mysql_websocket_chat 正在参加 2021 年度 OSC 中国开源项目评选,请投票支持!
mysql_websocket_chat 在 2021 年度 OSC 中国开源项目评选 中已获得 {{ projectVoteCount }} 票,请投票支持!
2021 年度 OSC 中国开源项目评选 正在火热进行中,快来投票支持你喜欢的开源项目!
2021 年度 OSC 中国开源项目评选 >>> 中场回顾
mysql_websocket_chat 获得 2021 年度 OSC 中国开源项目评选「最佳人气项目」 !
授权协议 MIT License
开发语言 PHP
操作系统 跨平台
软件类型 开源软件
开源组织
地区 不详
投 递 者 首席测试
适用人群 未知
收录时间 2021-12-02

软件简介

Code Triagers Badge ESLint StyleLint Phpcs

MYSQL WEBSOCKET CHAT

Welcome to this Hackaton project I created for user hrushi on phpclasses.org. The idea was to create a web socket chat application that could be logging to a database. So here is what you need to get this up and running. Please note the minimum required PHP version is 7.0- this is not because it wanted this but it is because of the dependencies this project has.

Step 1: install composer

First thing you is installing composer on to your system. You can get composer here. Don't worry it might seem intimidating but it is not.

Step 2: Install the project

Using composer

Installing the project using composer is hands down the easiest way to get started. This method will download the project from GitHub and automatically install its dependencies for you. Presuming you installed composer (step 1) execute the following commands on the command-line.

$ composer create-project johnnymast/mysql_websocket_chat chat
$ cd chat

In the above example I am using a mac so my prompt will display different then you if you are on windows.

Downloaded from phpclasses.org

If you download this package in a zip file from phpclasses.org you will have to extract the zip package to a location of your liking. Then change directory into that directory and execute the following command on your prompt.

$ composer install

In the above example I am using a mac so my prompt will display different then you if you are on windows.

Step 3: Configure the server

Websocket configuration

This project can be split into two different components. The WebSocket server is the server.php in the root directory. The second part is the frontend part located in public/index.php. For the WebSocket server, there are two configuration options that you can configure in includes/config.php.

WEBSOCKET_SERVER_IP

This flag allows you to configure the WebSocket server's IP-address. By default the value 127.0.0.1 has been set.

WEBSOCKET_SERVER_PORT

This will configure what port the WebSocket server will listen on. The default value has been set to 8080. You can change this value if it clashes with other services running on your machine.

Database configuration

This server can run either with or without a database. By default i have disabled the use of a database server (ENABLE_DATABASE) but you can enable it by switching the ENABLE_DATABASE to true in the includes/config.php file.

Flag Description
DATABASE_HOST The database username goes in here. By default this has been set to root.
DATABASE_PORT The database port goes in here. By default this has been set to 3306.
DATABASE_USERNAME The database username goes in here. By default this has been set to root.
DATABASE_PASSWORD Enter the password to access the database there. By default this has been set to root.
DATABASE_DB Enter the name of the database here. By default this has been set to socket_chat.
ENABLE_DATABASE This flag will turn using the database on or off by setting its value to true or false.

Please note if you enable the database make sure you update the credentials as well (see table above). Also, if you enable the database make sure you have imported database.sql into your database.

Step 4: Fire up the WebSocket server

Change direction into the chat directory and fire up the server.

$ cd chat
$ php ./server.php

When you see no output and the command seems to hang that's when you know its running.

Step 5: Point a web service to the public directory

In the chat directory, you will find index.php. This file will be the client for your chat application. Make sure you set any web service its document root to the public/ folder. Alternatively, if you don't have access to a webserver you can also try using PHP's build-in webserver.

$ cd public
$ php -S 127.0.0.1:8000

This will start an webserver on port 8000

Step 6: Chat away!

Now open up 2 chat tabs and point them to localhost (or maybe a virtual host you configured) and chat away with your self.

Functionality

Private chats

If you want to test private chats you can single click any user in the user list on the right of the screen. Then type your message in the message bar, this will send a private message only to that user.

