本文实例讲述了PHP将session信息存储到数据库的类。分享给大家供大家参考。具体分析如下:
SessionHandlerInterface接口是PHP内置的接口,直接实现就行了
具体可以看php手册关于session_set_save_handler函数的解释!
PHP代码如下:
/**
* session信息存储到数据库的类
* 表结构:
* CREATE TABLE IF NOT EXISTS `sessioninfo` (
* `sid` varchar(255) NOT NULL,
* `value` text NOT NULL,
* `expiration` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
* PRIMARY KEY (`sid`)
* ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
*/
class MySessionHandler implements SessionHandlerInterface {
/**
* @access private
* @var object 数据库连接
*/
private $_dbLink;
/**
* @access private
* @var string 保存session的表名
*/
Private $_sessionTable;
/**
* @access private
* @var string session名
*/
private $_sessionName;
/**
* @const 过期时间
*/
const SESSION_EXPIRE = 10;
public function __construct($dbLink, $sessionTable) {
if(!is_object($dbLink)) {
return false;
}
$this->_dbLink = $dbLink;
$this->_sessionTable = $sessionTable;
}
/**
* 打开
* @access public
* @param string $session_save_path 保存session的路径
* @param string $session_name session名
* @return integer
*/
public function open($session_save_path, $session_name) {
$this->_sessionName = $session_name;
return 0;
}
/**
* 关闭
* @access public
* @return integer
*/
public function close() {
return 0;
}
/**
* 关闭session
* @access public
* @param string $session_id session ID
* @return string
*/
public function read($session_id) {
$query = "SELECT value FROM {$this->_sessionTable} WHERE sid = {$session_id} AND UNIX_TIMESTAMP(expiration) + " . self::SESSION_EXPIRE . " > UNIX_TIMESTAMP(NOW())";
$result = $this->_dbLink->query($query);
if(!isset($value) || empty($value)) {
$value = "";
return $value;
}
$this->_dbLink->query("UPDATE {$this->_sessionTable} SET expiration = CURRENT_TIMESTAMP() WHERE sid = {$session_id}");
$value = $result->fetch_array();
$result->free();
return $value['value'];
}
/**
* 写入session
* @access public
* @param string $session_id session ID
* @param string $session_data session data
* @return integer
*/
public function write($session_id, $session_data) {
$query = "SELECT value FROM {$this->_sessionTable} WHERE sid = '{$session_id}' AND UNIX_TIMESTAMP(expiration) + " . self::SESSION_EXPIRE . " > UNIX_TIMESTAMP(NOW())";
$result = $this->_dbLink->query($query);
$result = $result->fetch_array();
if(!empty($result)) {
$result = $this->_dbLink->query("UPDATE {$this->_sessionTable} SET value = {$session_data} WHERE sid = {$session_id}");
}
else{
$result = $this->_dbLink->query("INSERT INTO {$this->_sessionTable} (sid, value) VALUES ('{$session_id}', '{$session_data}')");
}
if($result){
return 0;
}
else{
return 1;
}
}
/**
* 销魂session
* @access public
* @param string $session_id session ID
* @return integer
*/
public function destroy($session_id) {
$result = $this->_dbLink->query("DELETE FROM {$this->_sessionTable} WHERE sid = '{$session_id}'");
if($result){
return 0;
}
else{
return 1;
}
}
/**
* 垃圾回收
* @access public
* @param string $maxlifetime session 最长生存时间
* @return integer
*/
public function gc($maxlifetime) {
$result = $this->_dbLink->query("DELETE FROM {$this->_sessionTable} WHERE UNIX_TIMESTAMP(expiration) if($result){
return 0;
}
else{
return 1;
}
}
}
$dbLink = new mysqli("localhost", "root", "root", "test");
$sessionTable = "sessioninfo";
$handler = new MySessionHandler($dbLink, $sessionTable);
session_set_save_handler($handler);
session_start();
$_SESSION['name'] = "test";
echo $_SESSION["name"];
//session_destroy();
希望本文所述对大家的php程序设计有所帮助。
What data can be stored in a PHP session?May 02, 2025 am 12:17 AMPHPsessionscanstorestrings,numbers,arrays,andobjects.1.Strings:textdatalikeusernames.2.Numbers:integersorfloatsforcounters.3.Arrays:listslikeshoppingcarts.4.Objects:complexstructuresthatareserialized.
How do you start a PHP session?May 02, 2025 am 12:16 AMTostartaPHPsession,usesession_start()atthescript'sbeginning.1)Placeitbeforeanyoutputtosetthesessioncookie.2)Usesessionsforuserdatalikeloginstatusorshoppingcarts.3)RegeneratesessionIDstopreventfixationattacks.4)Considerusingadatabaseforsessionstoragei
What is session regeneration, and how does it improve security?May 02, 2025 am 12:15 AMSession regeneration refers to generating a new session ID and invalidating the old ID when the user performs sensitive operations in case of session fixed attacks. The implementation steps include: 1. Detect sensitive operations, 2. Generate new session ID, 3. Destroy old session ID, 4. Update user-side session information.
What are some performance considerations when using PHP sessions?May 02, 2025 am 12:11 AMPHP sessions have a significant impact on application performance. Optimization methods include: 1. Use a database to store session data to improve response speed; 2. Reduce the use of session data and only store necessary information; 3. Use a non-blocking session processor to improve concurrency capabilities; 4. Adjust the session expiration time to balance user experience and server burden; 5. Use persistent sessions to reduce the number of data read and write times.
How do PHP sessions differ from cookies?May 02, 2025 am 12:03 AMPHPsessionsareserver-side,whilecookiesareclient-side.1)Sessionsstoredataontheserver,aremoresecure,andhandlelargerdata.2)Cookiesstoredataontheclient,arelesssecure,andlimitedinsize.Usesessionsforsensitivedataandcookiesfornon-sensitive,client-sidedata.
How does PHP identify a user's session?May 01, 2025 am 12:23 AMPHPidentifiesauser'ssessionusingsessioncookiesandsessionIDs.1)Whensession_start()iscalled,PHPgeneratesauniquesessionIDstoredinacookienamedPHPSESSIDontheuser'sbrowser.2)ThisIDallowsPHPtoretrievesessiondatafromtheserver.
What are some best practices for securing PHP sessions?May 01, 2025 am 12:22 AMThe security of PHP sessions can be achieved through the following measures: 1. Use session_regenerate_id() to regenerate the session ID when the user logs in or is an important operation. 2. Encrypt the transmission session ID through the HTTPS protocol. 3. Use session_save_path() to specify the secure directory to store session data and set permissions correctly.
Where are PHP session files stored by default?May 01, 2025 am 12:15 AMPHPsessionfilesarestoredinthedirectoryspecifiedbysession.save_path,typically/tmponUnix-likesystemsorC:\Windows\TemponWindows.Tocustomizethis:1)Usesession_save_path()tosetacustomdirectory,ensuringit'swritable;2)Verifythecustomdirectoryexistsandiswrita
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Notepad++7.3.1
Easy-to-use and free code editor
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
