幻想曲.Net » discuz

Discuz发帖机Python版

幻想曲 — Fri, 19 Mar 2010 01:54:19 +0000

流程：

1、获取logging.php?action=login页的源代码，分析得到fromhash

2、输入用户名与密码，POST至/logging.php?action=login&loginsubmit=yes地址

3、得到cookie并保存

4、访问发帖页面并附带上cookie

直接源码吧

#-*-coding:utf-8-*-
from urllib import urlencode
import cookielib, urllib2,urllib
import os,sys
import re
from xml.dom.minidom import parse, parseString
import getpass
import time
from Queue import Queue
import threading

class Discuz:
    def __init__(self,uid,pwd,**param):
        self.username = uid
        self.password = pwd
        self.para = param
        self.regex = {
            'loginreg':'',
            'postreg':''
        }
        self.opener = None
        self.request = None
        self.islogin = False
        self.donecount = 0
        self.__login()
        self.threadcount = 100    #总线程数
        self.count = 0
        self.totalcount = 100000   #发帖量
    def __login(self):
        try:
            loginPage = urllib2.urlopen(self.para['loginurl']).read()
            formhash = re.search(self.regex['loginreg'],loginPage)
            formhash = formhash.group(1)
            print formhash
            print 'start login......'
            cookiejar = cookielib.CookieJar()
            self.opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookiejar))
            values = {
                         'formhash':formhash,
                         'username':self.username,
                         'password':self.password,
                         'loginsubmit':'true'
                     }
            data = urllib.urlencode(values)
            self.request = urllib2.Request(self.para['loginsubmiturl'], data)
            rq = self.opener.open(self.request)

            #print 'login success......'
            self.islogin = True

        except Exception ,e:
            print 'Loggin Error:%s' % e
    def Post(self,subject,wysiwyg,content):
        threads = []
        for i in range(self.threadcount):
            t = threading.Thread(target=self.__postTopic,kwargs={'_subject':subject,'_wysiwyg':wysiwyg,'_body':content})
            threads.append(t)
        for i in range(self.threadcount):
            threads[i].start()
        lst = threading.enumerate()
        for i in range(self.threadcount):
            threads[i].join()
        print 'done'
    def __postTopic(self,**para):
        if not self.islogin:
            print 'please login......'
            return
        while self.count < self.totalcount:
            try:
                print 'current count %d:' % self.count
                print 'current thread name %s' % (threading.currentThread().getName())
                self.request = urllib2.Request(self.para['posturl'])
                rq = self.opener.open(self.request)
                data = rq.read()
                formhash = re.search(self.regex['postreg'],data)
                formhash =  formhash.group(1)
                postdata = {
                    'addtags':'+可用标签',
                    'checkbox':'0',
                    'formhash':formhash,
                    'iconid':'',
                    'message':para['_body'],
                    'subject':para['_subject'],
                    'tags':'',
                    'updateswfattach' : '0',
                    'wysiwyg' : para['_wysiwyg']
                }
                self.request = urllib2.Request(self.para['postsubmiturl'],urllib.urlencode(postdata))
                self.opener.open(self.request)
                self.donecount+=1
                print '%d done.....' % self.donecount
            except Exception,e:
                print e
            if para.has_key('sleep'):
                time.sleep(float(para['sleep']))
            self.count +=1

if __name__=='__main__':
    name = raw_input('username:').strip()
    password = getpass.getpass('password:').strip()
    dz = Discuz(name,password,
    loginurl='http://localhost/logging.php?action=login',
    loginsubmiturl='http://localhost/logging.php?action=login&loginsubmit=yes',
    posturl='http://localhost/post.php?action=newthread&fid=28',
    postsubmiturl='http://localhost/post.php?&action=newthread&fid=28&extra=&topicsubmit=yes',
    sleep='1'
    )
    content='''新手如何 练级更加快？？送极品装备！新手必看
绑定升级钻石账号方法超简单：
1 新用户：直接到推广页面[url=http://tg.sdo.com/38797039]http://tg.sdo.com/38797039[/url]注册账号时在“推广员账号”一栏填推广员号adaccount直接升级钻石账号。
2 已经注册盛.大通行证的玩家在这里绑定直接成为 钻石账号 玩家
第一步: 点此 预绑定用户认证 [url=http://178.sdo.com/web/ConsumerBindUser.aspx]http://178.sdo.com/web/ConsumerBindUser.aspx[/url]
第二步: 点此进行最终绑定确认 [url=http://gift.sdo.com/Consumer/AIONBindUser.aspx]http://gift.sdo.com/Consumer/AIONBindUser.aspx[/url]

