Laravel 中优雅的跨域


2019-02-15 10:38
zpq
5

其实要想跨域网上教程多的是.
举例:

  1. Google搜索出来的结果就是在 web.php 或 api.php 文件加上
header('Access-Control-Allow-Origin : *');
header('Access-Control-Allow-Headers : Content-Type,X-Auth-Token,Authorization,Origin');
header('Access-Control-Allow-Methods :GET, POST, PUT, DELETE, OPTIONS');

说实话真是简单粗暴! 既然我们选择了laravel 那当然一定要优雅 : )
2. 还有一种就是用开源包 barryvdh/laravel-cors也是方便的,当然我们在使用的时候也应该知其然而所以然

这边记录下我自己写的方法,

How to Install and Configure VNC Server in CentOS 7


2018-10-26 11:07
zpq
16

In this guide we’ll explain how to install and configureVNC Remote Access in latest release of CentOS 7 and RHEL 7 Desktop edition via tigervnc-server program.

VNC (Virtual Network Computing) is a server-client protocol which allows user accounts to remotely connect and control a distant system by using the resources provided by the Graphical User Interface.

Unlike other VNC servers available which connects directly to the runtime desktop, such as VNC X or Vino, tigervnc-vncserver uses a different mechanism that configures a standalone virtual desktop for each user.

Install and Configure VNC in CentOS 7

  1. Tigervnc-server is a program which executes an Xvnc server and starts parallel sessions of Gnome or other Desktop Environment on the VNC desktop.
    A started VNC user session can be accessed by same user from multiple VNC clients. In order to install TigerVNC server in CentOS 7, open a Terminal session and issue the following command with root privileges.
# yum install tigervnc-server
  1. After, you’ve installed the program, login with the user you want to run the VNC program and issue the below command in terminal in order to configure a password for the VNC server.
    Be aware that the password must be at least six characters length.
$ su - your_user  # If you want to configure VNC server to run under this user directly from CLI without switching users from GUI
$ vncpasswd
  1. Next, add a VNC service configuration file for your user via a daemon configuration file placed in systemd directory tree. In order to copy the VNC template file you need to run the following command with root privileges.
    If your user is not granted with sudo privileges, either switch directly to root account or run the command from an account with root privileges.
# cp /lib/systemd/system/vncserver@.service  /etc/systemd/system/vncserver@:1.service
  1. On the next step edit the copied VNC template configuration file from /etc/systemd/system/ directory and replace the values to reflect your user as shown in the below sample.
    The value of 1 after @ sign represents the display number (port 5900+display). Also, for each started VNC server, the port 5900 will be incremented by 1.
# vi /etc/systemd/system/vncserver@\:1.service

CentOS7开启BBR拥塞控制算法


2018-10-20 15:06
zpq
37

升级内核

首先查看你的Linux内核版本

uname -a

开启BBR拥塞控制算法的要求是Linux内核4.9以上版本,现在主流的Linux发行版内核还停留在2.x,我们需要先升级Linux内核版本。
首先,我们需要增加一个 ELRepo 源。
首先,让我们添加 ELRepo GPG key:

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org 

添加源:

rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

安装 fastestmirror

yum install yum-plugin-fastestmirror

安装最新Kernel

yum --enablerepo=elrepo-kernel install kernel-ml

切换到刚刚下载的新内核

grub2-set-default 0

重启后,通过 uname -a 查看内核是否成功切换到最新的版本,确认后我们进入下一步开启BBR

Unicode 空白字符 \u00a0


2018-07-18 22:41
zpq
52

最近在做网页抓取数据这块遇到一个神奇的问题

php 中的 trim 函数一直不能去空,也差了很多资料,说是空白字符。
就索性用 json_encode 一下,果然发现问题,会有一个\u00a0 字符
搜了下意思是 不换行空格。。

其他的空格描述

永远不要在MySQL中使用utf8,改用utf8mb4


2018-06-26 15:36
zpq
46

最近我遇到了一个bug,我试着通过csv 导入数据到mysql 里 然后出现了一个离奇的错误:

Incorrect string value: ‘\xF0\x9F\x98\x83 <…’ for column ‘summary’ at row 1

我用的是UTF-8编码的客户端,服务器也是UTF-8编码的,数据库也是,csv文件也是UTF-8

问题的症结在于,MySQL的“utf8”实际上不是真正的UTF-8。

“utf8”只支持每个字符最多三个字节,而真正的UTF-8是每个字符最多四个字节。

MySQL一直没有修复这个bug,他们在2010年发布了一个叫作“utf8mb4”的字符集,绕过了这个问题。

当然,他们并没有对新的字符集广而告之(可能是因为这个bug让他们觉得很尴尬),以致于现在网络上仍然在建议开发者使用“utf8”,但这些建议都是错误的。

简单概括如下:

