php - PHP 7 中使用 mysql 的自定义会话处理程序
问题描述
我已经在 stackoverflow 上阅读了所有关于 PHP 会话的信息,但它没有帮助。我有一个在 PHP 5.X 上工作的会话类,从那以后我就没有编程了。大约一个月前,我再次开始使用 PHP,但我的会话处理程序无效。拜托,你能帮帮我吗?
<?php
<?php
/*
CREATE TABLE IF NOT EXISTS `sessions` (
`se_id` varchar(50) NOT NULL DEFAULT '',
`se_value` mediumblob,
`se_expires` int(11) unsigned NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE `sessions`
ADD PRIMARY KEY (`se_id`), ADD KEY `se_id` (`se_id`,`se_expires`);
*/
define( "MAXLIFETIME", 86400 );
define( "DSN", "mysql:host=localhost;dbname=demo" );
define( "DB_USER", "root" );
define( "DB_PASS", "whatever..." );
final class MYSession{
protected $_table_name = 'sessions';
protected $_primary_key = 'se_id';
protected $_where = array();
protected $_order_by = 'se_id';
protected $data = array( "se_id" => "",
"se_value" => "",
"se_expires" => ""
);
public $se_id;
public $se_id_old;
public $db;
private $sessionName;
//public $maxlifetime = get_cfg_var("session.gc_maxlifetime");
public $maxlifetime;
private $path;
private $domain;
private $secure;
private $httponly;
public function setParams(){
ini_set( 'session.gc_probability', 1 ) ;
ini_set( 'session.gc_divisor', 100 );
ini_set( "session.use_only_cookies", TRUE );
ini_set( "session.use_trans_sid", FALSE );
ini_set( "session.use_only_cookies", "1" );
ini_set( "session.entropy_file", "1" );
}
public function startSession( $sessionName, $maxlifetime = FALSE, $path = FALSE, $domain = FALSE, $secure = FALSE, $httponly = FALSE ){
$this->setParams();
if( $maxlifetime ){ $this->maxlifetime = $maxlifetime; }
else{ $this->maxlifetime = 0; }
if( $path ){ $this->path = $path; }
else{ $this->path = "/"; }
if( $domain ){ $this->domain = $domain; }
else{ $this->domain = NULL; }
if( $secure ){ $this->secure = $secure; }
else{ $this->secure = isset( $_SERVER[ 'HTTPS' ] ); }
if( $httponly ){ $this->httponly = $httponly; }
else{ $this->httponly = TRUE; }
$this->setSessionCookieData();
$this->sessionName = $sessionName;
session_name( $this->sessionName );
session_set_save_handler(
array( $this, "open" ),
array( $this, "close" ),
array( $this, "read" ),
array( $this, "write" ),
array( $this, "destroy" ),
array( $this, "gc" )
);
session_start();
session_regenerate_id( TRUE );
$this->se_id = session_id();
$this->gc( $this->maxlifetime );
return $this->se_id;
}
public function setSessionCookieData(){
return session_set_cookie_params( $this->maxlifetime, $this->path, $this->domain, $this->secure, $this->httponly );
}
public function getSessionCookieData(){
$sessionCookieDataArray = array();
$sessionCookieDataArray = session_get_cookie_params( );
return $sessionCookieDataArray;
}
//---------------------------------------------------------------------------------------------------
public function __destruct(){ session_write_close(); }
public function newSessid(){ return $this->se_id; }
public function oldSessid(){ return $this->se_id_old; }
public function open( $path, $se_id ){
try{
$this->db = new PDO( DSN, DB_USER, DB_PASS );
$this->db->setAttribute( PDO::ATTR_PERSISTENT, TRUE );
$this->db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
}
catch( PDOException $error ){ echo 'Error: '.$error->getMessage(); }
return TRUE;
}
public function close(){
$this->db = "";
return TRUE;
}
public function read( $se_id ){
$sql = "SELECT se_value FROM ". $this->_table_name. " WHERE se_id = :se_id";
try{
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":se_id", $se_id, PDO::PARAM_STR );
$statement->execute();
$result = $statement->fetch( PDO::FETCH_ASSOC );
}
catch( PDOException $error ){ die( "Unable to access to database read1" ); }
if( !empty( $result[ "se_value" ] ) ){
$sql = "UPDATE ". $this->_table_name. " SET se_expires = UNIX_TIMESTAMP( UTC_TIMESTAMP() ) WHERE se_id = :se_id";
try{
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":se_id", $se_id, PDO::PARAM_STR );
