Working on changing sessions to be stored in db. Using example I found on Internet.
Works for the most part, however it's driving me nuts (:queasy🙂 that my username is being stored as data|s:6:"bertha"; vs. just the username bertha.
I've read where the session_set_save_handler is "serializing" the data by default.
In any case, I want to get at the username entered to ensure I keep my users logged in, etc. I've tried to "unserialize" the entry but it always returns false!
MANY THANKS!!
The code is below:
//*************************************************************************************
//Variables used through out the script - CHANGE TO A GENERAL FILE AND INCLUDE IT...
//****************************************************************
$server = "blah"; // Server Name
$userid = "blah"; // Username
$pass = "blah"; //Password
$database = "blah"; // Database Name
//****************************************************************
//****************************************************************
//Make server and database connections
//****************************************************************
$con = mysql_connect("$server",$userid,$pass)
or die ("Connection Error to Server");
$db = mysql_select_db("$database",$con)
or die("Connection Error to Database");
//==========================================================================================
class SessionManager {
var $life_time;
function SessionManager() {
// Read the maxlifetime setting from PHP
$this->life_time = get_cfg_var("session.gc_maxlifetime");
// Register this object as the session handler
session_set_save_handler(
array( &$this, "open" ),
array( &$this, "close" ),
array( &$this, "read" ),
array( &$this, "write"),
array( &$this, "destroy"),
array( &$this, "gc" )
);
}
function open( $save_path, $session_name ) {
global $sess_save_path;
$sess_save_path = $save_path;
// Don't need to do anything. Just return TRUE.
return true;
}
function close() {
return true;
}
//READ DATA
function read( $id ) {
// Set empty result
//$data = '';
// Fetch session data from the selected database
$time = time();
$newid = mysql_real_escape_string($id);
$sql = "SELECT `session_data` FROM `sessions` WHERE `session_id` = '$newid' AND `expires` > $time";
$rs = mysql_query($sql);
$a = mysql_num_rows($rs);
if($a > 0) {
$row = mysql_fetch_assoc($rs);
$data = $row['session_data'];
}
return $data;
}
//WRITE DATA
function write( $id, $data ) {
//unserialize($data);
//echo $data;
// Build query
$time = time() + $this->life_time;
$newid = mysql_real_escape_string($id);
//base64_encode(serialize
$newdata = mysql_real_escape_string($data);
$sql = "REPLACE `sessions` (`session_id`,`session_data`,`expires`) VALUES('$newid','$newdata', $time)";
$rs = mysql_query($sql);
//var_dump($_SESSION);
return TRUE;
}
function destroy( $id ) {
// Build query
$newid = mysql_real_escape_string($id);
$sql = "DELETE FROM `sessions` WHERE `session_id` = '$newid'";
mysql_query($sql);
return TRUE;
}
function gc() {
// Garbage Collection
// Build DELETE query. Delete all records who have passed the expiration time
$sql = 'DELETE FROM `sessions` WHERE `expires` < UNIX_TIMESTAMP();';
mysql_query($sql);
// Always return TRUE
return true;
}
}?>
The calling page contains:
require_once("sessions.php");
$sess = new SessionManager();
session_start();
