Using Advanced Functions to Maintain the State of Applications with PHP Sessions - Getting the MySQL-based session module complete: listing MySQL processing classes
(Page 4 of 4 )
As I promised, here’s the source code for the couple of MySQL processing classes used within the definition of the prior callback functions:
class MySQL {
var $conId; // connection identifier
var $host; // MySQL host
var $user; // MySQL username
var $password; // MySQL password
var $database; // MySQL database
// constructor
function MySQL($options=array()){
// validate incoming parameters
if(count($options)>0){
foreach($options as $parameter=>$value){
if(empty($value)){
trigger_error('Invalid parameter
'.$parameter,E_USER_ERROR);
}
$this->{$parameter}=$value;
}
// connect to MySQL
$this->connectDB();
}
else {
trigger_error('No connection parameters were
provided',E_USER_ERROR);
}
}
// connect to MYSQL server and select database
function connectDB(){
if(!$this->conId=mysql_connect($this->host,$this-
>user,$this->password)){
trigger_error('Error connecting to the
server',E_USER_ERROR);
}
if(!mysql_select_db($this->database,$this->conId)){
trigger_error('Error selecting
database',E_USER_ERROR);
}
}
// perform query
function query($query){
if(!$this->result=mysql_query($query,$this->conId)){
trigger_error('Error performing query
'.$query,E_USER_ERROR);
}
// return new Result object
return new Result($this,$this->result);
}
}
class Result {
var $mysql; // instance of MySQL object
var $result; // result set
function Result(&$mysql,$result){
$this->mysql=&$mysql;
$this->result=$result;
}
// fetch row
function fetchRow(){
return mysql_fetch_array($this->result,MYSQL_ASSOC);
}
// count rows
function countRows(){
if(!$rows=mysql_num_rows($this->result)){
return false;
}
return $rows;
}
// count affected rows
function countAffectedRows(){
if(!$rows=mysql_affected_rows($this->mysql->conId)){
trigger_error('Error counting affected
rows',E_USER_ERROR);
}
return $rows;
}
// get ID from last inserted row
function getInsertID(){
if(!$id=mysql_insert_id($this->mysql->conId)){
trigger_error('Error getting ID',E_USER_ERROR);
}
return $id;
}
// seek row
function seekRow($row=0){
if(!mysql_data_seek($this->result,$row)){
trigger_error('Error seeking data',E_USER_ERROR);
}
}
function getQueryResource(){
return $this->result;
}
}
Right. Now that I showed you the pair of MySQL processing classes used by the previous callback functions, let me set up an example which implements this user-defined session storage system, by the respective “session_set_save_handler()” function. Have a look at the code listed below:
// include classes
require_once 'mysqlclass.php';
require_once 'resultclass.php';
// connect to MySQL
$db=&new MySQL(array
('host'=>'localhost','user'=>'user','password'=>'password',
'database'=>
'database'));
// use 'session_set_save_handler function'
session_set_save_handler
('openSession','closeSession','readSession','writeSession',
'destroySession',
'gcSession');
session_start();
// register some session variables
$_SESSION['firstname']='Alejandro';
$_SESSION['lastname']='Gervasio';
That’s it. After connecting to MySQL, the above script uses the “session_set_save_handler()” in order to register all the callback functions that you saw before, and as a result, all the session data will be stored in a sample “sessions” database table. By tweaking the correct session settings within the php.ini file, in conjunction with implementing this MySQL-driven session storage module, it’s possible to construct a more efficient and secure session management mechanism than the one provided as default by PHP. As you’ve seen, the experience can be instructive and educational, so why don’t you try it for yourself?
Wrapping up
That’s all for the moment. Over this second part of the series, I explored the powerful “session_save_path()” and “session_set_save_handler()” functions. Particularly, this last function can be extremely helpful for developing a custom session management system that uses a MySQL database table for storing session-related data, instead of conventional flat files.
Since this approach is used in many situations where a personalized session storage mechanism is preferred over the default offered by PHP, in the last article, I’ll encapsulate all the pertinent callback functions defined before within a class. In this way, the entire session handling process can be centralized at only one handler object. Therefore, don’t miss the next part!
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
|
| · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | · | | | | |
|