推广员填:adaccount'''

    dz.Post('送极品装备！新手必看','1',content)

运行截图

我承认我在DZ上有RPWT

幻想曲 — Mon, 22 Jun 2009 08:13:02 +0000

操作cdb_sessions表，发现大量的locked，直接后果就是mysql无法响应WEB的请求，WEB无法响应浏览器端的请求。

太壮观：

+-------+------+-----------+--------+---------+------+--------+------------------------------------------------------------------------------------------------------+
| Id    | User | Host      | db     | Command | Time | State  | Info                                                                                                 |
+-------+------+-----------+--------+---------+------+--------+------------------------------------------------------------------------------------------------------+
| 84082 | root | localhost | discuz | Query   |   54 | update | INSERT INTO  cdb_sessions (sid, ip1, ip2, ip3, ip4, uid, username, groupid, styleid, invisible, acti |
| 84083 | root | localhost | discuz | Query   |   54 | Locked | DELETE FROM  cdb_sessions WHERE sid='Z71z19' OR lastactivity<(1245657270-900) OR ('0'<>'0' AND uid=' |
| 84084 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84086 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84085 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84087 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84088 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84089 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84090 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84091 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84092 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84093 | root | localhost | discuz | Query   |   54 | Locked | DELETE FROM  cdb_sessions WHERE sid='wsX92s' OR lastactivity<(1245657270-900) OR ('0'<>'0' AND uid=' |
| 84095 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84096 | root | localhost | discuz | Query   |   54 | Locked | DELETE FROM  cdb_sessions WHERE sid='Ra5ZqL' OR lastactivity<(1245657270-900) OR ('0'<>'0' AND uid=' |
| 84094 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |
| 84097 | root | localhost | discuz | Query   |   54 | Locked | SELECT sid, uid AS sessionuid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, l |
| 84100 | root | localhost | discuz | Query   |   54 | Locked | SELECT sid, uid AS sessionuid, groupid, groupid='6' AS ipbanned, pageviews AS spageviews, styleid, l |
| 84099 | root | localhost | discuz | Query   |   54 | Locked | SELECT uid, username, groupid, invisible, action, lastactivity, fid FROM cdb_sessions WHERE uid <> 0 |

最为BT的是，这些locked形成之后，必须重启mysql才行

寻Apache2下Discuz高性能配置方案

幻想曲 — Tue, 28 Apr 2009 13:42:55 +0000

服务器品牌 DELL
服务器型号 PE1850
cpu类型 Intel Xeon 2.80GHz
cpu个数 2
内存条类型 512M
内存条个数 2
硬盘类型1 36G
硬盘个数1 1

操作系统：Linux centos2 2.6.18-92.el5
Apache 2.0
PHP 5.2.9

目前300并发，持续时间1小时
测试截图:

已安装Discuz7.0版，目前论坛并无帖子。

下午进行LoadRunner测试，
100用户并发时，响应时间在1.5s左右。
400用户并发时，响应时间约为3s，但每秒连接数一直处于170左右，无法继续上升。
此时，web服务器CPU占用70%-80%
Db服务器为2%，基本无压力。

在网上看到一些文章，Apache在配置正确的情况下基本上可以处理每秒2K的并发请求，但今天的测试让我大跌眼镜。
响应时间也不够理想，况且这次的测试只是测了首页的访问，而且首页是做了缓存处理的。
最开始是怀疑httpd.conf中最大连接数没有设置正确，改动后重启Apache依然如此。
最令人担忧的是居高不下的CPU占用率。

