But There's More Than One Way To Skin A Cat... - PHP

Need to build an online shopping cart in a hurry? This articletakes a look at session management, an important component oftransaction-based Web sites, and explains the fundamentals of addingsession support to your site. Examples in PHP4 and PHP3 with PHPLib.

TABLE OF CONTENTS:

By: Vikram Vaswani and Harish Kamath, (c) Melonfire

Poor Best

Rating:

/ 2

May 02, 2000

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

Of course, if your Web server is still running PHP3, you're not going to be able to use any of the code provided thus far. But don't despair - there does exist an alternate solution for PHP3 users. It's called PHPLIB, and it provides a number of useful PHP classes that allow you to add session management capabilities to PHP3. Installation instructions are available in the package, and you'll also need to modify the "local.inc" configuration file to create your own classes.

As in PHP4, you need to call a predefined page_open() function each time you initiate a session. PHPLIB comes with a default session class named Example_Session - you can modify this by changing the values in the "local.inc" file - which is what we've used in the following example:

<?php
page_open(array("sess" => "Example_Session"));
?>

It's important that the page_open() call happen before any output is sent to the browser. And in order to register your session variables, the following statement will do the job.

<?php
// initiate a session
page_open(array("sess" => "Example_Session"));
// register a variable for the session.
$sess->register('username');
?>

Each page must also have a corresponding page_close() function, which is used to make sure that all changes are saved to the database.

<?php
page_close();
?>

Other than this, most of your code stays the same. Take a look at this PHPLIB version of the previous example:

<?php
//initiate a session
page_open(array("sess" => "Custom_Session"));
// register the session variables - note the syntax
$sess->register('username');
$sess->register('stock1');
$sess->register('stock2');
$sess->register('stock3');
$sess->register('stock4');
// connect to MySQL
$db = mysql_connect("someserver.com", "tom", "jones");
// select database on MySQL server
mysql_select_db("stock_db",$db);
// query database using SQL
$query = "select stock_pref1,stock_pref2,stock_pref3,stock_pref4 from
user_info where username='$username'";
$result = mysql_query($query,$db);
// get stock symbols from database
// and assign to session variables
list($stock1,$stock2,$stock3,$stock4) = mysql_fetch_row($result);
// output
echo "Hi $username!<br>";
echo "Your selected stocks are:<br>";
echo "$stock1<br>";
echo "$stock2<br>";
echo "$stock3<br>";
echo "$stock4<br>";
// code to generate rest of page
// save data back to database
page_close();
?>

As you can see, once you've got the hang of the PHP4 version, it's not too difficult to understand the PHPLIB version - not at all strange when you consider that the native session support in PHP4 is heavily based on the PHPLIB model. And if you're interested, PHPLIB actually takes session management much further with its authentication and permission classes, which allow you to grant or deny access to users based on permissions in a database - take a look at the documentation for examples on how to use these features.

PHPLIB also comes with some interesting built-in functions.

unregister(variable)
Allow you to de-register the variables from a particular session. Note that in this case, the variable is not deleted, though its value will be lost at the end of a page, as it is no longer saved to the database.

<?php
page_open(array("sess" => "Example_Session"));
// register a variable
$sess->register('username');
// check whether or not it has been registered
if($sess->is_registered('username'))
{
echo "Variable \"username\" is registered!<br>";
}
else
{
echo "Variable \"username\" is unregistered!<br>";
}
// unregister a variable
$sess->unregister('username');
// check whether or not it has been unregistered
if($sess->is_registered('username'))
{
echo "Variable \"username\" is registered!<br>";
}
else
{
echo "Variable \"username\" is unregistered!<br>";
}
page_close();
?>

is_registered(variable)
Returns true if the variable is registered with the session, false otherwise.

<?php
page_open(array("sess" => "Example_Session"));
if($sess->is_registered('username'))
{
echo "A session variable by the name \"username\" already exists";
}
else
{
$sess->register('username');
}
page_close();
?>

delete()
Destroy the current session.

An interesting point to be noted here: In PHPLIB's cookie mode, it's possible to start a new session after the delete() function has been called, set a new cookie on the client, and even re-register some of the previous session variables - essentially changing the session on the fly. Of course, if you do things like this, you need to get yourself a life...fast!

url($url)
Allows you to redirect users to a new page.

self_url()
Returns a URL referencing the current page, including PHP_SELF and QUERY_STRING information.{mospagebreak title=The Patient Has Left The Building}

Patient: Wow, Doc - that was fantastic! Thanks so much for straightening me out!

Psychiatrist: No problem at all, Victor. I'm glad I could help. Are you feeling better now?

Patient: Oh, definitely! When I first came in, the whole day looked gray and depressing - now, the view from this penthouse window has never looked better...

Psychiatrist: Ummm...Victor...I'd be careful out there if I were you. The railing's a little weak, and it might not be safe to go out there.

Patient: Not to worry, Doc - on a day like this, I feel invinc...Aaargh!!!!