Session Class

This class is used to manage and store sessions using a MySQL database. The advantages of this are:

  • Your data is more secure than when using the default session files
    • This is especially important if you are on a shared server
  • You are able to use multiple servers that can all access the same session data
  • You can query the database to find the number of active sessions, or to see who is logged in, etc.

To begin, setup the following MySQL Table:

DROP TABLE IF EXISTS `sessions`; 
CREATE TABLE `sessions` ( 
  `id` varchar(32) NOT NULL, 
  `data` text, 
  `last_accessed` timestamp NOT NULL default CURRENT_TIMESTAMP, 
  PRIMARY KEY  (`id`) 
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

Other than that, there is nothing to document. Just include the file once and your session has begun. Just like the Database Class, it is critical that this file is only included once. I figure that every time I need to access the database, a session should be created right along with it. So I wrote the following function:

function open_database () { // opens a connection do your database, and starts a session 
  global $mysqli; 
  include_once (BASE . 'common/classes/Database.php'); 
  include_once (BASE . 'common/classes/Session.php'); 
}

So in my script when I've determined that I'm going to be using the database (which is almost always - but not always), I open_database() and off I go.

Click to Download the PHP Session Class

 Subscribe to our feed

session.php

<?php 
 
/* 
 *    author:           Kyle Gadd 
 *    documentation:    http://www.php-ease.com/classes/session.html 
 * 
 *    This program is free software: you can redistribute it and/or modify 
 *    it under the terms of the GNU General Public License as published by 
 *    the Free Software Foundation, either version 3 of the License, or 
 *    (at your option) any later version. 
 * 
 *    This program is distributed in the hope that it will be useful, 
 *    but WITHOUT ANY WARRANTY; without even the implied warranty of 
 *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the 
 *    GNU General Public License for more details. 
 * 
 *    You should have received a copy of the GNU General Public License 
 *    along with this program.  If not, see <http://www.gnu.org/licenses/>. 
 */ 
 
ini_set('session.use_only_cookies', 1); // cookies only 
ini_set('session.use_trans_sid', 0); // no url-rewriting 
ini_set('session.gc_maxlifetime', 1440); // 24 minutes 
ini_set('session.gc_probability', 1); 
ini_set('session.gc_divisor', 100); // clean records 1% (1/100) of the time 
 
include_once (BASE . 'database.php'); 
 
$session = new Session(); 
session_set_save_handler( 
  array(&$session,"open"),  
  array(&$session,"close"),  
  array(&$session,"read"),  
  array(&$session,"write"),  
  array(&$session,"destroy"),  
  array(&$session,"clean")); 
register_shutdown_function("session_write_close"); 
ob_start("ob_gzhandler"); 
session_start(); 
 
class Session { 
 
  public function __construct () { 
    session_set_save_handler(array(&$this,"open"),  
                             array(&$this,"close"),  
                             array(&$this,"read"),  
                             array(&$this,"write"),  
                             array(&$this,"destroy"),  
                             array(&$this,"clean")); 
    register_shutdown_function("session_write_close"); 
    ob_start("ob_gzhandler"); 
    session_start(); 
  } 
 
  public function open ($save_path, $session_name) { 
    return true; 
  } 
 
  public function close () { 
    return true; 
  } 
 
  public function read ($session_id) { 
    $id = escape_data($session_id); 
    $result = db_query ("SELECT data FROM sessions WHERE id='{$id}'"); 
    if ($result->num_rows == 1) { 
      list($data) = $result->fetch_row(); 
      return $data; 
    } else { 
      return ''; 
    } 
  } 
 
  public function write ($session_id, $session_data) { 
    global $mysqli; 
    $id = escape_data($session_id); 
    $data = escape_data($session_data); 
    db_query ("REPLACE INTO sessions (id, data, last_accessed) VALUES ('{$id}', '{$data}', NOW())"); 
    return $mysqli->affected_rows; 
  } 
 
  public function destroy ($session_id) { 
    $id = escape_data($session_id); 
    return db_query ("DELETE FROM sessions WHERE id='{$id}'"); 
  } 
 
  public function clean ($maxlifetime) { 
    return db_query ("DELETE FROM sessions WHERE last_accessed < SUBDATE(NOW(), INTERVAL {$maxlifetime} SECOND)"); 
  } 
 
} 
 
?>

comments powered by Disqus
Copyright © 2011 PHP-Ease.com - PHP Made Easy