PHP Session Class and $_SESSION Array

Posted by Gianluca Bargelli on Stack Overflow See other posts from Stack Overflow or by Gianluca Bargelli
Published on 2010-01-05T12:48:14Z Indexed on 2010/05/12 14:54 UTC
Read the original article Hit count: 253

Filed under:
|
|
|

Hello, i've implemented this custom PHP Session Class for storing sessions into a MySQL database:

class Session
{
    private $_session;
    public $maxTime;
    private $database;
    public function __construct(mysqli $database)
    {
        $this->database=$database;
        $this->maxTime['access'] = time();
        $this->maxTime['gc'] = get_cfg_var('session.gc_maxlifetime');

        session_set_save_handler(array($this,'_open'),
                array($this,'_close'),
                array($this,'_read'),
                array($this,'_write'),
                array($this,'_destroy'),
                array($this,'_clean')
                );

        register_shutdown_function('session_write_close');

        session_start();//SESSION START

    }

    public function _open()
    {
        return true;
    }

    public function _close()
    {
        $this->_clean($this->maxTime['gc']);
    }

    public function _read($id)
    {
        $getData= $this->database->prepare("SELECT data FROM 
                                            Sessions AS Session
                                            WHERE Session.id = ?");
        $getData->bind_param('s',$id);
        $getData->execute();

        $allData= $getData->fetch();
        $totalData = count($allData);
        $hasData=(bool) $totalData >=1;

        return $hasData ? $allData['data'] : '';
    }

    public function _write($id, $data)
    {
        $getData = $this->database->prepare("REPLACE INTO
            Sessions
            VALUES (?, ?, ?)");
        $getData->bind_param('sss', $id, $this->maxTime['access'], $data);

        return $getData->execute();
    }

    public function _destroy($id)
    {
        $getData=$this->database->prepare("DELETE FROM
            Sessions
            WHERE id = ?");
        $getData->bind_param('S', $id);
        return $getData->execute();
    }

    public function _clean($max)
    {
        $old=($this->maxTime['access'] - $max);

        $getData = $this->database->prepare("DELETE FROM Sessions WHERE access < ?");
        $getData->bind_param('s', $old);
        return $getData->execute();
    }
}

It works well but i don't really know how to properly access the $_SESSION array: For example:

$db=new DBClass();//This is a custom database class
$session=new Session($db->getConnection());
if (isset($_SESSION['user']))
{
    echo($_SESSION['user']);//THIS IS NEVER EXECUTED!
}
else
{
    $_SESSION['user']="test";
    Echo("Session created!");
}

At every page refresh it seems that $_SESSION['user'] is somehow "resetted", what methods can i apply to prevent such behaviour?

© Stack Overflow or respective owner

Related posts about php

Related posts about php5