Changes

If you wish to know what has changed in this version of Mysql WebSocket Chat you can always checkout the changelog here.

Author

This package is created and maintained by Johnny Mast. For feature requests or suggestions you could consider sending me an e-mail.

Enjoy

Oh and if you've come down this far, you might as well follow me on twitter.

License

MIT License

Copyright (c) 2021 Johnny Mast

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

展开阅读全文

代码

评论

点击引领话题📣 发布并加入讨论🔥
暂无内容
发表了博客
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
发表了问答
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
Npm Ini 资源管理错误漏洞
拒绝服务
Npm Ini是美国Npm公司的一个基于Javascript的用于解析和序列化Ini格式文件的代码库。 Npm ini before 1.3.6 存在资源管理错误漏洞,该漏洞允许攻击者可利用该漏洞向应用程序提交恶意的INI文件,该应用程序将用INI解析该文件。这可以根据上下文进一步加以利用。
CVE-2020-7788 MPS-2020-17544
2022-08-08 20:38
handlebars 存在拒绝服务漏洞
拒绝服务
handlebars 是 Mustache 模板语言的扩展。此软件包的受影响版本容易受到原型污染。
MPS-2022-13734
2022-08-08 20:38
marked 存在ReDoS漏洞
ReDoS
标记是一个低级编译器,用于解析降价而不需要长时间缓存或阻塞。此软件包的受影响版本容易受到正则表达式拒绝服务 (ReDoS) 的攻击。
MPS-2022-13864
2022-08-08 20:38
Ajv 输入验证错误漏洞
输入验证不恰当
Ajv 6.12.2版本中的ajv.validate()函数中存在输入验证错误漏洞。攻击者可利用该漏洞执行代码或造成拒绝服务。
CVE-2020-15366 MPS-2020-10525
2022-08-08 20:38
npm CLI 后置链接漏洞
UNIX符号链接跟随
6.13.3 之前的 npm CLI 版本容易受到任意文件写入的攻击。软件包可以在安装时通过 bin 字段创建指向 node_modules 文件夹之外的文件的符号链接。 package.json bin 字段中正确构造的条目将允许包发布者在安装包时创建指向用户系统上任意文件的符号链接。通过安装脚本仍然可以实现此行为。此漏洞绕过使用 --ignore-scripts 安装选项的用户。
CVE-2019-16775 MPS-2019-16248
2022-08-08 20:38
Npm underscore 代码注入漏洞
代码注入
Underscore.js 是一个用于 JavaScript 的实用工具带库,它为常见的功提供支持,而无需扩展任何核心 JavaScript 对象。 漏洞版本中存在代码注入漏洞,攻击者可利用该漏洞容易通过模板函数执行任意代码。
CVE-2021-23358 MPS-2021-3658
2022-08-08 20:38
Markdown-It 安全漏洞
拒绝服务
Markdown-It是一个 Markdown 解析器。 Markdown-It存在安全漏洞,该漏洞源于Markdown—它是一个Markdown解析器。在1.3.2版本之前,长度大于5万个字符的特殊模式会显著降低解析器的速度。用户应该升级到12.3.2版本以接收补丁。除了升级之外,没有已知的变通办法。
CVE-2022-21670 MPS-2021-37028
2022-08-08 20:38
handlebars 安全漏洞
handlebars是一款语义化的Web模板系统。 handlebars 4.7.7版本之前存在安全漏洞,该漏洞源于在选择某些编译选项来编译来自不受信任的源的模板时,handlebars容易受到远程代码执行(Remote Code Execution, RCE)的攻击。
CVE-2021-23369 MPS-2021-4548
2022-08-08 20:38
handlebars 存在MAID漏洞
