...

View Full Version : Custom session script



FuZion
08-14-2007, 04:16 AM
Hello,

I have written a custom session script, but the functions are not working. The session is added to the database, but that is all done outside of the functions itself, when the page loads. Everything is contained in one script and is fairly well commented. I have posted the script below. If anyone has the time could you please look over the script and/or functions for me and tell me whats wrong with this thing?? I've been at it for at least two hours and it is not working. The session is started and the handlers declared right after the functions are defined.


<?php
/*
Session Handeling Script
Called at the beginning of each page to manage sessions

MySQL Table:
CREATE TABLE `framework`.`sessions` (
`sid` varchar(32) NOT NULL,
`uid` mediumint(8) unsigned NOT NULL default '0',
`ses_start` datetime NOT NULL,
`last_active` datetime NOT NULL,
`last_sid_regen` datetime NOT NULL,
`page` varchar(200) NOT NULL,
`ip_addr` varchar(12) NOT NULL,
`data` text NOT NULL,
PRIMARY KEY (`sid`)) ENGINE=InnoDB DEFAULT CHARSET=latin1;
*/



/*
Regenerates Session ID
Returns it in MD5 form
*/
function ses_regen_id() {

session_regenerate_id();
return md5( session_id() );
}


/* Session Handler Functions */

/*
Session Open Function - Returns True
Not needed for anything
session_start()
*/
function ses_open( $path, $name ) {

return true;
/* $result = db_query( "SELECT sid FROM {session} WHERE sid='" . md5(session_id()) . "'" );

if ( db_num_rows( $result ) != 1 ) {
$query = "INSERT INTO {session} ( sid, ses_start, last_active, last_sid_regen ) VALUES" .
" ( MD5('" . session_id() . "'), '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "')";

if ( db_query ( $query ) ) {
return true;
} else {
return false;
}
} else {
return true;
} */

}

/*
Used to call the garbage collect function
*/
function ses_close() {
ses_gc(0);
}

/*
Reads session value
$_SESSION[VALUE];
*/
function ses_read( $sesID ) {
$query = "SELECT data FROM {session} WHERE sid='" . md5($sesID) . "'";

$result = db_query( $query );

if ( !$result ) {
return '';
}

if ( db_num_rows( $result ) > 0 ) {
$ses_data = db_fetch_array( $result );

return $ses_data['data'];

} else {
return '';
}
}

/*
Writes session variable
$_SESSION[VAR] = VALUE;
*/
function ses_write( $sesID, $data ) {
$result = db_query( "UPDATE {session} SET data='" . $data ."' WHERE sid='" . md5($sesID) . "'" );

// Query failed
if ( !$result ) {
return false;
}

// Any rows were affected (data write worked)
if ( db_affected_rows() ) {
return true;
} else {
return false;
}
}

/*
Deletes session
session_destroy();
*/
function ses_destroy( $sesID ) {
$result = db_query ( "DELETE FROM {session} WHERE sid='" . md5($sesID) . "'" );

if ( !$result ) {
return false;
} else {
return true;
}
}

/*
Deletes all expired sessions 30 minutes old
And that haven't been active in 10 minutes
PHP INI setting = session.gc_probability
We call it with ses_close();
Also called at beginning of each page
*/
function ses_gc( $life ) {
$result = @db_query ( "DELETE FROM {session} WHERE TIMESTAMPDIFF( MINUTE, ses_start, CURRENT_TIMESTAMP ) >= 60 AND TIMESTAMPDIFF( MINUTE, last_active, CURRENT_TIMESTAMP ) >= 20");

if ( $result ) {
return true;
} else {
return false;
}
}

session_set_save_handler ( "ses_open", "ses_close", "ses_read", "ses_write", "ses_destroy", "ses_gc" );

session_start();

// Some config vars
$ses_regen_time = 120; // 2 Minutes

// Get session data
$ses_data_result = db_query ( "SELECT * FROM {session} WHERE sid='" . md5(session_id()) . "'" );

// Declare $ses_expired var
// We'll assume it's expired and change it only if it hasn't
$ses_expired = true;

// Is session in DB
if ( db_num_rows( $ses_data_result ) == 1 ) {

// Make session data array and set some vals for expire check in common.php
$ses_data = db_fetch_array( $ses_data_result );
$_SESSION['ses_last_active'] = getTimestamp( $ses_data['last_active'] );
$_SESSION['ses_start'] = getTimestamp( $ses_data['ses_start'] );

$old_sid = session_id();

// Does SID need to be regenerated

$time = time();
$ses_last_sid_regen = getTimestamp( $ses_data['last_sid_regen'] );

// Does the SID need to be regnereated
if ( $time - $ses_regen_time >= $ses_last_sid_regen ) {
$new_sid = ses_regen_id();

$regen_sql = ", sid='" . $new_sid . "' ";
} else {
$regen_sql = " ";
}

// Is the account ID (aid) in the database?
if ( $ses_data['aid'] == 0 && isset($_SESSION['aid']) ) {
$aid_sql = " aid=" . $_SESSION['aid'];
} else {
$aid_sql = "";
}

// Defualt session template check
if ( !isset($_SESSION['sets']['template']) ) {
$_SESSION['sets']['template'] = "mfs";
}

// Update Session Info
$page_url = substr($_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'], 0, 200);
$data_query = "UPDATE {session} SET" . $aid_sql . " last_active='" . getMysqlDatetime() . "', page='" . $page_url . "'" . $regen_sql . "WHERE sid='" . md5($old_sid) . "'";
db_query ( $data_query );


} else {
// Add New Session
$query = "INSERT INTO {session} ( sid, ses_start, last_active, last_sid_regen ) VALUES" .
" ( MD5('" . session_id() . "'), '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "')";

db_query ( $query );

// If default template is not set, set it
if ( !isset($_SESSION['sets']['template']) ) {
$_SESSION['sets']['template'] = "mfs";
}
// Some other session vars
$_SESSION['ses_last_active'] = time();
$_SESSION['ses_start'] = time();

}

// Run garbage collection
ses_gc(0);

?>

Any help is greatly appreciated.

Thank you!

FuZion

rafiki
08-14-2007, 10:58 AM
are you sure the session is being started?
also you define your function but do you call it?

FuZion
08-14-2007, 01:37 PM
Yes I am sure; the session is started and the functions called with these lines:
session_set_save_handler ( "ses_open", "ses_close", "ses_read", "ses_write", "ses_destroy", "ses_gc" );

session_start();

The functions are called with the regular session functions ie session_start, session_destroy $_SESSION['xx'] = "xxxxx".

But something is wrong with the functions, they are not saving the data to the database. My MySQL table structure is at the top of script, commentedin there.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum