Tips of CakePHP and MongoDB - Cakefest2011 ichikaway

1. Tips of CakePHP & MongoDB 2011/9/4 CakeFest2011 Yasushi Ichikawa

2. I am Yasushi Ichikawa Ichi @ichikaway http://cake.eizoku.com/blog

3. Topic ● What's MongoDB? ● Using MongoDB with CakePHP ● Setup ● Usage ● Security ● Future @ichikaway http://cake.eizoku.com/blog/

4. MongoDB NoSQL Performance Scalability @ichikaway http://cake.eizoku.com/blog/

5. Good for ● Social-Apps ● Calculation on distributed servers ● log analysis ● Questionnaire form @ichikaway http://cake.eizoku.com/blog/

6. Terms RDB MongoDB Table Collection Row Document Column Field @ichikaway http://cake.eizoku.com/blog/

7. Schema free Posts Collection id, title, body id, name, tel, fax id, name, nickname, email Posts collection @ichikaway http://cake.eizoku.com/blog/

8. Schema free Screen Blog Blog collection Title xxxx Title : xxxx Text yyyy Text : yyyy data Tag: [tag1,tag2,tag3] tag1,tag2,tag3 Comment: [ Comment1 comment1, Comment2 comment2, Comment3 comment3 ] @ichikaway http://cake.eizoku.com/blog/

9. MongoDB operators Find operators $gt, $gte db.posts.find( $lt, $lte { age : { $gt: 5 }} $ne ) $in $nin $or http://www.mongodb.org/display/DOCS/Advanced+Queries @ichikaway http://cake.eizoku.com/blog/

10. MongoDB operators Update operators $inc db.posts.update( $set { name: “Ichi” }, $push { $inc: { cnt: 1 }} $pull ) $pop $unset http://www.mongodb.org/display/DOCS/Updating @ichikaway http://cake.eizoku.com/blog/

11. Functions ● Geospatial index (location info) ● Map/Reduce ● Binary file saving (GridFS) ● Sharding ● etc @ichikaway http://cake.eizoku.com/blog/

12. WebSite @ichikaway http://cake.eizoku.com/blog/

13. http://kanael.net @ichikaway http://cake.eizoku.com/blog/

14. http://kanael.net @ichikaway http://cake.eizoku.com/blog/

15. kanael.net ●Server ● VPS(2.4GHz-2core, 1.5GMem) x 1 ●Application ● 40% write, 60% read ● 300,000 ducuments @ichikaway http://cake.eizoku.com/blog/

16. kanael.net ● Peak traffic ● 100,000+ requests/day ● CPU 75% (MongoDB 10%) @ichikaway http://cake.eizoku.com/blog/

18. CakePHP MongoDB Repository github.com/ichikaway /cakephp-mongodb/ @ichikaway http://cake.eizoku.com/blog/

19. CakePHP MongoDB Repository ●Test files ●API documents ●Sample Applications @ichikaway http://cake.eizoku.com/blog/

20. CakePHP MongoDB  PHP5+  CakePHP1.2, 1.3, 2.0-beta  Pecl Mongo driver  Documents ● https://github.com/ichikaway/cakephp- mongodb/wiki @ichikaway http://cake.eizoku.com/blog/

21. Structure Model CakePHP-MongoDB Datasource MongoDB MongoCollection MongoCursor @ichikaway http://cake.eizoku.com/blog/

22. Setup @ichikaway http://cake.eizoku.com/blog/

23. Setup pecl mongo pecl install mongo vi php.ini extension=mongo.so @ichikaway http://cake.eizoku.com/blog/

24. CakePHP1.3 @ichikaway http://cake.eizoku.com/blog/

25. Setup Cake Mongo(1.3) cd app/plugins git clone git://github.com/ichikaway/cakephp- mongodb.git mongodb vi app/config/database.php @ichikaway http://cake.eizoku.com/blog/

26. database.php Cake1.3 class DATABASE_CONFIG { public $default = array( 'driver' => 'mongodb.mongodbSource', 'database' => 'blog', 'host' => 'localhost', 'port' => 27017, ); @ichikaway http://cake.eizoku.com/blog/

27. CakePHP2.0 @ichikaway http://cake.eizoku.com/blog/

28. Setup Cake Mongo(2.0) cd app/Plugin git clone git://github.com/ichikaway/cakephp- mongodb.git Mongodb git checkout -b cake2.0 origin/cake2.0 vi app/Config/database.php @ichikaway http://cake.eizoku.com/blog/

