Home >php教程 >php手册 >使用数据库保存session的方法

使用数据库保存session的方法

WBOY
WBOYOriginal
2016-06-21 09:04:181009browse
php的session默认是以文件方式保存在服务器端,并且在客户端使用cookie保存变量,这就会出现一个问题,当一个用户由于某种安全原因关闭了浏览器的cookie,程序中的session相关操作将无法执行。因此,如果能以数据库保存session数据,将不受客户端设置的限制,并且在性能和扩展性等方面有一个飞跃。程序中使用关键函数是session_set_save_handler,同时要将php.ini里的session.save_handler = files 改为 user。这里我们讨论的环境是linux(freesd)+apache+mysql+php。

数据表结构:[sessions]
CREATE TABLE sessions (  
sesskey char(32) not null,  
expiry int(11) unsigned not null,  
value text not null,  
PRIMARY KEY (sesskey)  
);

程序代码:[session_inc.php]
$SESS_DBHOST = "yourhost"; /* database server hostname */
$SESS_DBNAME = "yourdb"; /* database name */
$SESS_DBUSER = "youruser"; /* database user */
$SESS_DBPASS = "yourpassword"; /* database password */

$SESS_DBH = "";
$SESS_LIFE = get_cfg_var("session.gc_maxlifetime");

function sess_open($save_path, $session_name) {
    global $SESS_DBHOST, $SESS_DBNAME, $SESS_DBUSER, $SESS_DBPASS, $SESS_DBH;

    if (! $SESS_DBH = mysql_pconnect($SESS_DBHOST, $SESS_DBUSER, $SESS_DBPASS)) {
        echo "
  • Can't connect to $SESS_DBHOST as $SESS_DBUSER";
            echo "
  • MySQL Error: " . mysql_error();
            die;
        }

        if (! mysql_select_db($SESS_DBNAME, $SESS_DBH)) {
            echo "
  • Unable to select database $SESS_DBNAME";
            die;
        }

        return true;
    }

    function sess_close() {
        return true;
    }

    function sess_read($key) {
        global $SESS_DBH, $SESS_LIFE;

        $qry = "SELECT value FROM session_tbl WHERE sesskey = '$key' AND expiry > " . time();
        $qid = mysql_query($qry, $SESS_DBH);

        if (list($value) = mysql_fetch_row($qid)) {
            return $value;
        }

        return false;
    }

    function sess_write($key, $val) {
        global $SESS_DBH, $SESS_LIFE;

        $expiry = time() + $SESS_LIFE; //过期时间
        $value = addslashes($val);

        $qry = "INSERT INTO session_tbl VALUES ('$key', $expiry, '$value')";
        $qid = mysql_query($qry, $SESS_DBH);

        if (! $qid) {
            $qry = "UPDATE session_tbl SET expiry = $expiry, value = '$value' WHERE sesskey = '$key' AND expiry > " . time();
            $qid = mysql_query($qry, $SESS_DBH);
        }

        return $qid;
    }

    function sess_destroy($key) {
        global $SESS_DBH;

        $qry = "DELETE FROM session_tbl WHERE sesskey = '$key'";
        $qid = mysql_query($qry, $SESS_DBH);

        return $qid;
    }

    function sess_gc($maxlifetime) {
        global $SESS_DBH;

        $qry = "DELETE FROM session_tbl WHERE expiry     $qid = mysql_query($qry, $SESS_DBH);

        return mysql_affected_rows($SESS_DBH);
    }

    session_set_save_handler(
    "sess_open",
    "sess_close",
    "sess_read",
    "sess_write",
    "sess_destroy",
    "sess_gc");

    session_start();
    ?>

    完成以上步骤后,在程序中使用require("session_inc.php")来代替session_start()即可,其他的session函数还是象以前一样的方法调用。



  • Statement:
    The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn