PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Sun Apr 21, 2019 6:12 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 8 posts ] 
Author Message
PostPosted: Tue Jul 13, 2004 6:58 am 
Offline
Forum Newbie

Joined: Tue Jul 13, 2004 6:58 am
Posts: 5
Location: Russia
I want to save all my session in the database.
Function session_set_save_handler() provides such functionality. But I can't understand... in which format I receive and must return $sess_data in read and write functions. And how can I use this format. For example. Table consists of 3 columns: sid, param and value.

in sid I want to store session_id (varchar(255))
in param ... - name of session variable (varchar(255))
and value - it's value... (text)

string = variable.

Write me a sample code for function write() pls.


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jul 13, 2004 9:51 am 
Offline
Forum Contributor

Joined: Fri Aug 30, 2002 10:19 am
Posts: 234
Location: Calgary, AB, Canada
I believe the parameter $sess_data includes the data of your session already serialized. I just wrote this string to the db and retrieved the same string back.

I guess if you have a need to be able to see each var then you could unserialize it and serialize it again when requested.


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jul 13, 2004 9:53 am 
Offline
Neighborhood Spidermoddy
User avatar

Joined: Mon Mar 29, 2004 4:24 pm
Posts: 31559
Location: Bothell, Washington, USA
This is something I helped write a few weeks ago..
Syntax: [ Download ] [ Hide ]
<?php



highlight_file(__FILE__);



if(!defined('_DEBUG_')) define('_DEBUG_',0);



if(_DEBUG_) header('Content-type: text/plain');





/* Create new object of class */

$ses_class = new session();



/* Change the save_handler to use the class functions */

session_set_save_handler (array(&$ses_class, '_open'),

                          array(&$ses_class, '_close'),

                          array(&$ses_class, '_read'),

                          array(&$ses_class, '_write'),

                          array(&$ses_class, '_destroy'),

                          array(&$ses_class, '_gc'));



/* Start the session */

session_start();



function sessDataUnpack($sessData)

{

        if(!is_string($sessData))

                return false;

               

        $data = preg_split('#([\w\d]+?)\|#',$sessData,-1,PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY);



        $flip = true;

        $sessData = array();

        foreach($data as $bit)

        {

                if($flip)

                        $key = $bit;

                else

                        $sessData[$key] = unserialize($bit);

                $flip = !$flip;

        }

       

        if(_DEBUG_)

        echo __LINE__."\n".print_r($data,true);

       

        return $sessData;

}

       

function arrayPull(&$array, $key, $leave = false)

{

        if(!is_array($array))

                return false;

        if(!is_integer($key) && !is_string($key))

                return false;

        if(!isset($array[$key]))

                return '';

           

        $ret = $array[$key];

        if(!$leave)

                unset($array[$key]);

           

        return $ret;

}

       

function sessDataPack($array)

{

        if(!is_array($array))

                return false;

           

        $out = '';

        foreach($array as $key => $data)

        {

                $out .= $key . '|' . serialize($data);

        }

           

        return $out;

}

       

function sessDataRepack(&$sessionData, $keys, &$extracted, $leave = false)

{

        if(!is_string($sessionData))

                return false;

        if(!is_string($keys) && !is_array($keys))

                return false;

           

        $data = sessDataUnpack($sessionData);

           

        if(!is_array($data))

                return false;

           

        if(is_array($keys))

        {

                $extracted = array();

                foreach($keys as $key)

                {

                        $extracted[] = arrayPull($data,$key,$leave);

                }

                $ret = sizeof($extracted);

        }

        else

        {

                $extracted = arrayPull($data,$keys,$leave);

                $ret = 0;

        }

       

        if(_DEBUG_)

        echo __LINE__."\n".print_r($data,true);

           

        if(_DEBUG_)

        echo __LINE__."\n".print_r($extracted,true);

           

        $sessionData = sessDataPack($data);

           

        if(_DEBUG_)

        echo __LINE__."\n".$sessionData."\n";

           

        return $ret;

}



class session

{

        /* Define the mysql table you wish to use with

                this class, this table MUST exist. */


        var $ses_table = "sessions";



        /* Change to 'Y' if you want to connect to a db in

                the _open function */


        var $db_con = "Y";



        /* Configure the info to connect to MySQL, only required

                if $db_con is set to 'Y' */


        var $db_host = "localhost";

        var $db_user = "************";

        var $db_pass = "************";

        var $db_dbase = "*************";

       

        var $mysql_connect = null;

        var $mysql_db = null;



        /* Create a connection to a database */

        function db_connect() {

                $this->mysql_connect = mysql_connect ($this->db_host,$this->db_user,$this->db_pass) or die(mysql_error());

                $this->mysql_db = mysql_select_db ($this->db_dbase) or die(mysql_error());



                if (!$mysql_connect || !$mysql_db) {

                        return FALSE;

                } else {

                        return TRUE;

                }

        }



        /* Open session, if you have your own db connection

                code, put it in here! */


        function _open($path, $name) {

                if ($this->db_con == "Y") {

                        $this->db_connect();

                }



                if(_DEBUG_)

            echo __LINE__."\n";



                return TRUE;

        }



        /* Close session */

        function _close() {

                /* This is used for a manual call of the

                        session gc function */




                if(_DEBUG_)

            echo __LINE__."\n";

           

            if($this->mysql_connect !== null)

                        mysql_close($this->mysql_connect);



                //$this->_gc(0);

                return TRUE;

        }



        /* Read session data from database */

        function _read($ses_id) {



                if(_DEBUG_)

            echo __LINE__."\n";



