Custom Session Handling Functions using MySQL database

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Takuma
Forum Regular
Posts: 931
Joined: Sun Aug 04, 2002 10:24 am
Location: UK
Contact:

Custom Session Handling Functions using MySQL database

Post by Takuma »

I have created my own custom session handling functions so that PHP no longer use file system to store session data. It works fine except that the PHP Session ID gets inserted on links to other pages. I know this happens when trying to store the Sesssion ID in cookie fails, but I have checked my browser settings and it sais, 'Accept all the cookies'. So it should not display the Session ID but it does... Any ideas why?

Well here's the code...

Code: Select all

<?php
	session_module_name("user");

	function session_db() {
		return("ticktaku");
	}
	function session_table() {
		return("session");
	}

	function session_open($path,$name) {
		mysql_pconnect("","","");
		return(true);
	}

	function session_close() {
		return(true);
	}

	function session_read($id) {
		$connect	=	@mysql_select_db(session_db());
		if(!$connect) {
			return(false);
		}

		$sql	=	"SELECT * FROM ".session_table()." WHERE id = '$id'";
		$result	=	@mysql_query($sql);
		if(!$result) {
			return false;	
		}
		$num	=	mysql_num_rows($result);
		if($num != 0) {
			$row	=	mysql_fetch_array($result);
			return($rowї'data']);
		} else {
			return("");
		}
	}

	function session_write($id,$data) {
		$connect	=	@mysql_select_db(session_db());
		if(!$connect) {
			return(false);
		}
		unset($connect);

		$sql	=	"UPDATE ".session_table()." SET data = '".addslashes($data)."'";
		if(isset($_SERVERї'PHP_AUTH_USER'])) {
			$sql	.=	", user = '".addslashes($_SERVERї'HTTP_AUTH_USER'])."'";
		}
		$sql	.=	"WHERE id = '$id'";
		$result	=	mysql_query($sql);
		if(!$result) {
			return false;
		}
		$affected	=	mysql_affected_rows($result);
		if(mysql_affected_rows() != 0) {
			return(true);
		}
		$sql	=	"INSERT ".session_table()." SET data = '".addslashes($data)."', id = '$id'";
		$result	=	mysql_query($sql);
		if(!$result) {
			return false;
		} else {
			return(true);
		}
	}

	function session_remove($id) {
		$connect	=	@mysql_select_db(session_db());
		if(!$connect) {
			return(false);
		}
		unset($connect);

		$sql	=	"DELETE ".session_table()." WHERE id = '$id'";
		$result	=	mysql_query($sql);
		if(!$result) {
			return(false);
		} else {
			return(true);
		}
	}
	
	function session_gc($life) {
		$connect	=	@mysql_select_db(session_db());
		if(!$connect) {
			return(false);
		}

		$sql	=	"DELETE ".session_table()." WHERE time < '".date("YmdHis",time() - $life)."'";
		$result	=	mysql_query($sql);
		if(!$result) {
			return(false);
		} else {
			return(true);
		}
	}

	session_set_save_handler("session_open", "session_close", "session_read", "session_write", "session_remove", "session_gc");
?>
And the SQL for the table:-

Code: Select all

CREATE TABLE session (
			id		VARCHAR(32)	NOT NULL,
			time	TIMESTAMP(14),
			user	TINYTEXT	NOT NULL,
			data	TEXT		NOT NULL,
			PRIMARY KEY(id)
		);
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

goto http://www.php.net/manual/en/ref.session.php and search for session.use_trans_sid and then disable it in your php.ini or .htaccess ;)
Post Reply