  1. MySQL的“utf8mb4”是真正的“UTF-8”。
  2. MySQL的“utf8”是一种“专属的编码”,它能够编码的Unicode字符并不多。

我要在这里澄清一下:所有在使用“utf8”的MySQL和MariaDB用户都应该改用“utf8mb4”,永远都不要再使用“utf8”。

swoole 整合 laravel


2018-05-04 15:28
zpq
122

php常见运行方式

  1. php + module + apache
  2. php + php-fpm + nginx

传统运行方式优点

  1. 每次都是新的请求,运行完即释放,不占用内存

传统运行方式缺点

  1. 每次都需要composer 引入文件
  2. DB contention 开销大,每次运行都要建立连接和执行查询,大多数性能消耗在连接上

基于swoole http 容器

swoole 有一个优点就是他可以常驻内存,不需要反复引用,类似于JAVA里的Spring Boot
DB contention 也可以有连接池不需要每次执行完就断开连接,减少连接次数。

整合代码

关于MySql列别名做查询条件的问题


2018-05-02 10:36
zpq
27

假如有这样一条sql语句

select name as name1 from table1 where name1='aaa'

mysql 中不可以这样使用别名,那可不可以用其他什么方式来代替 ?

首先 字段别名不能直接在谓词部分引用
这个查询可以改成这样:

select name as name1 from table1 having (name1='aaa')

12306 抢票脚本 基于laravel console


2018-01-18 17:37
zpq
498

主要接口

  1. POST https://kyfw.12306.cn/otn/login/checkUser 验证用户是否登录
  2. GET https://kyfw.12306.cn/otn/login/init 登录页面初始化
  3. GET https://kyfw.12306.cn/passport/captcha/captcha-image?login_site=E&module=login&rand=sjrand&0.123456789 获取验证码图像接口 末尾是随机数
  4. POST https://kyfw.12306.cn/passport/captcha/captcha-check 验证码验证
  5. POST https://kyfw.12306.cn/passport/web/login 登录请求
  6. POST https://kyfw.12306.cn/passport/web/auth/uamtk 获取uamtk 我也不知道是什么玩意
  7. POST https://kyfw.12306.cn/otn/uamauthclient 最后登录成功
  8. POST https://kyfw.12306.cn/otn/passengers/init 获取乘车人 其实乘车人可以在请求提交订单接口时通过html 正则匹配可以获取,作为抢票工具来说,当然先确定好,后面就只顾抢票就行了。
  9. GET https://kyfw.12306.cn/otn/leftTicket/query 车次查询
  10. POST https://kyfw.12306.cn/otn/leftTicket/submitOrderRequest 请求提交订单
  11. POST https://kyfw.12306.cn/otn/confirmPassenger/initDc 请求订单初始化
  12. POST https://kyfw.12306.cn/otn/confirmPassenger/checkOrderInfo 请求验证订单信息
  13. POSThttps://kyfw.12306.cn/otn/confirmPassenger/confirmSingleForQueue 确认订单信息

eureka注册中心设置用户名密码


2018-01-04 17:20
zpq
224
  1. 加入安全认证依赖
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>
  1. 在application.properties加入认证的用户名和密码
security.user.name=你的用户名
security.user.password=你的密码
  1. 修改url注册
eureka.client.serviceUrl.defaultZone=http://${security.user.name}:${security.user.password}@127.0.0.1:${server.port}/eureka/

