开发者

php sessions in database only writing part of information to the table

开发者 https://www.devze.com 2022-12-31 15:16 出处:网络
UPDATE (Added the code for the class that does the read/write) <?php error_reporting(E_ALL); class dbSession

UPDATE (Added the code for the class that does the read/write)

<?php
error_reporting(E_ALL);

class dbSession
{
    function dbSession($gc_maxlifetime = "", $gc_probability = "", $gc_divisor = "")
    {
        if ($gc_maxlifetime != "" && is_integer($gc_maxlifetime)) {
            @ini_set('session.gc_maxlifetime', $gc_maxlifetime);
        }
        if ($gc_probability != "" && is_integer($gc_probability)) {
            @ini_set('session.gc_probability', $gc_probability);
        }
        if ($gc_divisor != "" && is_integer($gc_divisor)) {
            @ini_set('session.gc_divisor', $gc_divisor);
        }
        $this->sessionLifetime = ini_get("session.gc_maxlifetime");
        session_write_close(); 

        session_set_save_handler(
            array(&$this, 'open'),
            array(&$this, 'close'),
            array(&$this, 'read'),
            array(&$this, 'write'),
            array(&$this, 'destroy'),
            array(&$this, 'gc')
        );
        register_shutdown_function('session_write_close');
        @session_start();
    }

    function open($save_path, $session_name)
    {
        $mySQLHost = "localhost";
        $mySQLUsername = "username";
        $mySQLPassword = "password";
        $mySQLDatabase = "rst_sessions";

        $link = mysql_connect($mySQLHost, $mySQLUsername, $mySQLPassword);

        if (!$link) {

            die ("Could not connect to database!");

        }

        $dbc = mysql_select_db($mySQLDatabase, $link);

        if (!$dbc) {

            die ("Could not select database!");

        }

        return true;

    }

    function close()
    {
        mysql_close();
        return true;
    }

    function read($session_id)
    {

        $result = @mysql_query("
            SELECT
                session_data
            FROM
                session_data
            WHERE
                session_id = '".$session_id."' AND
                http_user_agent = '".$_SERVER["HTTP_USER_AGENT"]."' AND
                session_expire > '".time()."'
        ");

        if (is_resource($result) && @mysql_num_rows($result) > 0) {

            // return found data
            $fields = @mysql_fetch_assoc($result);
            // don't bother with the unserialization - PHP handles this automatically
            return $fields["session_data"];

        }
        return "";
    }

    function write($session_id, $session_data)
    {

        // first checks if there is a session with this id
        $result = @mysql_query(" SELECT *FROM session_data WHERE session_id = '".$session_id."'");
        if (@mysql_num_rows($result) > 0) 
        {
            $result = @mysql_query(" UPDATE session_data
                SET
                    session_data = '".$session_data."',
                    session_expire = '".(time() + $this->sessionLifetime)."',
                    account_id = '" . $_SESSION['account']['account_id'] . "',
                    username = '" . $_SESSION['users']['username'] . "', 
                    report_logo_path = '". $_SESSION['path_to_report_logo'] . '/' . $_SESSION['report_logo_img'] . "',
                    report_footer_all = '". $_SESSION['report_footer_all'] . "',
                    report_footer_summary= '". $_SESSION['report_footer_summary'] . "'
                WHERE
                    session_id = '".$session_id."'
            ");

            // if anything happened
            if (@mysql_affected_rows()) 
            {
                return true;
            }


        } 
        else // if this session id is not in the database
        {
            $sql = "
                INSERT INTO
                    session_data
                        (
                            session_id,
                            http_user_agent,
                            session_data,
                            session_expire,
                            account_id,
                            username
                        )
                    VALUES
                        (
                            '".serialize($session_id)."',
                            '".$_SERVER["HTTP_USER_AGENT"]."',
                            '".$session_data."',
                            '".(time() + $this->sessionLifetime)."',
                            '".$_SESSION['account']['account_id']."',开发者_StackOverflow
                            '".$_SESSION['users']['username']."'    
                        )
            ";

            $result = @mysql_query($sql);

            if (@mysql_affected_rows()) 
            {
                // return an empty string
                return "";
            }

        }

        // if something went wrong, return false
        return false;

    }

}
?>

UPDATE: I've uncommented out the line in the php.ini file to allow the session to be written to a file instead of the DB, and I put session_start() on the right spots. So I've been able to rule out the code in other spots. This problem only occurs when using the database to store sessions, which is a requirement, so if there are any other ideas out there that could help me resolve this, let me know. thanks.


ORIGINAL POST: I'm having difficulty figuring out what's going on here, hoping some one can help me out.

I have been using php, mysql storing my session information in the database. The app is only running on localhost, vista. In the php.ini file I commented out the "session.save_handler = files" line and am using a php class to handle the session writes/reads, etc.

My login process is this: Submit login credentials via login.php. login.php calls loginprocess.php. loginprocess.php verifies user, and if valid starts a new session and adds data to the session vars, then it redirects to index.php.

Here's the problem. the loginprocess.php page has a bunch of session vars that get set like $_SESSION['account_id'] = $account_id; etc. but when I go to index.php and do a var_dump($_SESSION) it just says "array() empty". However, if I do a var_dump($_SESSION) in loginprocess.php, just before the redirection line header("Location: ../index.php"); then it shows all the data in the session variable. If I look in the database where the session information is stored, there is data in the session_id field, created_ts field, and expires field, but the session_data field has nothing inside of it and in the past this is the field where all my session data was stored.

How could I be able to var_dump the session in loginprocess.php, but the data not exist in the db table, is it using some kind of caching? I cleared my cookies, etc...but no change.

Why is the session_id, being written to the table, but the actual session data is not?

Any ideas are appreciated. Thanks.


To access the session data on PHP you need session_start before.


Look at the serialize() function, and consider using it before writing to the database; and the corresponding unserialize() when reading

0

精彩评论

暂无评论...
验证码 换一张
取 消