Saving a user $_SESSION and recalling it

[markmax33]

Team,

    I have an application that requires a user to answer questions on 8 different forms andthen produce a report at the end.  I am trying to set up a system that allows me to save the user's $_SESSION and allows him to call up his data and revisit his report later.  On the final page of the report I am using this line to create a string and then upload the session string in the database:

 

$string_session = session_encode();

 

I am able successfully get the data into the MYSQL database.  My issue arrises and I try to recall the data at the front end of the application.  I need to give the user an option to allow the user to actually pull it back up it isn't doing what I expect!

 

session_decode ($session_string);

 

The session makes it back into the web browser properly.  But I am unclear as to how I am supposed to register session variables and things like that after I decode the session.  I also think I need to reset the session before I decode it so I have a clean session.  Is the correct order:

1.  clean the session with:

$_SESSION = array(); if(isset($_COOKIE[session_name()])) {

        setcookie(session_name(), '', time()-42000, '/');

      } session_destroy(); 

 

2.  register session variables

3.  session_decode 

 

Is session_set_save_handler()  better?  Does anyone have any good examples with mysql database connection?

 

[genericnumber1]

you would just get it from the database and run session_decode().. something like

 

$session = session_encode();
mysql_query("INSERT INTO table ('session') VALUES ('$session')");

 

and then something like

 

$result = mysql_query("SELECT session FROM table WHERE something);
$session = mysql_fetch_assoc($result);
session_decode($session['session']);

 

Not that I'm a fan of the session_encode() and decode() functions.

[markmax33]

Is Is session_set_save_handler()  the best way to do it?  When you session_decode does it autmatically register session variables?

[genericnumber1]

yes, that is what session_decode() does (don't know what you thought it did ).

 

session_set_save_handler() replaces your whole session handler, with session_encode() and decode() going into/out of a database you're using the default session handler and just saving the data between browser sessions. There is a way to use session_set_save_handler() to save people's data in a database between browser sessions, but it is more complicated requiring you to write 6 different functions to handle other parts of session handling as well as saving browser sessions.

[markmax33]

I understood session_decode would put the variable back into memory, it just wasn't working as I expected.  That's why I was curious if it also registered the variables.  I guess the answer is that session decode will overwrite all existing variables in the memory or add on to the end of arrays if they are present.