MAID
handlebars 是 Mustache 模板语言的扩展。此软件包的受影响版本容易受到原型污染。
MPS-2022-13731
2022-08-08 20:38
uglify-js 存在ReDoS漏洞
ReDoS
uglify-js 是一个 JavaScript 解析器、压缩器、压缩器和美化工具包。此软件包的受影响版本容易通过 string_template 和 decode_template 函数受到正则表达式拒绝服务 (ReDoS) 的攻击。
MPS-2022-14112
2022-08-08 20:38
squizlabs/php_codesniffer 存在命令注入漏洞
命令注入
squizlabs/php_codesniffer 的受影响版本容易受到任意 Shell 执行的影响。
MPS-2022-14515
2022-08-08 20:38
Npm 安全漏洞
关键资源的不正确权限授予
Npm是美国Npm公司的一款开源的软件包管理器。 Npm 5.7.0 2018-02-21 pre-release版本中存在安全漏洞。本地攻击者可利用该漏洞绕过文件系统访问限制。
CVE-2018-7408 MPS-2018-2363
2022-08-08 20:38
npm CLI 输入验证错误漏洞
特权管理不恰当
6.13.4 之前的 npm CLI 版本容易受到任意文件覆盖的影响。它无法防止现有的全局安装的二进制文件被其他软件包安装覆盖。例如,如果一个包被全局安装并创建了一个服务二进制文件,那么任何后续安装的包也创建一个服务二进制文件将覆盖以前的服务二进制文件。在本地安装和安装脚本中仍然允许此行为。此漏洞绕过使用 --ignore-scripts 安装选项的用户。
CVE-2019-16777 MPS-2019-16250
2022-08-08 20:38
lodash输入验证错误漏洞
原型污染
lodash是一款开源的JavaScript实用程序库。 lodash 4.17.15及之前版本中存在输入验证错误漏洞。远程攻击者可借助'merge'、'mergeWith'和'defaultsDeep'函数利用该漏洞在系统上执行任意代码。
CVE-2020-8203 MPS-2020-15679
2022-08-08 20:38
trim-newlines 安全漏洞
拒绝服务
trim-newlines是一个修改换行符的npm包。 trim-newlines 存在安全漏洞,该漏洞源于应用于Node.js在3.0.1与4.0.1版本及之前版本中.end()方法存在相关问题。
CVE-2021-33623 MPS-2021-7398
2022-08-08 20:38
lodash 原型污染漏洞
拒绝服务
lodash是一款开源的JavaScript实用程序库。 lodash 4.17.11之前版本中由于函数merge,mergeWith和defaultsDeep可以添加或修改Object.prototype导致原型污染漏洞,。 这会造成通过触发 JavaScript 异常来拒绝服务,或者篡改应用程序源代码以强制攻击者注入的代码路径,从而导致远程代码执行
CVE-2018-16487 MPS-2019-1228
2022-08-08 20:38
lodash 命令注入漏洞
代码注入
lodash是一个提供模块化、性能和附加功能的现代 JavaScript 实用程序库。 4.17.21 之前的 Lodash 版本容易通过模板函数进行命令注入。
CVE-2021-23337 MPS-2021-2638
2022-08-08 20:38
Async 安全漏洞
原型污染
Async是英国Caolan McMahon个人开发者的一个实用模块。用于使用异步 JavaScript。 Async 3.2.1 及之前版本存在安全漏洞,该漏洞源于 mapValues() 方法。攻击者可通过 mapValues() 方法获取权限。
CVE-2021-43138 MPS-2021-34434
2022-08-08 20:38
Andrey Sitnik postcss 安全漏洞
Andrey Sitnik postcss是Andrey Sitnik开源的一个应用程序,用于使用JS插件进行样式转换。 在漏洞版本中该程序在源映射解析期间受到正则表达式拒绝服务(ReDoS)的攻击。
CVE-2021-23368 MPS-2021-4549
2022-08-08 20:38
handlebars 存在拒绝服务漏洞
拒绝服务
handlebars 是 Mustache 模板语言的扩展。此软件包的受影响版本容易受到原型污染。
MPS-2022-13735
2022-08-08 20:38
没有更多内容
加载失败,请刷新页面
点击加载更多
加载中
下一页
0 评论
0 收藏
分享
OSCHINA
登录后可查看更多优质内容
返回顶部
顶部