php - 数据库与逻辑应用分离的情况下怎么保证信息同步,或者叫安全
迷茫
迷茫 2017-04-17 16:48:34
0
6
957

我不太明白这个词怎么表达

是这样的,现在有一台服务器运行数据库(server),另外一台运行php程序(client),浏览器(Browser)访问client,然后client逻辑判断后通过http协议对server中的数据库进行CURD操作

有个问题就是,如果Browser的用户操作过快,而serverclient之间http请求太慢的话,就会导致client上获取的数据更新不及时,导致一些错误。。

栗子:一个用户只能买一个商品,用户点击之后,client先读取server的数据,判断是否已经购买,没有购买的话进行写入操作,然后购买完成,但是如果用户连着点击两次购买,两次操作一次进入client,然后由于clientserver之间网速或者其他一些问题,写入操作没有及时完成造成两次购买操作的判断为此用户未购买,于是会有两次写入server数据库的操作,就会造成错误。。

这个问题属于什么?应该怎么解决?

迷茫
迷茫

业精于勤,荒于嬉;行成于思,毁于随。

reply all(6)
刘奇

Use an in-memory database or NOSQL database to interact with the client, and then the in-memory database is "synchronized" with a relational database such as MYSQL.

If certain operations on the client require database queries to determine, errors can easily occur if there is high concurrency. I have experienced it before. For example, when user registration is used to determine whether there is a duplicate name, in theory, the database is first queried to see if the user name exists and then inserted. However, in actual operations, this logic was broken, and a user with the same name was discovered.

So put the core data in a relational database, and use an in-memory database if speed is required. Use caching appropriately to reduce duplicate queries.

左手右手慢动作

The general solution is for the server to provide the token first. Only with the token can the operation be successful. If it is used up, it will be marked as expired. This can not only ensure that operations are not repeated, but also can perform functions such as current limiting.

And your question is a bit wrong. If it is the security of communication between the database and the business server, you can use the SSL protocol.

Another approach is to use consistent hashing to calculate the business ID without incrementing the ID. This can ensure that many operations are idempotent. If you are interested, you can give it a try.

Peter_Zhu

Thank you for the invitation, your Lizi client can make the decision

左手右手慢动作

Distributing tokens and the like is of course a very good solution. However, in practical application, I think the following solution is more concise and efficient:

  1. After processing in the front-end js, after clicking the [Purchase] button, a full-screen mask will pop up to prevent the user from clicking the second time. When the background is successful, the mask will be removed. In addition, you can also use flag bits, or use the classic debounce/throttle algorithm.

  2. The background also determines during the purchase process that when repeated purchases are made within a short period of time (such as within 10 seconds), an error of "Please do not repeat the operation" will be returned directly. On the database side, you can consider using transactions and increasing the isolation level of the transaction, or using locks.

Generally, after processing it in the front-end js, many problems can be avoided. Unless there is a malicious user.

伊谢尔伦

To add concurrent locks, you can use redis, memcached, etc., and release the lock after a request is completed

// 操作的原子性,如该key在有效时间30秒被设置过返回0,一般请求超时为30秒
$redis->set($lock_key, 1, array("NX", "EX"=>'30'));
黄舟

From the above, you can see that you have two servers, one running php and the other db. But why do you need to use the http protocol for communication between your two servers? Instead of using the default connection protocol of mysql (assuming you are using mysql)? In other words, you should directly connect to your server's database in php, and then operate the DB.

For the continuous insertion problem mentioned in your example, it can be solved through table structure design, and the unique index UNIQUE can be added to the field. There are also some other methods, and I personally recommend the unique index method

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template