介绍使用数据库保存session的方法

2/9/2008来源:Oracle教程人气:7004


  phpsession默认是以文件方式保存在服务器端,并且在客户端使用cookie保存变量,这就会出现一个问题,当一个用户由于某种安全原因关闭了浏览器的cookie,程序中的session相关操作将无法执行。 因此,假如能以数据库保存session数据,将不受客户端设置的限制,并且在性能和扩展性等方面有一个飞跃。程序中使用要害函数是session_set_save_handler,同时要将php.ini里的session.save_handler = files 改为 user。这里我们讨论的环境是linux(freesd)+apache+MySQL+php。
  
  数据表结构:[sessions]
  CREATE TABLE sessions ( 
  sesskey char(32) not null, 
  eXPiry int(11) unsigned not null, 
  value text not null, 
  PRIMARY KEY (sesskey) 
  );
  
  程序代码:[session_inc.php]
  < ?php
  $SESS_DBHOST = "yourhost"; /* database server hostname */
  $SESS_DBNAME = "yourdb"; /* database name */
  $SESS_DBUSER = "youruser"; /* database user */
  $SESS_DBPASS = "yourpassWord"; /* database password */
  
  $SESS_DBH = "";
  $SESS_LIFE = get_cfg_var("session.gc_maxlifetime");
  
  function sess_open($save_path, $session_name) {
    global $SESS_DBHOST, $SESS_DBNAME, $SESS_DBUSER, $SESS_DBPASS, $SESS_DBH;
  
    if (! $SESS_DBH = mysql_pconnect($SESS_DBHOST, $SESS_DBUSER, $SESS_DBPASS)) {
      echo "< li>Can't connect to $SESS_DBHOST as $SESS_DBUSER";
      echo "< li>MySQL Error: " . mysql_error();
      die;
    }
  
    if (! mysql_select_db($SESS_DBNAME, $SESS_DBH)) {
      echo "< li>Unable to select database $SESS_DBNAME";
      die;
    }
  
    return true;
  }
  
  function sess_close() {
    return true;
  }
  
  function sess_read($key) {
    global $SESS_DBH, $SESS_LIFE;
  
    $qry = "SELECT value FROM session_tbl WHERE sesskey = '$key' AND expiry > " . time();
    $qid = mysql_query($qry, $SESS_DBH);
  
    if (list($value) = mysql_fetch_row($qid)) {
      return $value;
    }
  
    return false;
  }
  
  function sess_write($key, $val) {
    global $SESS_DBH, $SESS_LIFE;
  
    $expiry = time() + $SESS_LIFE; //过期时间
    $value = addslashes($val);
  
    $qry = "INSERT INTO session_tbl VALUES ('$key', $expiry, '$value')";
    $qid = mysql_query($qry, $SESS_DBH);
  
    if (! $qid) {
      $qry = "UPDATE session_tbl SET expiry = $expiry, value = '$value' WHERE sesskey = '$key' AND expiry > " . time();
      $qid = mysql_query($qry, $SESS_DBH);
    }
  
    return $qid;
  }
  
  function sess_destroy($key) {
    global $SESS_DBH;
  
    $qry = "DELETE FROM session_tbl WHERE sesskey = '$key'";
    $qid = mysql_query($qry, $SESS_DBH);
  
    return $qid;
  }
  
  function sess_gc($maxlifetime) {
    global $SESS_DBH;
  
    $qry = "DELETE FROM session_tbl WHERE expiry < " . time();
    $qid = mysql_query($qry, $SESS_DBH);
  
    return mysql_affected_rows($SESS_DBH);
  }
  
  session_set_save_handler(
  "sess_open",
  "sess_close",
  "sess_read",
  "sess_write",
  "sess_destroy",
  "sess_gc");
  
  session_start();
  ?>
  
  完成以上步骤后,在程序中使用require("session_inc.php")来代替session_start()即可,其他的session函数还是象以前一样的方法调用。