'll open a long pooling connection, sending the userid.
The server script receives the userid, and starts monitoring for changes for that user. If such change is detected, send the response.
If performance is concern, you can use Tornado web server. What's nice about it, is that you can post from another application to the web server, and it can detect which client is affected by the change and send response to that client.

back button in dynamic application

Well, my problem is what the title says.
I have build a small application (php + mysql), to test my skills in an e-commerce environment - 6 pages in total.
Each page after the 1st, relies on an id to retrieve/save data. This id is passed usually as hidden form field between pages.
On top of each page i have a small script that checks in what state is the selected id (2 checks actually.... a) if user has reached the last page/step of application and b) if a fantastic payment has been completed for this user) - if both of these conditions are valid, then i redirect user to a thank you page, stating that his process is already completed and he can choose to start over.
Yet i have problems with hitting the back button on my browser.
Hitting the back button once, works good - validation check forces the redirect i have implemented in my code.
But hitting the back button fast for 2 or more times, break this script - leading to lost records in my database - in live environment these will be purchases.
So my question is this: what measures should i take to prevent the "back hitting user" of duplicating/deleting/overwrite data records in the application.
I am looking for ideas and strategies.
Check wether the user is eligble for the thank-you page on any of the pages. You can do this with sessions or by storing a flag into the database.
If a user that has finished the checkout already moves back more than one step you can check on that page if the user has already the checkout done or not - an react according to it.
I don't think is a good idea to pass variables from pages in post forms. Most likely you should make a good use out of sessions, paths and database.
What I'm trying to say is to save all info in a good structured database, every step has to be separated, that way you can always return to any step and load that step info from database without losing or breaking anything.
Since is an e-commerce website you can't afford to make a double payment or errors, since one single error can lead you into losing that client.
After finishing the forms you can save a field in database and tell other scripts to redirect the client on another page since he finished.

Categories