希望有在Apache下配置Discuz经验的大虾们能给一个合理的配置方案。

Discuz中的同步登录

幻想曲 — Sun, 08 Mar 2009 04:40:56 +0000

依附于Discuz UCenter的子应用都会有一个选项：

意思很明白了，那它是如何实现的呢？
UC/Control/user.php中有一个onsynlogin方法，这里就是处理同步登录的。

function onsynlogin() {
$this->init_input();
$uid = $this->input('uid');
if($this->app['synlogin']) {
if($this->user = $_ENV['user']->get_user_by_uid($uid)) {
$synstr = '';
foreach($this->cache['apps'] as $appid => $app) {
if($app['synlogin'] && $app['appid'] != $this->app['appid']) {
$synstr .= '';
}
}
return $synstr;
}
}
return '';
}

当调用该方法时，实际上会去调用该应用下api/uc.php文件，将用户名、密码及时间戳做为参数传递。
以上是实现的第一步。
第二步，当应用接收到UC的请求后，会调用uc_note类中的synlogin方法，该方法的核心是送一个P3P的HTTP头，然后种下COOKIE。

$discuz_auth_key = md5($_DCACHE['settings']['authkey'].$_SERVER['HTTP_USER_AGENT']);
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$uid = intval($uid);
$query = $this->db->query("SELECT username, uid, password, secques FROM ".$this->tablepre."members WHERE uid='$uid'");
if($member = $this->db->fetch_array($query)) {
_setcookie('sid', '', -86400 * 365);
_setcookie('cookietime', $cookietime, 31536000);
_setcookie('auth', _authcode("$member[password]t$member[secques]t$member[uid]", 'ENCODE', $discuz_auth_key), $cookietime);
} else {
_setcookie('cookietime', $cookietime, 31536000);
_setcookie('loginuser', $username, $cookietime);
_setcookie('activationauth', _authcode($username, 'ENCODE', $discuz_auth_key), $cookietime);
}

对于Disucz这种基于COOKIE验证的应用来说，就实现了同步登录。

Discuz Ucenter短消息设计

幻想曲 — Wed, 25 Feb 2009 14:00:14 +0000

UCenter中关于短消息这一块的数据表结构如下：

不大理解这里的delstatus/related二个字段的作用。
delstatus语义上应该是标识该消息的删除状态
related语义为关联，
现在试着以admin给yibin001发一件消息

所执行的SQL语句

SELECT count(*) FROM `ucenter`.uc_pms WHERE msgfromid='1' AND msgtoid='2' AND folder='inbox' AND related='0'
INSERT INTO `ucenter`.uc_pms (msgfrom,msgfromid,msgtoid,folder,new,subject,dateline,related,message,fromappid) VALUES ('admin','1','2','inbox','1','测试消息','1235570029','0','测试消息','1')
SELECT count(*) FROM `ucenter`.uc_pms WHERE msgfromid='2' AND msgtoid='1' AND folder='inbox' AND related='0'
INSERT INTO `ucenter`.uc_pms (msgfrom,msgfromid,msgtoid,folder,new,subject,dateline,related,message,fromappid) VALUES ('admin','2','1','inbox','0','测试消息','1235570029','0','测试消息','0')
INSERT INTO `ucenter`.uc_pms (msgfrom,msgfromid,msgtoid,folder,new,subject,dateline,related,message,fromappid) VALUES ('admin','1','2','inbox','1','测试消息','1235570029','1','测试消息','1')
REPLACE INTO `ucenter`.uc_newpm (uid) VALUES ('2')

以yibin001登录并回复短消息

sql语句

SELECT count(*) FROM `ucenter`.uc_pms WHERE msgfromid='2' AND msgtoid='1' AND folder='inbox' AND related='0'
UPDATE `ucenter`.uc_pms SET subject='回复', message='回复', dateline='1235570298', new='1', fromappid='1' WHERE msgfromid='2' AND msgtoid='1' AND folder='inbox' AND related='0'
SELECT count(*) FROM `ucenter`.uc_pms WHERE msgfromid='1' AND msgtoid='2' AND folder='inbox' AND related='0'
INSERT INTO `ucenter`.uc_pms (msgfrom,msgfromid,msgtoid,folder,new,subject,dateline,related,message,fromappid) VALUES ('yibin001','2','1','inbox','1','回复','1235570298','1','回复','1')
REPLACE INTO `ucenter`.uc_newpm (uid) VALUES ('1')

光看这部分有点晕，没看出delstatus/related二个字段的作用。