Http Content-Type 对照表


2017-11-10 11:32
zpq
30
文件扩展名 Content-Type(Mime-Type) 文件扩展名 Content-Type(Mime-Type)
.*( 二进制流,不知道下载文件类型) application/octet-stream .tif image/tiff
.001 application/x-001 .301 application/x-301
.323 text/h323 .906 application/x-906
.907 drawing/907 .a11 application/x-a11
.acp audio/x-mei-aac .ai application/postscript
.aif audio/aiff .aifc audio/aiff
.aiff audio/aiff .anv application/x-anv
.asa text/asa .asf video/x-ms-asf
.asp text/asp .asx video/x-ms-asf
.au audio/basic .avi video/avi
.awf application/vnd.adobe.workflow .biz text/xml
.bmp application/x-bmp .bot application/x-bot
.c4t application/x-c4t .c90 application/x-c90
.cal application/x-cals .cat application/vnd.ms-pki.seccat
.cdf application/x-netcdf .cdr application/x-cdr
.cel application/x-cel .cer application/x-x509-ca-cert
.cg4 application/x-g4 .cgm application/x-cgm
.cit application/x-cit .class java/*
.cml text/xml .cmp application/x-cmp
.cmx application/x-cmx .cot application/x-cot
.crl application/pkix-crl .crt application/x-x509-ca-cert
.csi application/x-csi .css text/css
.cut application/x-cut .dbf application/x-dbf
.dbm application/x-dbm .dbx application/x-dbx
.dcd text/xml .dcx application/x-dcx
.der application/x-x509-ca-cert .dgn application/x-dgn
.dib application/x-dib .dll application/x-msdownload
.doc application/msword .dot application/msword
.drw application/x-drw .dtd text/xml
.dwf Model/vnd.dwf .dwf application/x-dwf
.dwg application/x-dwg .dxb application/x-dxb
.dxf application/x-dxf .edn application/vnd.adobe.edn
.emf application/x-emf .eml message/rfc822
.ent text/xml .epi application/x-epi
.eps application/x-ps .eps application/postscript
.etd application/x-ebx .exe application/x-msdownload
.fax image/fax .fdf application/vnd.fdf
.fif application/fractals .fo text/xml
.frm application/x-frm .g4 application/x-g4
.gbr application/x-gbr . application/x-
.gif image/gif .gl2 application/x-gl2
.gp4 application/x-gp4 .hgl application/x-hgl
.hmr application/x-hmr .hpg application/x-hpgl
.hpl application/x-hpl .hqx application/mac-binhex40
.hrf application/x-hrf .hta application/hta
.htc text/x-component .htm text/html
.html text/html .htt text/webviewhtml
.htx text/html .icb application/x-icb
.ico image/x-icon .ico application/x-ico
.iff application/x-iff .ig4 application/x-g4
.igs application/x-igs .iii application/x-iphone
.img application/x-img .ins application/x-internet-signup
.isp application/x-internet-signup .IVF video/x-ivf
.java java/* .jfif image/jpeg
.jpe image/jpeg .jpe application/x-jpe
.jpeg image/jpeg .jpg image/jpeg
.jpg application/x-jpg .js application/x-javascript
.jsp text/html .la1 audio/x-liquid-file
.lar application/x-laplayer-reg .latex application/x-latex
.lavs audio/x-liquid-secure .lbm application/x-lbm
.lmsff audio/x-la-lms .ls application/x-javascript
.ltr application/x-ltr .m1v video/x-mpeg
.m2v video/x-mpeg .m3u audio/mpegurl
.m4e video/mpeg4 .mac application/x-mac
.man application/x-troff-man .math text/xml
.mdb application/msaccess .mdb application/x-mdb
.mfp application/x-shockwave-flash .mht message/rfc822
.mhtml message/rfc822 .mi application/x-mi
.mid audio/mid .midi audio/mid
.mil application/x-mil .mml text/xml
.mnd audio/x-musicnet-download .mns audio/x-musicnet-stream
.mocha application/x-javascript .movie video/x-sgi-movie
.mp1 audio/mp1 .mp2 audio/mp2
.mp2v video/mpeg .mp3 audio/mp3
.mp4 video/mpeg4 .mpa video/x-mpg
.mpd application/vnd.ms-project .mpe video/x-mpeg
.mpeg video/mpg .mpg video/mpg
.mpga audio/rn-mpeg .mpp application/vnd.ms-project
.mps video/x-mpeg .mpt application/vnd.ms-project
.mpv video/mpg .mpv2 video/mpeg
.mpw application/vnd.ms-project .mpx application/vnd.ms-project
.mtx text/xml .mxp application/x-mmxp
.net image/pnetvue .nrf application/x-nrf
.nws message/rfc822 .odc text/x-ms-odc
.out application/x-out .p10 application/pkcs10
.p12 application/x-pkcs12 .p7b application/x-pkcs7-certificates
.p7c application/pkcs7-mime .p7m application/pkcs7-mime
.p7r application/x-pkcs7-certreqresp .p7s application/pkcs7-signature
