session_set_save_handler()中write使用的有关问题

WBOY

Lepaskan： 2016-06-13 13:16:17

asal

1130 orang telah melayarinya

session_set_save_handler()中write使用的问题
我把SESSION写入数据库，sessionID用URL传。

a.php:

PHP code

<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

-->
<?php require('session.php');

  session_start();
  $_SESSION['test'] = 1;

  echo '<a href="b.php?' . session_name() . '=' . session_id() . '">查看';

Salin selepas log masuk

b.php

PHP code

<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

-->
<?php require('session.php');
  session_start();

Salin selepas log masuk

session.php:

PHP code

<!--

Code highlighting produced by Actipro CodeHighlighter (freeware)
http://www.CodeHighlighter.com/

-->
<?php ini_set('session.save_handler', 'user');
    ini_set('session.use_cookies', 0);
    
    session_set_save_handler('open', 'close', 'read', 'write', 'destroy', 'gc');
    
    $link = null;
    $expiry = 86400;
    
    function open($save_path, $session_name)
    {
        //连接数据库
    }
    
    function close() {
        return true;
    }
    
    function read($sessionId) {
        global $link;
        
        $sessionId = mysql_escape_string($sessionId);
        $time = time();
        $sql = "SELECT value FROM session WHERE session_id='{$sessionId}' AND expiry>{$time}";
        
        $result = mysql_query($sql, $link);
        
        if(@$row = mysql_fetch_row($result, $link)) {
            return $row[0];
        }else {
            return '';
        }
    }
    
    function write($sessionId, $sessionData) {
        global $link, $expiry;
        
        $sessionId = mysql_escape_string($sessionId);
        $sessionData = mysql_escape_string($sessionData);
        $time = time() + $expiry;
        
        $sql = "INSERT INTO session(session_id, value, expiry) VALUES('{$sessionId}', '{$sessionData}', {$time});";
        $result = mysql_query($sql, $link);
        
        if($result) {
            return true;
        }
        
        $sql = "UPDATE session SET value='{$sessionData}', expiry={$time} WHERE session_id='{$sessionId}'";
        $result = mysql_query($sql, $link);
            
        if($result && mysql_affected_rows($link)) {
            return true;
        }else {
            return false;
        }
    }
    
    function destroy($sessionId) {
        global $link;
        
        $sessionId = mysql_escape_string($sessionId);
        
        $sql = "DELETE FROM session WHERE session_id='{$sessionId}';";
        $result = mysql_query($sql, $link);
        
        if($result) {
            return true;
        }else {
            return false;
        }
    }
    
    function gc($maxLifeTime) {
        return true;
    }

Salin selepas log masuk

现在是这样：
运行a.php，SESSION确实保存到了数据库中：
+----------------------------+--------------------------------+------------+
| session_id | value | expiry |
+----------------------------+--------------------------------+------------+
| o7olki3vmch3k8bakhk71emco6 | isLogin|i:1;permission|s:0:""; | 1344495859 |
+----------------------------+--------------------------------+------------+

问题是：
当点击a.php的超链接去b.php时，传过去的sessionID所代表的SESSION值被清空了。
+----------------------------+-------+------------+
| session_id | value | expiry |
+----------------------------+-------+------------+
| o7olki3vmch3k8bakhk71emco6 | | 1344496029 |
+----------------------------+-------+------------+

后来我发现，原来是运行b.php页面时，执行了write()方法中的UPDATE：
UPDATE session SET value='', expiry=1344496029 WHERE session_id='o7olki3vmch3k8bakhk71emco6'
但是我在b.php页面中并没有更改SESSION的操作啊？这是怎么回事呢？

麻烦大家了！！！

------解决方案--------------------
php 并不知道你是否修改了 session 变量的值
所以他总是要将 session 重写回去的