29. database.php Cake2.0 // app/Config/database.php class DATABASE_CONFIG { public $default = array( 'datasource' => 'Mongodb.MongodbSource', 'host' => 'localhost', 'database' => 'blog', 'port' => 27017, ); @ichikaway http://cake.eizoku.com/blog/

30. Load plugin Cake2.0 //app/Config/bootstrap.php CakePlugin::load('Mongodb') @ichikaway http://cake.eizoku.com/blog/

31. Sample Post Model class Post extends AppModel { public $primaryKey = '_id'; } @ichikaway http://cake.eizoku.com/blog/

32. Useage @ichikaway http://cake.eizoku.com/blog/

33. find data class PostsController extends AppController { public function index() { $this->Post->find('all', $options); } } fields, conditions, order, limit @ichikaway http://cake.eizoku.com/blog/

34. Insert data $data = array('name' => 'Ichi' 'age' => 32 ); $this->Post->save($data); _id:xxx1, name: 'Ichi', 'age':32 Posts collection @ichikaway http://cake.eizoku.com/blog/

35. Update data $data = array( '_id' => 'xxx1', 'name' => 'Yasu' ); $this->Post->save($data); // in Cake-Mongo DataSource $MongoCollection->update( array('_id' => 'xxx001'), array('$set' => array('name' => 'Yasu')), ); @ichikaway http://cake.eizoku.com/blog/

36. $set operator Without $set id:xxx1, name: 'Yasu' Posts collection With $set id:xxx1, name: 'Yasu', 'age':32 Posts collection @ichikaway http://cake.eizoku.com/blog/

37. Use other update operators @ichikaway http://cake.eizoku.com/blog/

38. Update operator ($inc) $data = array( '_id' => 'xxx1', '$inc' => array('age' => 1) ); $this->Post->save($data); // in Cake-Mongo DataSource $MongoCollection->update( array('_id' => 'xxx001'), array('$inc' => array('age' => 1)), ); @ichikaway http://cake.eizoku.com/blog/

39. Update operator(result) _id:xxx1, name: 'Ichi', 'age':32 Posts collection _id:xxx1, name: 'Ichi', 'age':33, Posts collection @ichikaway http://cake.eizoku.com/blog/

40. Update operator(complex) $data = array( '_id' => 'xxx1', '$inc' => array('age' => 1), '$push' => array('tags' => array('php', 'mongo')) ); $this->Post->save($data); @ichikaway http://cake.eizoku.com/blog/

41. Update operator(result) _id:xxx1, name: 'Ichi', 'age':32 Posts collection _id:xxx1, name: 'Ichi', 'age':33, tags: ['php', 'mongo'] Posts collection @ichikaway http://cake.eizoku.com/blog/

42. Update operator ●see Wiki ● https://github.com/ichikaway/cakephp- mongodb/wiki/How-to-use-MongoDB-update- operators ● see test code ● testUpdate() ● testUpdateWithoutMongoSchemaProperty() @ichikaway http://cake.eizoku.com/blog/

43. Get Cake Mongo DataSource Object @ichikaway http://cake.eizoku.com/blog/

44. Source methods ● ensureIndex() ● mapreduce() ● group() See wiki https://github.com/ichikaway/cakephp-mongodb/wiki/_pages @ichikaway http://cake.eizoku.com/blog/

45. ex. make index $ds = $this->Post->getDataSource(); $ds->ensureIndex( $this->Post, array('title' => 1) ); @ichikaway http://cake.eizoku.com/blog/

46. Get MongoDB Object @ichikaway http://cake.eizoku.com/blog/

47. MongoDB Object ● CakeMongo DataSource ● not support all functions of MongoDB – gridFs – DbRef @ichikaway http://cake.eizoku.com/blog/

48. get MongoDB Object $mongo = $this->Post->getMongoDb(); @ichikaway http://cake.eizoku.com/blog/

49. get MongoDB Object $mongo->getGridFs(); $mongo->setSlaveOkay(); $mongo->createDbRef(); See php manual http://php.net/manual/en/class.mongodb.php @ichikaway http://cake.eizoku.com/blog/

50. Get MongoCollection Object @ichikaway http://cake.eizoku.com/blog/

51. get Mongo Collection $mongo = $this->Model->getMongoDb(); $collection = $mongo-> selectCollection('posts'); @ichikaway http://cake.eizoku.com/blog/

