PHP DevCenter
oreilly.comSafari Books Online.Conferences.


Session Tracking: Part 2
Pages: 1, 2, 3

Once these functions are defined, you then need to tie them into the PHP session-handling logic. This is accomplished by passing their names into PHP's predefined session_set_save_handler() function. For example, assuming that the custom function names are those shown above, you would define them as custom storage handlers as seen below:

session_set_save_handler("session_open", "session_close", 
                         "session_read", "session_write", 
            "session_destroy", "session_garbage_collect");

Keep in mind that you can choose function names to be whatever you wish. What's important is that:

  • The function passes in as input the correct number and type of parameters.
  • The function names are defined in the correct order within the session_set_save_handler() function, that is: open, close, read, write, destroy, and garbage collect.

MySQL session-storage functionality

Thus far, I've defined the requirements as specified by PHP's user-defined session functionality. This information can then be applied to the media in which you would like to handle session data. In this section, I'll show you how this is accomplished with the popular MySQL database server.

Before creating the functions, the database table should be created. Listing 1 displays the table as I've created it. Depending on the level of activity you expect regarding the sessions table, you may also wish to create a database specifically for the sessions table. However, I'll leave that detail to you.

Listing 1: A MySQL session storage table

mysql>CREATE TABLE SessionsTable (
    ->SID char(32) NOT NULL,
    ->expiration INT NOT NULL,
    ->value TEXT NOT NULL,

Listing 2 shows the MySQL handler functions. I've defined these functions in the same order in which they were introduced in the previous section. Please take some time to study the function syntax and accompanying comments.

Listing 2: The MySQL session-storage library



// Session Table

$sess_table = "SessionsTable";

// Retrieve the session maximum lifetime (found in php.ini)

$lifetime = get_cfg_var("session.gc_maxlifetime");

// function: mysql_session_open()
// purpose: Opens a persistent server connection and selects the
//    database.

mysql_session_open($session_path, $session_name) {

  mysql_pconnect("localhost", "myusername", "mysecretpassword")
         or die("Can't connect to MySQL server! ");

         or die("Can't select MySQL sessions database");

} // end mysql_session_open()

// function: mysql_session_close()
// purpose: Doesn't actually do anything since the server connection is
//    persistent. Keep in mind that although this function
//    doesn't do anything in my particular implementation, I
//    still must define it.

mysql_session_close() {

  return 1;

} // end mysql_session_close()

// function: mysql_session_select()
// purpose: Reads the session data from the database

mysql_session_select($SID) {

  GLOBAL $sess_db;
  GLOBAL $sess_table;

  $query = "SELECT value FROM $sess_table
      WHERE SID = '$SID' AND
      expiration > ". time();

  $result = mysql_query($query);

} // end mysql_session_select()

// function: mysql_session_write()
// purpose: This function writes the session data to the database. If that SID // already exists, then the existing data will be updated.

mysql_session_write($SID, $value) {

  GLOBAL $sess_db;
  GLOBAL $sess_table;
  GLOBAL $lifetime;

  $expiration = time() + $lifetime;

  $query = "INSERT INTO $sess_table
      VALUES('$SID', '$expiration', '$value')";

  $result = mysql_query($query, $sess_db);

  if (! $result) :

   $query = "UPDATE $sess_table SET
       expiration = '$expiration',
       value = '$value' WHERE
       SID = '$SID' AND expiration >". time();

   $result = mysql_query($query, $sess_db);


} // end mysql_session_write()

// function: mysql_session_destroy()
// purpose: deletes all session information having input SID (only one row)

mysql_session_destroy($sessionID) {

  GLOBAL $sess_table;

  $query = "DELETE FROM $sess_table
      WHERE SID = '$sessionID'";
  $result = mysql_query($query);

} // end mysql_session_destroy()

// function: mysql_session_garbage_collect()
// purpose: deletes all sessions that have expired.

mysql_session_garbage_collect($lifetime) {

  GLOBAL $sess_table;

  $query = "DELETE FROM $sess_table
      WHERE sess_expiration < ".time() - $lifetime;
  $result = mysql_query($query);

  return mysql_affected_rows($result);

} // end mysql_session_garbage_collect()


Pages: 1, 2, 3

Next Pagearrow

Valuable Online Certification Training

Online Certification for Your Career
Earn a Certificate for Professional Development from the University of Illinois Office of Continuing Education upon completion of each online certificate program.

PHP/SQL Programming Certificate — The PHP/SQL Programming Certificate series is comprised of four courses covering beginning to advanced PHP programming, beginning to advanced database programming using the SQL language, database theory, and integrated Web 2.0 programming using PHP and SQL on the Unix/Linux mySQL platform.

Enroll today!

Sponsored by: