Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    May 2006
    Posts
    152
    Thanks
    5
    Thanked 0 Times in 0 Posts

    Custom session script

    Hello,

    I have written a custom session script, but the functions are not working. The session is added to the database, but that is all done outside of the functions itself, when the page loads. Everything is contained in one script and is fairly well commented. I have posted the script below. If anyone has the time could you please look over the script and/or functions for me and tell me whats wrong with this thing?? I've been at it for at least two hours and it is not working. The session is started and the handlers declared right after the functions are defined.

    Code:
    <?php
    /*
      Session Handeling Script
      Called at the beginning of each page to manage sessions
      
      MySQL Table:
      CREATE TABLE  `framework`.`sessions` (
      `sid` varchar(32) NOT NULL,
      `uid` mediumint(8) unsigned NOT NULL default '0',
      `ses_start` datetime NOT NULL,
      `last_active` datetime NOT NULL,
      `last_sid_regen` datetime NOT NULL,
      `page` varchar(200) NOT NULL,
      `ip_addr` varchar(12) NOT NULL,
      `data` text NOT NULL,
      PRIMARY KEY  (`sid`)) ENGINE=InnoDB DEFAULT CHARSET=latin1;
    */
    
    
    
    /*
      Regenerates Session ID
      Returns it in MD5 form
    */
    function ses_regen_id() {
    	
    	session_regenerate_id();
    	return md5( session_id() );
    }
    
    
    /* Session Handler Functions */
    
    /*
      Session Open Function - Returns True
      Not needed for anything
      session_start()
    */
    function ses_open( $path, $name ) {
    	
    	return true;
    	/* $result = db_query(  "SELECT sid FROM {session} WHERE sid='" . md5(session_id()) . "'" );
    	
    	if ( db_num_rows( $result ) != 1 ) {
    			$query = "INSERT INTO {session} ( sid,  ses_start, last_active, last_sid_regen ) VALUES" . 
    		" ( MD5('" . session_id() . "'), '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "')";
    		
    		if ( db_query ( $query ) ) {
    			return true;
    		} else {
    			return false;
    		}
    	} else {
    		return true;
    	} */
    		
    }
    
    /*
      Used to call the garbage collect function
    */
    function ses_close() {
    	ses_gc(0);
    }
    
    /*
      Reads session value
      $_SESSION[VALUE];
    */
    function ses_read( $sesID ) {
    	$query = "SELECT data FROM {session} WHERE sid='" . md5($sesID) . "'";
    	
    	$result = db_query( $query );
    	
    	if ( !$result ) {
    		return '';
    	}
    	
    	if ( db_num_rows( $result ) > 0 ) {
    		$ses_data = db_fetch_array( $result );
    		
    		return $ses_data['data'];
    	
    	} else {
    		return '';
    	}
    }
    
    /*
      Writes session variable
      $_SESSION[VAR] = VALUE;
    */
    function ses_write( $sesID, $data ) {
    	$result = db_query( "UPDATE {session} SET data='" . $data ."' WHERE sid='" . md5($sesID) . "'" );
    
    	// Query failed
    	if ( !$result ) {
    		return false;
    	}
    	
    	// Any rows were affected (data write worked)
    	if ( db_affected_rows() ) {
    		return true;
    	} else {
    		return false;
    	}
    }
    
    /*
      Deletes session
      session_destroy();
    */
    function ses_destroy( $sesID ) {
    	$result = db_query ( "DELETE FROM {session} WHERE sid='" . md5($sesID) . "'" );
    	
    	if ( !$result ) {
    		return false;
    	} else {
    		return true;
    	}
    }
    
    /*
      Deletes all expired sessions 30 minutes old
      And that haven't been active in 10 minutes
      PHP INI setting = session.gc_probability
      We call it with ses_close();
      Also called at beginning of each page
    */
    function ses_gc( $life ) {
    	$result = @db_query ( "DELETE FROM {session} WHERE TIMESTAMPDIFF( MINUTE, ses_start, CURRENT_TIMESTAMP ) >= 60 AND TIMESTAMPDIFF( MINUTE, last_active, CURRENT_TIMESTAMP ) >= 20");
    	
    	if ( $result ) {
    		return true;
    	} else {
    		return false;
    	}
    }
    
    session_set_save_handler ( "ses_open", "ses_close", "ses_read", "ses_write", "ses_destroy", "ses_gc" );
    
    session_start();
    
