Ok, I just discovered these, and thought I'd share the knowledge. Maybe everyone knows this...but then again, maybe it'll help someone.
I found that you can set up custom session handlers, which can be easily set up to use a mysql db to manage them, instead of files. This makes it FAR easier to limit logins to allow users to be logged in only once, etc. Here is how it's done:
session_set_save_handler('open', 'close', 'read', 'write', 'destroy', 'clean');
This sets sessions up to use the open, close, read, write, destroy, and clean functions to carry out their respective parts of session handling. They can be named whatever you want, but must be in that order.
Here are the functions I used (this uses mysqli, but could be EASILY changed to use mysql):function open() {return connect_db();}
function close() {return true;}
function read($id)
{
$db = connect_db();
$q = "SELECT data FROM sessions WHERE id=".quote_smart($id,$db);
if ($r = $db->query($q))
{
$i = $r->fetch_assoc();
return $i['data'];
}
return false;
}
function write($id, $data)
{
$db = connect_db();
$q = "REPLACE INTO sessions (`id`,`access`,`data`) VALUES('".$id."',".time().",".quote_smart($data,$db).")";
return $db->query($q);
}
function destroy($id)
{
$db = connect_db();
$q = "DELETE FROM sessions WHERE id=".quote_smart($id,$db);
return $db->query($q);
}
function clean($max)
{
$db = connect_db();
$old = time() - $max;
$q = "DELETE FROM sessions WHERE access < ".quote_smart($old,$db);
return $db->query($q);
}Here are the other functions that you see used:function &connect_db() {
if (!isset($db)) {
static $db;
$db = new mysqli('db_server','db_username','db_password','db_name');
}
return $db;
}
function quote_smart($value,$db) {
if (get_magic_quotes_gpc()) {$value = stripslashes($value);}
return "'".mysqli_real_escape_string($db,$value)."'";
}
basically, this will use a db INSTEAD of files to manage the SESSIONS. You need to set up a table like this:CREATE TABLE `sessions` (
`id` varchar(32) NOT NULL default '',
`access` int(10) unsigned default NULL,
`data` text,
PRIMARY KEY (`id`)
);Good Post Aaron,personally I don't do it that way...but many people do.you don't do sessions that way, as in you prefer files? Or you don't do sessions that way, as in you use a db, but you have a better/different way. Because I'd be interested in anything better/different.Originally posted by AaronCampbell
you don't do sessions that way, as in you prefer files? Or you don't do sessions that way, as in you use a db, but you have a better/different way. Because I'd be interested in anything better/different.
Little of both...I haven't bothered databasing the sessions for my cms yet...but the way I've done it in the past used a class I wrote...and one session variable set the 'normal way'..I never was very fond of session_set_save_handler()...but I do definately support the validity and quality of your method.Likely I could use it with minimal effort...but I'm not sure if session_set_save_hander() supports the method of passing class functions via array('var','function);,I haven't had a chance to test it.And...if it doesn't..it would break the flow of my code to use it with procedural functions(when I write OOP,I write ALL OOP...I flatly refuse to mix in normal procedural functions)That works fine, as a matter of fact, I'm planning on updating it all, and trying to clean everything up...and implement it as a class.
Here is a WORKING example as a class:class Sessions{
static public $db;
//Set up session handler functions
function open() {self::$db = connect_db(); return self::$db;}
function close() {return true;}
function read($id)
{
$q = "SELECT data FROM sessions WHERE id=".quote_smart($id,self::$db);
if ($r = self::$db->query($q))
{
$i = $r->fetch_assoc();
return $i['data'];
}
return false;
}
function write($id, $data)
{
$q = "REPLACE INTO sessions (`id`,`access`,`data`) VALUES('".$id."',".time().",".quote_smart($data,self::$db).")";
return self::$db->query($q);
}
function destroy($id)
{
$q = "DELETE FROM sessions WHERE id=".quote_smart($id,self::$db);
return self::$db->query($q);
}
function clean($max)
{
$old = time() - $max;
$q = "DELETE FROM sessions WHERE access < ".quote_smart($old,self::$db);
return self::$db->query($q);
}
}
session_set_save_handler(array('Sessions','open'), array('Sessions','close'), array('Sessions','read'), array('Sessions','write'), array('Sessions','destroy'), array('Sessions','clean'));In that case...I will likely use session_set_save_handler when I do switch to databasing them...tho I will,of course,write my own class(I don't use other peoples code,something else I flatly refuse to do).If you wish to have me show you when I've completed it(which may or may not be this weekend),feel free to let me know.
Like I said before,very good suggestion Aaron ^^I'd love to see it when your done...that's how I learn new ways of coding...looking at other well-written (or poorly written) code, and adjusting accordingly. I'm brand-new to the whole OOP thing, and fairly new to PHP in general...so the more I can learn the better.Originally posted by AaronCampbell
I'd love to see it when your done...that's how I learn new ways of coding...looking at other well-written (or poorly written) code, and adjusting accordingly. I'm brand-new to the whole OOP thing, and fairly new to PHP in general...so the more I can learn the better.
Sounds good,thats how I learned.Granted I picked up OOP on my own without looking at examples(Smarty isn't what I consider good code..and it's the only popular script I could think of to look at)....I'm pretty good with OOP now,and I prefer it.Procedural is so much less 'acceptable' once you've been bitten by the oop 'bug'.
