Session Class

[Aureole]

I'm wanting to create my own Session Class but I'm stuck as to how to go about it. I don't want to download some pre-existing Class and I can't find any tutorials.

 

Normally I just use session_start(), session_register() and session_destroy(). Those are the only 3 Functions I've ever needed.

 

When a user enters their login information, if it's all correct the basically I just do:

 

<?php
// Query here...
$_SESSION['logged_in'] = 1;
$_SESSION['mem_id'] = $result['id'];
$_SESSION['mem_name'] = $result['name'];
?>

 

Anyway, let me outline a few points...

#1: I want to store Sessions in a MYSQL Database.

#2: If the user has Cookies disabled, then I still want the Session to work via the ?sid=... thing, but I've never dealt with that before.

#3: I would like Sessions for Guests. The way I do it now, if you ain't logged in then you don't have a Session; that's something I want to change.

#4: I want to be able to control when Sessions expire.

#5: It'd be nice if Search Engine Bots/Spiders could have separate Sessions to Guests and Members, but it's not really a priority.

 

That's about all I can think of...

 

When it comes to OOP related stuff, I usually go through the source of Invision Power Board. I don't copy their code, I just use it to try and help me learn. I had a look at their Session Class and I have determined that at the bare minimum I need...

 

class session

{

function check_session()

{

}

function retrieve_session()

{

}

function create_guest_session()

{

}

function update_guest_session()

{

}

function create_member_session()

{

}

function update_member_session()

{

}

function load_member()

{

}

function unload_member()

{

}

}

 

Anyway, if anyone has any pointers or can give any advise then it'd be most appreciated.

[trq]

There are certain function that must exist in order to use a database as youre session save handler.

 

Take a look here.

 

On a side note, session_register() has long been depricated and should no longer be used.

[Aureole]

Well I started using $_SESSION['something'] = $var, instead of session_register() a while ago to be honest, I'm assuming that's the (now) correct way?

 

As far as session_set_save_handler() goes, there isn't really that much information there to be honest. The Paramaters open, close, destroy and gc don't even have any information on them. Or are you telling me to look in the User Contributed Notes?

 

Thanks for your reply anyhow, does anyone else have any input?

[trq]

You need to look at both the official example and the user contributed notes, there is planty of information on that page.

[448191]

It's also perfectly possible to avoid the whole session extension, which is my preferred method. Not for the faint hearted, but it allows much more control. As an example, here's my recently revamped Session Registry (untested):

 

<?php
class Backbone_Registry_Session extends Backbone_Registry_Abstract 
implements 
Backbone_Core_Interface_Identifiable,
Backbone_Controller_InputFilter,
Backbone_Controller_OutputFilter
{

const ID_NAME = 'Backbone_Registry_Session_Id';
private $id;
private $idGenerator;
private $expires;
private $staleId = false;
private static $cache = false;

public static function init(
	Backbone_Session_IdGenerator $idGenerator, 
	Backbone_Cache_Abstract $cache
){
	self::$idGenerator = $idGenerator;
	self::$cache = $cache;		
}
public function __construct($expires = INF){
	$this->expires = $expires;
}
public function inputFilter(Backbone_Controller_Request_Http $request){	
	try {
		if(null !== ($this->id = $request->getCookie(self::ID_NAME))){
			$cacheItem = self::$cache->get($this->id);
			$this->setRegisteredObjects($cacheItem->getContents());
		}
		if($cacheItem === null){
			self::$cache->add(new Backbone_Cache_Item($this->getId(), $this, $expires));
		}
		$request->setSession($this);
	}
	catch (Backbone_Cache_Exception $e){
		throw new Backbone_Registry_Exception(
			Backbone_Registry_Exception::MSG_CACHE_FAILURE, $e->getMessage()
		);
	}
}
public function outputFilter(Backbone_Controller_Response_Http $response){
	$response->setCookie(self::ID_NAME, $this->getId(), (int) $this->expires);
	$this->commit();
}
public function getId(){
	if($this->id === null || $this->idIsStale()){
		$this->id = self::$idGenerator->generate();
		$this->setDirty(true);
	}
	return $this->id;
}
public function regenerateId(){
	$this->staleId = true;
}
public function idIsStale(){
	return $this->staleId;
}
public function commit(){
	if($this->isDirty()){
		self::$cache->set(new Backbone_Cache_Item($this->getId(), $this, $this->expires));
		$this->setDirty(false);
	}
}
}
?>

 

Basically you add the Session Registry to your Front Controller's in and output filters. Initializing is done at system init. Instead of having a $_SESSION superglobal, the session data is available through $request->getSession() for the objects that need access to request data. Better encapsulated, more control (for example you can plugin any cache implementation at init time: rdbms - filebased - memcached, etc etc).

[Aureole]

I don't have a clue what's going on there...