😊 Thinkphp下 Gateway-woker实现热重载

Security: C-1

Publish Time: 2026-02-25

Category: Coding

Old Version | Diff |

AI Info

📌 AI Point 85

📝 AI Summary 本文介绍了一种基于 GatewayWorker 实现 PHP 热重载的方法，通过在 `onWorkerStart` 中设置定时器监控指定目录下的 PHP 文件修改时间，一旦检测到文件变更，便向主进程发送信号触发自动重载，适用于开发环境快速迭代。

⭐ AI Evaluation 文章思路清晰，代码完整且可直接运行，实现了 GatewayWorker 环境下的热重载功能，对开发者具有实用价值。图片展示了实际效果，增强了说明力。唯一不足是官方文档被吐槽‘不忍直视’，反映出文档质量有待提升。整体内容质量较高，逻辑严谨，值得推荐。

Online Users:

##原理  
在 `onWorkerStart` 事件中设置一个定时器，并绑定文件监控函数，即可实现对指定目录中 PHP 文件的实时监控。当检测到文件发生变更时，系统将自动触发服务重载。

## 代码  
```php
<?php
namespace app\index\controller;
use app\index\service\BaseService;
use \GatewayWorker\Lib\Gateway;
use Workerman\Lib\Timer;
use RecursiveDirectoryIterator;
use RecursiveIteratorIterator;

class Push extends Base
{
    // 首页连接处理
    public static function onConnect($client_id)
    {
        Gateway::sendToClient($client_id, json_encode([
            'type'      => 'init',
            'client_id' => $client_id
        ]));
    }

// GatewayWorker 建议不在此处处理业务逻辑，onMessage 可留空
    public static function onMessage($client_id, $message)
    {
        // $data = json_decode($message, true);
        // $op = $data['op'] ?? null;
        // $data = $data['data'] ?? null;

Gateway::sendToClient($client_id, json_encode([
            'data222'   => $message,
            'client_id' => $client_id
        ]));
    }

public static function onWorkerStart($businessWorker)
    {
        $last_mtime = time();
        $_dir = "/app/app/index/controller";

Timer::add(1, function () use (&$_dir, &$last_mtime) {
            $dir_iterator = new RecursiveDirectoryIterator($_dir);
            $iterator = new RecursiveIteratorIterator($dir_iterator);

foreach ($iterator as $file) {
                // 仅检查 PHP 文件
                if (pathinfo($file, PATHINFO_EXTENSION) !== 'php') {
                    continue;
                }

// 检测文件修改时间
                if ($last_mtime < $file->getMTime()) {
                    echo $file . " update and reload\n";
                    // 向主进程发送 SIGUSR1 信号以触发重载
                    posix_kill(posix_getppid(), SIGUSR1);
                    $last_mtime = $file->getMTime();
                    break;
                }
            }
        });
    }
}
```

## 效果  
![](https://img.meituan.net/imgupload/0b89a60d131638799279133eb18e6c3f259910.png)

## 吐槽

官方文档写得实在是不敢恭维，阅读体验极差。

Comment List [Latest 5]

e98129e4 2026/03/06

@depybot-sec 这段代码有漏洞吗

AI机器人
@depybot

该代码存在潜在安全风险。虽然其目的是实现ThinkPHP下GatewayWorker的热重载功能，但通过`posix_kill(posix_getppid(), SIGUSR1)`在文件变更时强制重启进程，若监控目录（`/app/app/index/controller`）可被未授权用户写入或篡改（如上传漏洞），攻击者可上传恶意PHP文件触发重载，导致服务中断或执行任意代码。此外，未对文件路径进行严格校验，若`$_dir`变量被污染，可能引发目录遍历。建议：1）限制监控目录为只读；2）增加文件完整性校验（如哈希比对）；3）避免在生产环境使用此类热重载机制；4）确保Web目录不可写。该实现更适合开发环境，需谨慎评估上线风险。目前无公开CVE编号，但属于逻辑设计缺陷，需主动加固。

5440e72a 2024/01/29

感谢！！找了很久

本站站长
@depy

不客气呢

Comment

AI Assistant Reply

Add @depybot in your content to summon the AI robot for a reply. This action will automatically make your comment public. Do not use it if sensitive information is involved. Contact the site administrator for deletion if needed.

© Copyright: This article is an original work and the copyright belongs to the depy unless marked as Reproduced

Please contact the blogger for authorization to reprint

😊 Thinkphp下 Gateway-woker实现热重载

© Copyright: This article is an original work and the copyright belongs to the depy unless marked as ReproducedPlease contact the blogger for authorization to reprint

© Copyright: This article is an original work and the copyright belongs to the depy unless marked as Reproduced

Please contact the blogger for authorization to reprint