|
help > w > web Tsunami Web System. I. Apache Overview The Tsunami Web System is made up of several components some from within the Mudlib some from without. This will generally out line how a client connection works however. A web-browser will hit port 80 or 443 of 'www.thebigwave.net' these are the only two ports that are open to the public. All traffic must go through these ports. The initial request is dispatched by an Apache webserver that looks at the headers and decides where it should go. The DocumentRoot of the default server is /www within the Mudlib, hence /www/index.php is the same as http://www.thebigwave.net/index.php a Mod_userdir is enabled that redirects ~NAME to /players/NAME/WWW hence ~wildcat/index.html will be redirected to /players/wildcat/WWW/index.html The following aliases are also defined: http://www.thebigwave.net/redmine goes => http://127.0.0.1:8080/redmine http://www.thebigwave.net/w => /home/thebigwavenet/wiki http://www.thebigwave.net/wiki => /home/thebigwavenet/wiki/wiki.php http://www.thebigwave.net/svn => /home/thebigwavenet/viewvc/bin/cgi/ http://www.thebigwave.net/bugs => /www/bugs/bugs.php http://www.thebigwave.net/bug => /www/bugs/bug.php The /svn directory and /wizards/secure are also MYSQL protected requiring a valid login from the DB view tsunami.wizlogin. To be in that view a wizard has to have last logged out with a wiz_level >0 II. PHP The PHP engine in the default web instance is also configured to only allow execution out of /www. In addition all file access outside of / is forbidden. The PHP engine has include paths set to /www/include as well as . There are several important PHP objects to be aware of: /include/Auth.php call authenticate with a user / password and it will check against the Tsunami Login DBs to see that the user is valid and if so will set level, banish status, and group status. For the most part this shouldn't be called directly instead use... /include/SessionAuth.php Invokes Auth.php above, but stores the results in a session on the server for you to check against later. Also has a pseudo-Facebook API. $SessionAuth->require_login() - will either succeed if there is a valid session object, or will display a form asking the user to login. $SessionAuth->require_group("groupname") - Same as above but will fail even if the user is logged in if they aren't ALSO in a defind group, such as: $SessionAuth->require_group("wizard") $SessionAuth->logout() - Destroys the session /include/ObjectData.php Reads in an LPC save_object and creates a map out of it. Note this is read only. $ObjectData->load($filename) - Loads/parses the file $ObjectData->query($variable) - Returns the variable in the object Hacked Together Page System At some point someone hacked together a page generation system. The less said about it the better. However it's in use. The way to use it is to require include/page.php, create a new Page() object, set the title, set the contents, and then render it. As an example at this time /www/index.php in it's entirity looks like: <? require_once("include/page.php"); require_once("include/SessionAuth.php"); require_once("include/ChangeBoard.php"); $session = new SessionAuth; $page = new Page(); $page->set_title("Tsunami - Home"); $page->set_content_file("index.htm"); $page->set_var("ChangeBoard", $sChangeBoard); $page->render(); ?> The call to set_var allows you to replace variables found in the template dynamically. Anyplace in HTML where {ChangeBoard} is found it will be replaced with the string $sChangeBoard. In addition to the variables you specify per page, the following ones are always defined: {SessionName} - $session->name (Who is logged in, empty string if no session) |
|