                $session_sql = "SELECT * FROM " . $this->ses_table

                                                . " WHERE ses_id = '$ses_id'";

                $session_res = mysql_query($session_sql) or die(mysql_error());



                if(_DEBUG_)

            echo __LINE__."\n";



                if (!$session_res) {

                        return '';

                }



                if(_DEBUG_)

            echo __LINE__."\n";



                $session_num = mysql_num_rows ($session_res);

                if ($session_num > 0) {

                        $session_row = mysql_fetch_assoc ($session_res);

                        $ses_data = $session_row["ses_value"];

                        return $ses_data;

                } else {

                        return '';

                }

        }



        /* Write new data to database */

        function _write($ses_id, $data) {



                if(_DEBUG_)

            echo __LINE__."\n".$data."\n";



                if(sessDataRepack($data,array('user','powerlevel'),$ret) == 2)

                        list($us,$pl) = $ret;

                else

                        $us = $pl = '';



                if(_DEBUG_)

            echo __LINE__."\n".print_r($ret,true);



                $session_sql = "UPDATE " . $this->ses_table

                                                . " SET ses_time = UNIX_TIMESTAMP(NOW()), ses_value='$data', ses_user='$us', ses_pow='$pl' WHERE ses_id='$ses_id'";

                $session_res = mysql_query ($session_sql) or die(mysql_error());



                if(_DEBUG_)

            echo __LINE__."\n".$session_sql."\n";



                if (!$session_res) {

                        return FALSE;

                }



                if(_DEBUG_)

            echo __LINE__."\n";



                if (mysql_affected_rows ()) {

                        return TRUE;

                }



                if(_DEBUG_)

            echo __LINE__."\n";



                $session_sql = "INSERT INTO " . $this->ses_table

                                                . " (ses_id, ses_time, ses_start, ses_value, ses_user, ses_pow)"

                                                . " VALUES ('$ses_id', UNIX_TIMESTAMP(NOW()), UNIX_TIMESTAMP(NOW()), '$data', '$us', '$pl')";

                $session_res = mysql_query ($session_sql);



                if(_DEBUG_)

            echo __LINE__."\n".$session_sql."\n";



                $match = "#^Duplicate entry '$ses_id' for key \d+$#";

                if (!$session_res && !preg_match($match,mysql_error())) {

                        if(_DEBUG_)

                        echo __LINE__."\n".$match."\n".mysql_error()."\n";

                        return FALSE;

                } else {

                        if(_DEBUG_)

                        echo __LINE__."\n";

                        return TRUE;

                }

        }



        /* Destroy session record in database */

        function _destroy($ses_id) {



                if(_DEBUG_)

            echo __LINE__."\n";



                $session_sql = "DELETE FROM " . $this->ses_table

                                                . " WHERE ses_id = '$ses_id'";

                $session_res = mysql_query ($session_sql) or die(mysql_error());



                if(_DEBUG_)

            echo __LINE__."\n".$session_sql."\n";



                if (!$session_res) {

                        return FALSE;

                }         else {

                        return TRUE;

                }

        }



        /* Garbage collection, deletes old sessions */

        function _gc($life) {



                if(_DEBUG_)

            echo __LINE__."\n";



                $session_sql = "DELETE FROM " . $this->ses_table

                                                . " WHERE ses_time < UNIX_TIMESTAMP(NOW() - $life)";

                $session_res = mysql_query ($session_sql) or die(mysql_error());



                if(_DEBUG_)

            echo __LINE__."\n".$session_sql."\n";



                if (!$session_res) {

                        return FALSE;

                }         else {

                        return TRUE;

                }

        }

}



$_SESSION['user'] = 'ted';

$_SESSION['powerlevel'] = 20;

$_SESSION['test'] = array('123',456,789=>'012','345'=>678);



?>


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 14, 2004 3:12 am 
Offline
Forum Newbie

Joined: Tue Jul 13, 2004 6:58 am
Posts: 5
Location: Russia
Thanks


Top
 Profile  
 
 Post subject:
PostPosted: Sun Mar 27, 2005 11:26 pm 
Offline
Forum Commoner
User avatar

Joined: Sat Mar 26, 2005 6:54 pm
Posts: 69
Location: A Canadian South of the 49th Parallel
Can you give me an explanation as to how you are packing the data, and why? I really didn't want to logically analyze your pack routines.. I was hoping instead that you wouldn't mind explaining it??

I currently use a DB to store my sessions as well, for security reasons, but does packing the data like you have done add more security (other than obfuscation)?? Cause if so, I would then really like to know how you did it (logically), so I may implement it into my own scripts as well!!

Thx! :D


Top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 28, 2005 1:42 am 
Offline
Neighborhood Spidermoddy
User avatar

Joined: Mon Mar 29, 2004 4:24 pm
Posts: 31559
Location: Bothell, Washington, USA
the packing and unpacking is done in accordance with how the built-in session system does the file based ones. It expects the data in that format. At least it did when I was working with it.


Top
 Profile  
 
 Post subject:
PostPosted: Thu Apr 28, 2005 10:36 am 
Offline
Forum Contributor

Joined: Tue Dec 30, 2003 4:28 pm
Posts: 127
feyd i have two questions:

i was testing this and i found that if i close the broswer, the session was not deleted from the database.
the session id is alwais the same, what is best time to generate a new id?
should i do it in the _read function when the query returns 0 rows?


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 29, 2005 4:04 am 
Offline
Jedi Mod
User avatar

Joined: Tue Dec 21, 2004 6:03 pm
Posts: 5263
Location: usrlab.com
That's some very nice code there Feyd.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group