    // Some config vars
    $ses_regen_time = 120; // 2 Minutes
    
    // Get session data
    $ses_data_result = db_query ( "SELECT * FROM  {session} WHERE sid='" . md5(session_id()) . "'" );
    
    // Declare $ses_expired var
    // We'll assume it's expired and change it only if it hasn't
    $ses_expired = true;
    
    // Is session in DB
    if ( db_num_rows( $ses_data_result ) == 1 ) {
    	
    	// Make session data array and set some vals for expire check in common.php
    	$ses_data = db_fetch_array( $ses_data_result );
    	$_SESSION['ses_last_active'] = getTimestamp( $ses_data['last_active'] );
    	$_SESSION['ses_start'] = getTimestamp( $ses_data['ses_start'] );
    	
        $old_sid = session_id();
        
        // Does SID need to be regenerated
        
        $time = time();
        $ses_last_sid_regen = getTimestamp( $ses_data['last_sid_regen'] );
        
        // Does the SID need to be regnereated
        if ( $time - $ses_regen_time  >= $ses_last_sid_regen  ) {
        	$new_sid = ses_regen_id();
        	
        	$regen_sql = ", sid='" . $new_sid . "' ";
        } else {
        	$regen_sql = " ";
        }    
        
        // Is the account ID (aid) in the database?
        if ( $ses_data['aid'] == 0 && isset($_SESSION['aid']) ) {
        	$aid_sql = " aid=" . $_SESSION['aid'];
        } else {
        	$aid_sql = "";
        }
        
        // Defualt session template check
        if ( !isset($_SESSION['sets']['template']) ) {
    		$_SESSION['sets']['template'] = "mfs";
    	}
        
        // Update Session Info
        $page_url = substr($_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'], 0, 200);
        $data_query = "UPDATE {session} SET" . $aid_sql . " last_active='" . getMysqlDatetime() . "', page='" . $page_url . "'" . $regen_sql . "WHERE sid='" . md5($old_sid) . "'";
        db_query ( $data_query );
        
    	
    } else {
    	// Add New Session
    	$query = "INSERT INTO {session} ( sid,  ses_start, last_active, last_sid_regen ) VALUES" . 
    	" ( MD5('" . session_id() . "'), '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "', '" . getMysqlDatetime() . "')";
    	
    	db_query ( $query );
    	
    	// If default template is not set, set it
    	if ( !isset($_SESSION['sets']['template']) ) {
    		$_SESSION['sets']['template'] = "mfs";
    	}
    	// Some other session vars
    	$_SESSION['ses_last_active'] = time();
    	$_SESSION['ses_start'] = time();
    
    }
    
    // Run garbage collection
    ses_gc(0);
    
    ?>
    Any help is greatly appreciated.

    Thank you!

    FuZion

  • #2
    Senior Coder rafiki's Avatar
    Join Date
    Aug 2006
    Location
    Floating around somewhere...
    Posts
    2,046
    Thanks
    19
    Thanked 42 Times in 42 Posts
    are you sure the session is being started?
    also you define your function but do you call it?

  • #3
    Regular Coder
    Join Date
    May 2006
    Posts
    152
    Thanks
    5
    Thanked 0 Times in 0 Posts
    Yes I am sure; the session is started and the functions called with these lines:
    Code:
    session_set_save_handler ( "ses_open", "ses_close", "ses_read", "ses_write", "ses_destroy", "ses_gc" );
    
    session_start();
    The functions are called with the regular session functions ie session_start, session_destroy $_SESSION['xx'] = "xxxxx".

    But something is wrong with the functions, they are not saving the data to the database. My MySQL table structure is at the top of script, commentedin there.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •