session_set_save_handler not writing

Anon

I'm trying to get a custom session handler working for MySQL. I'll apologize in advance for the length of this post - I've included a lot of code. I've written a bunch of code that I think should work, but it won't call the write handler. Here's the session management code:

define('SESSION_TABLE_NAME','session_info');

function mysql_session_open ($save_path, $session_name)
{
echo "open($save_path,@session_name)\n";

    mysql_session_gc(get_cfg_var("session.gc_max_lifetime"));
    return true;

}

function mysql_session_close ()
{
echo "close()\n";

    return true;

}

function mysql_session_read ($sid)
{
echo "read($sid)\n";

    $sid=addslashes($sid);

    $data=mysql_query("SELECT data FROM " . SESSION_TABLE_NAME . " WHERE sid = '$sid'");
    if (mysql_num_rows($data)==1) {
            list ($ret)=mysql_fetch_row($data);
            return $ret;
    } else {
            return false;
    }

}

function mysql_session_write ($sid, $val)
{
echo "write($sid,$val)\n";

    $sid=addslashes($sid);
    $val=addslashes($val);

    $ret=mysql_query("REPLACE INTO " . SESSION_TABLE_NAME . " (sid, access, data) VALUES ('$sid',UNIX_TIMESTAMP(NOW()),'$val')"$

    return $ret;

}

function mysql_session_destroy ($sid)
{
$sid=addslashes($sid);

    $ret=mysql_query("DELETE FROM " . SESSION_TABLE_NAME . " WHERE sid='$sid'");

    return $ret;

}

function mysql_session_gc ($maxage)
{
$cutoff=time()-$maxage;

    $ret=mysql_query("DELETE FROM " . SESSION_TABLE_NAME . " WHERE access < $cutoff");

    return $ret;

}

session_set_save_handler('mysql_session_open',
'mysql_session_close',
'mysql_session_read',
'mysql_session_write',
'mysql_session_destroy',
'mysql_session_gc');

Later, I call

session_start();
session_register("var");
$HTTP_SESSION_VARS["var"]++;

(I've got register-globals off.)
When I run it command-line, I get the result:

Set-Cookie: sid=dad63e4a80612630108d4b7f051892ee; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html

open(/tmp,@session_name)
read(dad63e4a80612630108d4b7f051892ee)
close()

It's not calling the "mysql_session_write" function. I checked the php.ini file 10 times - session.save_handler = user. Does anyone have any ideas as to why this would be happening? Thanks so much in advance for your help!!

-David Ziegler
-dziegler@mit.edu

[deleted]

$ret=mysql_query("REPLACE INTO " . SESSION_TABLE_NAME . " (sid, access, data) VALUES ('$sid',UNIX_TIMESTAMP(NOW()),'$val')"$

that last dollar is a typo right? should be a ;?

Anon

Yup, that's supposed to be ...'val')");

I copied it out of pico, and it put a $ at the end of the line when it broke the text.

Anyone else got any ideas on this??

-David Ziegler
-dziegler@mit.edu