.pc5 application/x-pc5 .pci application/x-pci
.pcl application/x-pcl .pcx application/x-pcx
.pdf application/pdf .pdf application/pdf
.pdx application/vnd.adobe.pdx .pfx application/x-pkcs12
.pgl application/x-pgl .pic application/x-pic
.pko application/vnd.ms-pki.pko .pl application/x-perl
.plg text/html .pls audio/scpls
.plt application/x-plt .png image/png
.png application/x-png .pot application/vnd.ms-powerpoint
.ppa application/vnd.ms-powerpoint .ppm application/x-ppm
.pps application/vnd.ms-powerpoint .ppt application/vnd.ms-powerpoint
.ppt application/x-ppt .pr application/x-pr
.prf application/pics-rules .prn application/x-prn
.prt application/x-prt .ps application/x-ps
.ps application/postscript .ptn application/x-ptn
.pwz application/vnd.ms-powerpoint .r3t text/vnd.rn-realtext3d
.ra audio/vnd.rn-realaudio .ram audio/x-pn-realaudio
.ras application/x-ras .rat application/rat-file
.rdf text/xml .rec application/vnd.rn-recording
.red application/x-red .rgb application/x-rgb
.rjs application/vnd.rn-realsystem-rjs .rjt application/vnd.rn-realsystem-rjt
.rlc application/x-rlc .rle application/x-rle
.rm application/vnd.rn-realmedia .rmf application/vnd.adobe.rmf
.rmi audio/mid .rmj application/vnd.rn-realsystem-rmj
.rmm audio/x-pn-realaudio .rmp application/vnd.rn-rn_music_package
.rms application/vnd.rn-realmedia-secure .rmvb application/vnd.rn-realmedia-vbr
.rmx application/vnd.rn-realsystem-rmx .rnx application/vnd.rn-realplayer
.rp image/vnd.rn-realpix .rpm audio/x-pn-realaudio-plugin
.rsml application/vnd.rn-rsml .rt text/vnd.rn-realtext
.rtf application/msword .rtf application/x-rtf
.rv video/vnd.rn-realvideo .sam application/x-sam
.sat application/x-sat .sdp application/sdp
.sdw application/x-sdw .sit application/x-stuffit
.slb application/x-slb .sld application/x-sld
.slk drawing/x-slk .smi application/smil
.smil application/smil .smk application/x-smk
.snd audio/basic .sol text/plain
.sor text/plain .spc application/x-pkcs7-certificates
.spl application/futuresplash .spp text/xml
.ssm application/streamingmedia .sst application/vnd.ms-pki.certstore
.stl application/vnd.ms-pki.stl .stm text/html
.sty application/x-sty .svg text/xml
.swf application/x-shockwave-flash .tdf application/x-tdf
.tg4 application/x-tg4 .tga application/x-tga
.tif image/tiff .tif application/x-tif
.tiff image/tiff .tld text/xml
.top drawing/x-top .torrent application/x-bittorrent
.tsd text/xml .txt text/plain
.uin application/x-icq .uls text/iuls
.vcf text/x-vcard .vda application/x-vda
.vdx application/vnd.visio .vml text/xml
.vpg application/x-vpeg005 .vsd application/vnd.visio
.vsd application/x-vsd .vss application/vnd.visio
.vst application/vnd.visio .vst application/x-vst
.vsw application/vnd.visio .vsx application/vnd.visio
.vtx application/vnd.visio .vxml text/xml
.wav audio/wav .wax audio/x-ms-wax
.wb1 application/x-wb1 .wb2 application/x-wb2
.wb3 application/x-wb3 .wbmp image/vnd.wap.wbmp
.wiz application/msword .wk3 application/x-wk3
.wk4 application/x-wk4 .wkq application/x-wkq
.wks application/x-wks .wm video/x-ms-wm
.wma audio/x-ms-wma .wmd application/x-ms-wmd
.wmf application/x-wmf .wml text/vnd.wap.wml
.wmv video/x-ms-wmv .wmx video/x-ms-wmx
.wmz application/x-ms-wmz .wp6 application/x-wp6
.wpd application/x-wpd .wpg application/x-wpg
.wpl application/vnd.ms-wpl .wq1 application/x-wq1
.wr1 application/x-wr1 .wri application/x-wri
.wrk application/x-wrk .ws application/x-ws
.ws2 application/x-ws .wsc text/scriptlet
.wsdl text/xml .wvx video/x-ms-wvx
.xdp application/vnd.adobe.xdp .xdr text/xml
.xfd application/vnd.adobe.xfd .xfdf application/vnd.adobe.xfdf
.xhtml text/html .xls application/vnd.ms-excel
.xls application/x-xls .xlw application/x-xlw
.xml text/xml .xpl audio/scpls
.xq text/xml .xql text/xml
.xquery text/xml .xsd text/xml
.xsl text/xml .xslt text/xml
.xwd application/x-xwd .x_b application/x-x_b
.sis application/vnd.symbian.install .sisx application/vnd.symbian.install
.x_t application/x-x_t .ipa application/vnd.iphone
.apk application/vnd.android.package-archive .xap application/x-silverlight-app

