Few questions and my idea to get users id for authentication/verification

[petrospap]

Hello! First I would like to say that I am new to Websockets and my skills to php are limited, I have a few questions, and I hope to get some answers so to clarify in my mind what and how things works in this server.

So my questions are

1) How many users can connect to the server? What is the assessment? I know that is multiple issues, like hardware of server, memory, setup etc. In socket_listen($this->master,20) this is to connect only 20 users, what if I change SOMAXCONN to 65535?

Can support this php server 65535 connections?

2) I would like to create chat between 2 users, because (as I said) my php skills are limited is difficult for me to change/create functions to make this work, so looking at this code I found a simply way to achieve what I need, but I am not sure if is the correct way!

I need (like everyone?) when a user connect to chat to combine with existing user ID

in websockets.php line 199 you have $user->requestedResource = $headers['get']; and prints /echobot

if in clients.html create var host = 'ws://127.0.0.1:9000/'+id;

where id is the unique login id for every user that have successfully log in if I pass requestedResource to function connected then I can query database for this specific user.

so my idea is user 101 to connect var host = 'ws://127.0.0.1:9000/101'; user 102 to connect var host = 'ws://127.0.0.1:9000/102';

is this correct way to connect?

Thank you!

[Xaraknid]

First this library use socket_select and there is a hardcode limit of 1024 concurrent connections inside php itself you can achieved with one server.

To go beyond this limit you'll need to use event poll library as libev or livevent and use a backend other than select.

For your idea I'll said first it's not secure ( anyone can enter an allready used id ). Second every connection have their own id inside user data. I suggest you to either use session or built your own authentification ( user will need to enter twice their login&password one for the site and one for websocket ).

For communication between every user on your server you'll need to broadcast the message ( send to every connection the message a user send )

[petrospap]

Thank you Xaraknid for your answer I did not know about this limitation for socket_select, but I suppose 1024 connection is fair enough.

I see that you have made a fork, I will try your fork :)

Now you say that my idea is not secure (anyone can enter an already used id) Hypothetically speaking, here is how to try to make a virtual chat between 2 users. Please note the word VIRTUAL

in my website for every user that log in I create var host = 'ws://127.0.0.1:9000/'+id; where ID is the id of user that get it from database, and simply say “logged”

PHP-Websockets run in another machine when user click to open chat first I check that $user->requestedResource = $headers['get'] is not empty and is INT and some other security things, otherwise I close connection.

next in function connected ($user) I make a query to database to find the user by $user->requestedResource if is logged to my website allow to chat and create a new record for this user to say is “online” for chat

else I close the connection $this->sockets[$user->id]

if someone try to make a connection with the same id simply I close connection for him because the specific ID is online, or is not logged.

when user close the connection I delete the record is “online” and is available to chat again when he likes.

So from my point of view Is pretty ease to allow connections only from the users that have login in to my website and I believe is secure.. well not really but you get the idea.

Finally I go to VIRTUAL chat between two users (where still working on that)

The idea is when one user clicks to chat with another user

I get both of ids and I create a unique chat room, the conversation makes it with json and holds the unique room. so instead of #log the onmessage goes to #uniqueforthistwo room.

Yes I know in telnet everyone can see all chat, but hey, nothing is perfect until someone make it.

I'm excited, I wish to knew better php!