How to use database methods to save sessions

PHP's session is saved as a file on the server side by default, and cookies are used to save variables on the client side. This will cause a problem. When a user closes the browser's cookie for some security reason, the program Session related operations will not be performed. Therefore, if session data can be saved in the database, it will not be restricted by client settings, and there will be a leap in performance and scalability. The key function used in the program is session_set_save_handler, and session.save_handler = files in php.ini must be changed to user. The environment we are discussing here is linux (freesd) apache mysql php.

Data table structure: [sessions]

CREATE TABLE sessions (
sesskey char(32) not null,
expiry int(11) unsigned not null,
value text not null,
PRIMARY KEY (sesskey)
);

Program code: [session_inc.php]

$SESS_DBHOST = "yourhost"; /* database server hostname */
$SESS_DBNAME = "yourdb"; /* database name */
$SESS_DBUSER = "youruser"; /* database user */
$SESS_DBPASS = "yourpassword"; /* database password */
$SESS_DBH = "";
$SESS_LIFE = get_cfg_var("session.gc_maxlifetime");

function sess_open($save_path, $session_name) {
global $SESS_DBHOST, $SESS_DBNAME, $SESS_DBUSER, $SESS_DBPASS, $SESS_DBH;

if (! $SESS_DBH = mysql_pconnect($SESS_DBHOST, $SESS_DBUSER, $SESS_DBPASS)) {echo "
Can't connect to $SESS_DBHOST as $SESS_DBUSER";echo "
MySQL Error: " . mysql_error();die;}

if (! mysql_select_db($SESS_DBNAME, $SESS_DBH)) {echo "
Unable to select database $SESS_DBNAME";die;}return true;}

function sess_close() {
return true;
}
function sess_read($key) {
global $SESS_DBH, $SESS_LIFE;
$qry = "SELECT value FROM session_tbl WHERE sesskey = '$key' AND expiry > " . time();
$qid = mysql_query($qry, $SESS_DBH);

if (list($value) = mysql_fetch_row($qid)) {
return $value;
}
return false;
}

function sess_write($key, $val) {
global $SESS_DBH, $SESS_LIFE;
$expiry = time() + $SESS_LIFE; //过期时间
$value = addslashes($val);
$qry = "INSERT INTO session_tbl VALUES ('$key', $expiry, '$value')";
$qid = mysql_query($qry, $SESS_DBH);

if (! $qid) {
$qry = "UPDATE session_tbl SET expiry = $expiry, value = '$value' WHERE sesskey = '$key' AND expiry > " . time();
$qid = mysql_query($qry, $SESS_DBH);
}
return $qid;
}
function sess_destroy($key) {
global $SESS_DBH;
$qry = "DELETE FROM session_tbl WHERE sesskey = '$key'";
$qid = mysql_query($qry, $SESS_DBH);
return $qid;
}

function sess_gc($maxlifetime) {
global $SESS_DBH;
$qry = "DELETE FROM session_tbl WHERE expiry < " . time();
$qid = mysql_query($qry, $SESS_DBH);
return mysql_affected_rows($SESS_DBH);
}

session_set_save_handler(
"sess_open",
"sess_close",
"sess_read",
"sess_write",
"sess_destroy",
"sess_gc");

session_start();
?>

After completing the above steps, use it in the program require("session_inc.php") can be used instead of session_start(), and other session functions are still called in the same way as before.

This article describes how to save sessions through the database. For more related content, please pay attention to the PHP Chinese website.

Related recommendations:

Five ways to prevent SQL injection

##About the high availability of MySQL: Keepalived dual master Hot backup

#Use PHP to write several common sorting algorithm programs

The above is the detailed content of How to use database methods to save sessions. For more information, please follow other related articles on the PHP Chinese website!