52. get Mongo Collection $collection->find(); $collection->update(); $collection->insert(); $collection->createDbRef(); See php manual http://php.net/manual/en/class.mongocollection.php @ichikaway http://cake.eizoku.com/blog/

53. Replica Sets @ichikaway http://cake.eizoku.com/blog/

54. Replica sets ● master/slave replication ● automatic failover ● automatic recovery @ichikaway http://cake.eizoku.com/blog/

55. Replica sets Replication Server1 Server2 Primary Secondary Replication Application Server3 Server Secondary (CakePHP) @ichikaway http://cake.eizoku.com/blog/

56. Replica sets Replication Server1 Server2 Primary Secondary Replication Application Server3 Server Secondary (CakePHP) @ichikaway http://cake.eizoku.com/blog/

57. Replica sets Server1 Server2 Primary Primary Replication Application Server3 Server Secondary (CakePHP) @ichikaway http://cake.eizoku.com/blog/

58. database.php Cake1.3 class DATABASE_CONFIG { public $default = array( 'driver' => 'mongodb.mongodbSource', 'database' => 'blog', 'replicaset' => array( 'host' =>'mongodb://loginid:password@ Server1:27021,Server2:27022/blog', 'options' => array('replicaSet' => 'myRepl') ), ); https://github.com/ichikaway/cakephp-mongodb/wiki/How-to-connect-to-replicaset-servers @ichikaway http://cake.eizoku.com/blog/

60. Injection Attack @ichikaway http://cake.eizoku.com/blog/

61. ONLY PHP ( ； ´Д ｀ ) @ichikaway http://cake.eizoku.com/blog/

62. WHY?? @ichikaway http://cake.eizoku.com/blog/

63. Injection Attack $user = $collection->find(array( "username" => $_GET['username'], "passwd" => $_GET['passwd'] )); ● PHP makes array data from GET/POST request ● ex. login.php?username=admin&passwd[$ne]=1 @ichikaway http://cake.eizoku.com/blog/

64. Injection Attack $user = $collection->find(array( "username" => $_GET['username'], 'admin', "passwd" => $_GET['passwd'] array("$ne" => 1) )); ● PHP makes array data from GET/POST request ● ex. login.php?username=admin&passwd[$ne]=1 @ichikaway http://cake.eizoku.com/blog/

65. Solution ● Don't trust user input data ● GET/POST/Cookie ● Solution ● Cast to string ● Check all keys of array @ichikaway http://cake.eizoku.com/blog/

66. Solution Cast to string @ichikaway http://cake.eizoku.com/blog/

67. Solution(cast to string) $cursor = $collection->find(array( "username" => (string)$_GET['username'], "passwd" => (string)$_GET['passwd'] )); @ichikaway http://cake.eizoku.com/blog/

68. Solution(cast to string) $cursor = $collection->find(array( "username" => 'admin', "passwd" => 'Array' )); @ichikaway http://cake.eizoku.com/blog/

69. Solution Check keys of input data @ichikaway http://cake.eizoku.com/blog/

70. Solution(check keys) SecurePHP Library https://github.com/ichikaway/SecurePHP @ichikaway http://cake.eizoku.com/blog/

71. SecurePHP ● Check Post/Get/Cookie ● Check all array keys ● allow: a-z0-9:-_./ ● Check null byte @ichikaway http://cake.eizoku.com/blog/

72. SecurePHP vi webroot/index.php require_once( 'SecurePHP/config/bootstrap.php' ); $Dispatcher = new Dispatcher(); $Dispatcher->dispatch(); @ichikaway http://cake.eizoku.com/blog/

74. In the future Relational data fetch coming soon (hasOne, hasMany, belongsTo) relation branch @ichikaway http://cake.eizoku.com/blog/

75. Summary ● What's MongoDB? ● Using MongoDB with CakePHP ● Setup ● Usage(find, save, MongoObject) ● Security ● Injection attack ● Future ● Relational data fetch @ichikaway http://cake.eizoku.com/blog/

76. THANK YOU @ichikaway http://cake.eizoku.com/blog/

Tips of CakePHP and MongoDB - Cakefest2011 ichikaway

You are reading a preview.

Check these out next

Tips of CakePHP and MongoDB - Cakefest2011 ichikaway

More Related Content

Slideshows for you (20)

Viewers also liked (20)

Similar to Tips of CakePHP and MongoDB - Cakefest2011 ichikaway (20)

More from ichikaway (20)

Recently uploaded (20)