SSH端口转发(隧道)


2017-11-10 09:28
zpq
64

SSH端口转发(Port Forwarding),是一种隧道技术,流往某端口的数据被加密后传向另一机器,依据转发方式的不同,有多种应用场景。

以下所有的命令都是用SSH客户端执行的。执行命令的电脑下面称为“本地”电脑;而“远程服务器”则是运行着SSH服务器的机器(本文以my-remote-host.com为例)。

本地转发

有时,远程机器能访问某个端口(如remote-secret.com:8080),但本地机器无法访问。这时使用SSH的本地转发功能,即可将远程端口映射到本地:

ssh -L 9090:remote-secret.com:8080 my-remote-host.com

此时访问本地的9090端口就相当于用远程服务器my-remote-host.com访问remote-secret.com:8080

如果写成-L 9090: localhost:8080,就是把远程服务器的8080端口映射到本地的9090端口了

应用举例:如果远程服务器处于某受保护的内网中,可以借助其SSH服务获得与其等同的访问权限。

默认情况下,本地转发的端口只能在本机上访问,要想允许外部访问,请添加-g选项。

FormData 对象的使用


2017-10-17 14:37
zpq
51

通过Formdata对象可以组装一组用 Xmlhttprequest发送请求的键/值对。它可以更灵活方便的发送表单数据,因为可以独立于表单使用。如果你把表单的编码类型设置为Multipart/Form-Data ,则通过Formdata传输的数据格式和表单通过Submit() 方法传输的数据格式相同


如何创建一个FormData对象

你可以自己创建一个FormData对象,然后通过调用它的*append()*方法添加字段,就像这样:

var formData = new FormData();

formData.append("username", "Groucho");
formData.append("accountnum", 123456); // 数字 123456 会被立即转换成字符串 "123456"

// HTML 文件类型input,由用户选择
formData.append("userfile", fileInputElement.files[0]);

// JavaScript file-like 对象
var content = '<a id="a"><b id="b">hey!</b></a>'; // 新文件的正文...
var blob = new Blob([content], { type: "text/xml"});

formData.append("webmasterfile", blob);

var request = new XMLHttpRequest();
request.open("POST", "http://foo.com/submitform.php");
request.send(formData);

**注意:**字段 "userfile" 和 "webmasterfile" 都包含一个文件. 字段 "accountnum" 是数字类型,它将被*FormData.append()*方法转换成字符串类型(FormData 对象的字段类型可以是 Blob, File, 或者 string: 如果它的字段类型不是Blob也不是File,则会被转换成字符串类型。

上面的示例创建了一个FormData实例,包含"username", "accountnum", "userfile" 和 "webmasterfile"四个字段,然后使用XMLHttpRequest的send()方法发送表单数据。字段 "webmasterfile" 是 Blob类型。一个 Blob对象表示一个不可变的, 原始数据的类似文件对象。Blob表示的数据不一定是一个JavaScript原生格式。 File 接口基于Blob,继承 blob功能并将其扩展为支持用户系统上的文件。你可以通过 Blob() 构造函数创建一个Blob对象。

spring boot security logout use HTTP POST


2017-08-31 16:48
zpq
100

Adding CSRF will update the LogoutFilter to only use HTTP POST. This ensures that log out requires a CSRF token and that a malicious user cannot forcibly log out your users.

One approach is to use a form for log out. If you really want a link, you can use JavaScript to have the link perform a POST (i.e. maybe on a hidden form). For browsers with JavaScript that is disabled, you can optionally have the link take the user to a log out confirmation page that will perform the POST.

If you really want to use HTTP GET with logout you can do so, but remember this is generally not recommended. For example, the following Java Configuration will perform logout with the URL /logout is requested with any HTTP method:

@EnableWebSecurity
@Configuration
public class WebSecurityConfig extends
   WebSecurityConfigurerAdapter {

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http
      .logout()
          .logoutRequestMatcher(new AntPathRequestMatcher("/logout"));
  }
}

https://docs.spring.io/spring-security/site/docs/3.2.4.RELEASE/reference/htmlsingle/#csrf-logout

网页加载进度条


2017-08-25 18:01
zpq
57

Here’s an emerging UI pattern: a web page loading bar. Unsatisfied with progress indicators provided by the browser, some sites are implementing their own ones to show the load status of the next page. The progress bar appears as a thin line overlaying the content, sitting right underneath the browser toolbar, growing in width across the page as the next one loads.

Here is a screenshot of the bar on Medium (the thin green line highlighted at the top):

151505803345769.jpeg
And here is a very similar implementation on YouTube, red this time, with a subtle glow effect: