ciao e grazie per la risposta , stavo leggendo sul sito di php e ho trovato quest esempio, tu ce ne pensi il salvataggio delle sessioni nel database, ho sentito dire che e piu sicuro?
Codice PHP:
class Session {
// session-lifetime
public $lifeTime;
function __construct ($db) {
// get session-lifetime
$this->lifeTime = get_cfg_var("session.gc_maxlifetime");
// open database-connection
$this->mdb2 =& MDB2::factory($db);
if (PEAR::isError($this->mdb2)) {
$php_errormsg .= $this->mdb2->getMessage();
$php_errormsg .= $this->mdb2->getDebugInfo();
}
session_set_save_handler(array(&$this, 'open'),
array(&$this, 'close'),
array(&$this, 'read'),
array(&$this, 'write'),
array(&$this, 'destroy'),
array(&$this, 'gc'));
register_shutdown_function('session_write_close');
session_start();
return true;
}
function open($savePath, $sessName) {
// get session-lifetime
$this->lifeTime = get_cfg_var("session.gc_maxlifetime");
return true;
}
function close() {
$this->gc(ini_get('session.gc_maxlifetime'));
// close database-connection
return $this->mdb2->disconnect();
}
function read($sessID) {
global $php_errormsg;
// fetch session-data
$query = "
SELECT session_data FROM sessions
WHERE session = '$sessID'
AND session_expires >
".time();
$result = $this->mdb2->queryOne($query);
// return data or an empty string at failure
if (MDB2::isError($result)) {
$php_errormsg .= $result->getMessage();
$php_errormsg .= $result->getDebugInfo ();
return false;
}
return $result;
}
function write($sessID,$sessData) {
global $php_errormsg;
// new session-expire-time
$newExp = time() + $this->lifeTime;
// is a session with this id in the database?
$query = "
SELECT * FROM sessions
WHERE session = '$sessID'
";
$result = $this->mdb2->query($query);
// if yes,
if($result->numRows()) {
// ...update session-data
$query = "
UPDATE sessions
SET session_expires = '$newExp',
session_data = '$sessData'
WHERE session = '$sessID'
";
}
// if no session-data was found,
else {
// create a new row
$query = "
INSERT INTO sessions (
session,
session_expires,
session_data)
VALUES(
'$sessID',
'$newExp',
'$sessData')
";
}
$result = $this->mdb2->exec($query);
// if something happened, return true
if (MDB2::isError($result)) {
$php_errormsg .= $result->getMessage();
$php_errormsg .= $result->getDebugInfo ();
return false;
} else {
// ...else return true
return true;
}
}
function destroy($sessID) {
global $php_errormsg;
// delete session-data
$query = "
DELETE FROM sessions
WHERE session = '$sessID'
";
$result = $this->mdb2->exec($query);
// if session was not deleted, return false,
if (MDB2::isError($result)) {
$php_errormsg .= $result->getMessage();
$php_errormsg .= $result->getDebugInfo ();
return false;
} else {
// ...else return true
return true;
}
}
function gc($sessMaxLifeTime) {
global $php_errormsg;
// delete old sessions
$query = "
DELETE FROM sessions
WHERE session_expires <
".time();
$result = $this->mdb2->exec($query);
// return affected rows
if (MDB2::isError($result)) {
$php_errormsg .= $result->getMessage();
$php_errormsg .= $result->getDebugInfo ();
}
return $result;
}
}
Permessi di invio
Rispondi quotando