$statement->execute();
}
catch( PDOException $error ){ die( "Unable to access to database read2" ); }
}
return $result[ "se_value" ];
}
public function write( $se_id, $se_val ){
$sql = "SELECT * FROM " . $this->_table_name . " WHERE se_id = :se_id AND se_value = :se_val";
try{
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":se_id", $se_id, PDO::PARAM_STR );
$statement->bindValue( ":se_val", $se_val, PDO::PARAM_STR );
$statement->execute();
if( $statement->fetch() ){
$sql= "UPDATE ". $this->_table_name. " SET se_value = :se_val, se_expires = UNIX_TIMESTAMP( UTC_TIMESTAMP()) WHERE se_id = :se_id";
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":se_id", $se_id, PDO::PARAM_STR );
$statement->bindValue( ":se_val", $se_val, PDO::PARAM_STR );
$statement->execute();
}
else{
$sql = "INSERT INTO ". $this->_table_name. " ( se_id, se_value, se_expires ) VALUES( :se_id, :se_val, UNIX_TIMESTAMP( UTC_TIMESTAMP()) )";
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":se_id", $se_id, PDO::PARAM_STR );
$statement->bindValue( ":se_val", $se_val, PDO::PARAM_STR );
$statement->execute();
}
}
catch( PDOException $error ){ die( "Unable to insert or update database" ); }
}
public function destroy( $se_id ){
$sql = "DELETE FROM ". $this->_table_name. " WHERE se_id = :se_id";
try{
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":se_id", $se_id, PDO::PARAM_STR );
$control_var= $statement->execute();
}
catch( PDOException $error ){ die( "Unable to destroy data in database" ); }
$this->gc( $this->maxlifetime );
return ( $control_var );
}
public function gc( $maxlifetime ){
$sql = "DELETE FROM ". $this->_table_name. " WHERE UNIX_TIMESTAMP( UTC_TIMESTAMP() ) - se_expires > :maxlifetime";
try{
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":maxlifetime", $this->maxlifetime, PDO::PARAM_INT );
$control_var = $statement->execute();
}
catch( PDOException $error ){ die( "Unable to select from database_" ); }
return ( $control_var );
}
public function regenerateId( ){
$this->gc( $this->maxlifetime );
$old_sessid = $this->se_id;
session_regenerate_id( TRUE );
$new_sessid = session_id();
$sql = "UPDATE ". $this->_table_name. " SET se_id = :new_sessid WHERE se_id = :old_sessid";
try{
$statement = $this->db->prepare( $sql );
$statement->bindValue( ":new_sessid", $new_sessid, PDO::PARAM_STR );
$statement->bindValue( ":old_sessid", $old_sessid, PDO::PARAM_STR );
$control_var = $statement->execute();
$this->se_id = $new_sessid;
$this->se_id_old = $old_sessid;
}
catch( PDOException $error ){ die( "Unable to select from database_REGID" ); }
return $new_sessid;
}
//---------------------------------------------------------------------------------------------------
public function destroySession(){
if( ini_get( "session.use_cookies" ) ){
$params = session_get_cookie_params();
setcookie( $this->sessionName, '',
time() - 42000,
$params["path"],
$params["domain"],
$params["secure"],
$params["httponly"]
);
}
$_SESSION[ $this->sessionName ] = array();
unset( $_SESSION[ $this->sessionName ] );
session_unset( $this->sessionName );
session_destroy();
}
public function generateSessionName( $brojZnakova ){
return substr( $this->generateId(), 0, $brojZnakova );
}
//---------------------------------------------------------------------------------------------------
public function generateId(){ //private
$salt = 'x7^!bo3p,.$$!$6[&Q.#,//@i"%[X';
$random_number = mt_rand( 0, mt_getrandmax() );
$ip_address_fragment = md5( substr( $_SERVER['REMOTE_ADDR'], 0, 5 ) );
$timestamp = md5( microtime( TRUE ).time() );
$hash_data = $random_number . $ip_address_fragment . $salt . $timestamp;
$hash = hash( 'sha256', $hash_data ); //'sha256', 'haval160,4', 'md5'
return trim( $hash );
}
}
$newSession = new MYSession();
$newSession->setParams();
$newSession->startSession( 'newSession' );
?>