I found that you can set up custom session handlers, which can be easily set up to use a mysql db to manage them, instead of files. This makes it FAR easier to limit logins to allow users to be logged in only once, etc. Here is how it's done:
session_set_save_handler('open', 'close', 'read', 'write', 'destroy', 'clean');
This sets sessions up to use the open, close, read, write, destroy, and clean functions to carry out their respective parts of session handling. They can be named whatever you want, but must be in that order.
Here are the functions I used (this uses mysqli, but could be EASILY changed to use mysql):function open() {return connect_db();}
function close() {return true;}
function read($id)
{
$db = connect_db();
$q = "SELECT data FROM sessions WHERE id=".quote_smart($id,$db);
if ($r = $db->query($q))
{
$i = $r->fetch_assoc();
return $i['data'];
}
return false;
}
function write($id, $data)
{
$db = connect_db();
$q = "REPLACE INTO sessions (`id`,`access`,`data`) VALUES('".$id."',".time().",".quote_smart($data,$db).")";
return $db->query($q);
}
function destroy($id)
{
$db = connect_db();
$q = "DELETE FROM sessions WHERE id=".quote_smart($id,$db);
return $db->query($q);
}
function clean($max)
{
$db = connect_db();
$old = time() - $max;
$q = "DELETE FROM sessions WHERE access < ".quote_smart($old,$db);
return $db->query($q);
}Here are the other functions that you see used:function &connect_db() {
if (!isset($db)) {
static $db;
$db = new mysqli('db_server','db_username','db_password','db_name');
}
return $db;
}
function quote_smart($value,$db) {
if (get_magic_quotes_gpc()) {$value = stripslashes($value);}
return "'".mysqli_real_escape_string($db,$value)."'";
}
basically, this will use a db INSTEAD of files to manage the SESSIONS. You need to set up a table like this:CREATE TABLE `sessions` (
`id` varchar(32) NOT NULL default '',
`access` int(10) unsigned default NULL,
`data` text,
PRIMARY KEY (`id`)
);Good Post Aaron,personally I don't do it that way...but many people do.you don't do sessions that way, as in you prefer files? Or you don't do sessions that way, as in you use a db, but you have a better/different way. Because I'd be interested in anything better/different.Originally posted by AaronCampbell
you don't do sessions that way, as in you prefer files? Or you don't do sessions that way, as in you use a db, but you have a better/different way. Because I'd be interested in anything better/different.
Little of both...I haven't bothered databasing the sessions for my cms yet...but the way I've done it in the past used a class I wrote...and one session variable set the 'normal way'..I never was very fond of session_set_save_handler()...but I do definately support the validity and quality of your method.Likely I could use it with minimal effort...but I'm not sure if session_set_save_hander() supports the method of passing class functions via array('var','function);,I haven't had a chance to test it.And...if it doesn't..it would break the flow of my code to use it with procedural functions(when I write OOP,I write ALL OOP...I flatly refuse to mix in normal procedural functions)That works fine, as a matter of fact, I'm planning on updating it all, and trying to clean everything up...and implement it as a class.
Here is a WORKING example as a class:class Sessions{
static public $db;
//Set up session handler functions
function open() {self::$db = connect_db(); return self::$db;}
function close() {return true;}
function read($id)
{
$q = "SELECT data FROM sessions WHERE id=".quote_smart($id,self::$db);
if ($r = self::$db->query($q))
{
$i = $r->fetch_assoc();
return $i['data'];
}
return false;
}
function write($id, $data)
{
$q = "REPLACE INTO sessions (`id`,`access`,`data`) VALUES('".$id."',".time().",".quote_smart($data,self::$db).")";
return self::$db->query($q);
}
function destroy($id)
{
$q = "DELETE FROM sessions WHERE id=".quote_smart($id,self::$db);
return self::$db->query($q);
}
function clean($max)
{
$old = time() - $max;
$q = "DELETE FROM sessions WHERE access < ".quote_smart($old,self::$db);
return self::$db->query($q);
}
}
session_set_save_handler(array('Sessions','open'), array('Sessions','close'), array('Sessions','read'), array('Sessions','write'), array('Sessions','destroy'), array('Sessions','clean'));In that case...I will likely use session_set_save_handler when I do switch to databasing them...tho I will,of course,write my own class(I don't use other peoples code,something else I flatly refuse to do).If you wish to have me show you when I've completed it(which may or may not be this weekend),feel free to let me know.
Like I said before,very good suggestion Aaron ^^I'd love to see it when your done...that's how I learn new ways of coding...looking at other well-written (or poorly written) code, and adjusting accordingly. I'm brand-new to the whole OOP thing, and fairly new to PHP in general...so the more I can learn the better.Originally posted by AaronCampbell
I'd love to see it when your done...that's how I learn new ways of coding...looking at other well-written (or poorly written) code, and adjusting accordingly. I'm brand-new to the whole OOP thing, and fairly new to PHP in general...so the more I can learn the better.
Sounds good,thats how I learned.Granted I picked up OOP on my own without looking at examples(Smarty isn't what I consider good code..and it's the only popular script I could think of to look at)....I'm pretty good with OOP now,and I prefer it.Procedural is so much less 'acceptable' once you've been bitten by the oop 'bug'.