PHP
  Home arrow PHP arrow Page 6 - Storing PHP Sessions in a Database
Dev Shed Forums 
Administration  
AJAX  
Apache  
BrainDump  
DHTML  
Flash  
Java  
JavaScript  
Multimedia  
MySQL  
Oracle  
Perl  
PHP  
Practices  
Python  
Reviews  
Security  
Style-Sheets  
Web Services  
XML  
Zend  
Zope  
Forums Sitemap 
IBM® developerWorks 
Sun Developer Network 
E-Commerce Hosting 
Linux Web Hosting 
Managed Hosting 
Small Business Hosting 
Moblin 
JMSL Numerical Library 
VPS Hosting 
Weekly Newsletter

 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
PHP

Storing PHP Sessions in a Database
By: Rich Smith
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 32
    2007-05-02

    Table of Contents:
  • Storing PHP Sessions in a Database
  • Why did they fail?
  • Overriding the session storage
  • Opening and closing the session
  • Reading and Writing Session Data
  • Cleaning up the session
  • Putting it all together
  • Finishing it up
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    Storing PHP Sessions in a Database - Cleaning up the session
    (Page 6 of 8 )

    You can't properly have your own session handler without writing code to clean up after yourself.  The last two methods for our class will be the destroy and gc (garbage collection) methods.

    When the session_destroy() function is called, it triggers a call to our destroy method.  Here's a look at the code:

          function destroy( $id ) {

             // Build query
             $newid = mysql_real_escape_string($id);
             $sql = "DELETE FROM `sessions` WHERE `session_id` =
    '$newid'";

             db_query($sql);

             return TRUE;

          }

    The above logic is fairly straightforward.  The destroy method is called, passing the unique session identifier.  We then make a call to delete the record.  Boom, session information no longer exists.

    Periodically, PHP will trigger a garbage collection routine, meant to handle the conditions where people left before the system got a chance to clean up their sessions.  Here's the code:

          function gc() {

             // Garbage Collection

                           

             // Build DELETE query.  Delete all records who have
    passed the expiration time
             $sql = 'DELETE FROM `sessions` WHERE `expires` <
    UNIX_TIMESTAMP();';

             db_query($sql);

             // Always return TRUE
             return true;

          }

    In the above query, we delete all records that are expired, and SHOULD have been deleted by the destroy method, but the method was apparently never called.  This garbage collection could be considered "self-maintenance," and stops you from needing to write a cronjob to keep your sessions table clean.

    Next: Putting it all together >>
     

    More PHP Articles
    More By Rich Smith


       · I actually needed this logic for a recent implementation. I thought my experience...
       · Do people still consider using 'global' to be a good idea? Wouldn't it be better to...
       · Actually, you are correct. My own session class has alot of extra site-specific...
       · Hey, Rich, I'm glad you took the time to put this into an article. It's a really...
       · I require this session after login and encounter following error.Fatal error:...
       · Yes. You need to change the DB logic in the class to use your DB calls, or straight...
       · Sorry but I still don't understand. I created the exact same table "session" like...
       · The db_query() call is a custom db class that my application uses. If you are using...
       · Just a quick glance at the database code illustrated here shows a style that could...
       · disregard that, now I see the escape further up in the call chain. I'm too used to...
       · This article and code is first rate! I ran into this problem today when load...
     
    >>> Post your comment now!

       

    PHP ARTICLES

    - Building a Content Management System with Co...
    - Filters and Login Systems for Web Applicatio...
    - Working with the Email Class in Code Igniter
    - Building Your Own System Tray Application Us...
    - Structuring Your Projects for Web Applicatio...
    - Inserting, Updating and Deleting Database Ro...
    - Building Your Own Desktop Notepad Applicatio...
    - Web Application Security Overview
    - Working with the Active Record Class in Code...
    - Generate PDF Documents with PHP on the Windo...
    - Sending Email with PHP Networking
    - Performing Strict Validation with the Code I...
    - The preg_replace_callback() function in PHP
    - PHP Networking
    - Validating Web Forms with the Code Igniter P...
    Find More PHP Articles




    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 6 hosted by Hostway
    Stay green...Green IT