New extras and updates

[jwtSession] Moving session cookies to your browser

Hello friends!

Did you wonder how sessions work in MODX? Every time someone visits the site, PHP generates a unique id for it and stores it in a PHPSESSID cookie. At the same time, an modSession record is created in the database with this id and the contents of the current session.

Each time a request is submitted, a cookie with id is sent to the site, and MODX makes a request to the database, loads the session, and then saves the changes to it. At least 2 queries to the database every time.

What does JWT offer us? Abandon all these actions on the server, and give everything you need right away in one token. It can be stored in cookies or in the browser’s local storage. And then, upon request, a user session will be created from it. Accordingly, we throw out work with the database and do not store user sessions on the server at all.

Of course, the question immediately arises — what will happen if the user fakes such a session? JWT standard will not allow it. Tokens can be read, but not changed, because they are all signed by a reliable algorithm with a key on a server that the user does not know. This is a theory, and now we proceed to practice in MODX.
Василий Наумкин
24 march 2019, 18:56
1
182
0

[pdoTools] 2.11.0 - disabling the total selection by default

Hello friends!

Let's start with some theory. All pdoTools snippets use the pdoFetch class to work with the database. During this, the total number of records will be calculated and set into the placeholder called [[+total]]. For maximum accuracy, this is done using the built-in MySQL functions:
SQL_CALC_FOUND_ROWS `id`,`pagetitle`
And MySQL will know the total amount of records.

After this query, a separate request is made for obtaining the result and setting the placeholder using:
SELECT FOUND_ROWS();
Gauke Pieter Sietzema
15 february 2018, 09:33
1 001
+2