Getting the MySQL-based session module complete: listing MySQL processing classes - PHP

Here we are again. This is part two of the series “Maintaining the state of applications with PHP sessions." In three parts, this series ranges from the basics of session management in PHP, such as creating, registering session data, and destroying sessions, to exploring advanced concepts, like working with different session storage modules and creating custom session handling objects.

TABLE OF CONTENTS:

Using Advanced Functions to Maintain the State of Applications with PHP Sessions
Tweaking the PHP session storage module: using the “session_set_save_handler ()” function
Going deeper into PHP session management: creating a MySQL-based session storage module
Getting the MySQL-based session module complete: listing MySQL processing classes

By: Alejandro Gervasio

Poor Best

Rating:

/ 12

May 03, 2006

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

As I promised, here’s the source code for the couple of MySQL processing classes used within the definition of the prior callback functions:

class MySQL {
    var $conId; // connection identifier
    var $host; // MySQL host
    var $user; // MySQL username
    var $password; // MySQL password
    var $database; // MySQL database
    // constructor
    function MySQL($options=array()){
        // validate incoming parameters
        if(count($options)>0){
            foreach($options as $parameter=>$value){
                if(empty($value)){
                    trigger_error('Invalid parameter
'.$parameter,E_USER_ERROR);
                }
                $this->{$parameter}=$value;
            }
            // connect to MySQL
            $this->connectDB();
        }
        else {
            trigger_error('No connection parameters were
provided',E_USER_ERROR);
        }
    }
    // connect to MYSQL server and select database
    function connectDB(){
        if(!$this->conId=mysql_connect($this->host,$this-
>user,$this->password)){
            trigger_error('Error connecting to the
server',E_USER_ERROR);
        }
        if(!mysql_select_db($this->database,$this->conId)){
            trigger_error('Error selecting
database',E_USER_ERROR);
        }
    }
    // perform query
    function query($query){
        if(!$this->result=mysql_query($query,$this->conId)){
            trigger_error('Error performing query
'.$query,E_USER_ERROR);
        }
        // return new Result object
        return new Result($this,$this->result);
    }
}

class Result {
    var $mysql; // instance of MySQL object
    var $result; // result set
    function Result(&$mysql,$result){
        $this->mysql=&$mysql;
        $this->result=$result;
    }
    // fetch row
    function fetchRow(){
        return mysql_fetch_array($this->result,MYSQL_ASSOC);
    }
    // count rows
    function countRows(){
        if(!$rows=mysql_num_rows($this->result)){
            return false;
        }
        return $rows;
    }
    // count affected rows
    function countAffectedRows(){
        if(!$rows=mysql_affected_rows($this->mysql->conId)){
            trigger_error('Error counting affected
rows',E_USER_ERROR);
        }
        return $rows;
    }
    // get ID from last inserted row
    function getInsertID(){
        if(!$id=mysql_insert_id($this->mysql->conId)){
            trigger_error('Error getting ID',E_USER_ERROR);
        }
        return $id;
    }
    // seek row
    function seekRow($row=0){
        if(!mysql_data_seek($this->result,$row)){
            trigger_error('Error seeking data',E_USER_ERROR);
        }
    }
    function getQueryResource(){
        return $this->result;
    }
}

Right. Now that I showed you the pair of MySQL processing classes used by the previous callback functions, let me set up an example which implements this user-defined session storage system, by the respective “session_set_save_handler()” function. Have a look at the code listed below:

// include classes
require_once 'mysqlclass.php';
require_once 'resultclass.php';
// connect to MySQL
$db=&new MySQL(array
('host'=>'localhost','user'=>'user','password'=>'password',
'database'=>
'database'));
// use 'session_set_save_handler function'
session_set_save_handler
('openSession','closeSession','readSession','writeSession',
'destroySession',
'gcSession');
session_start();
// register some session variables
$_SESSION['firstname']='Alejandro';
$_SESSION['lastname']='Gervasio';

That’s it. After connecting to MySQL, the above script uses the “session_set_save_handler()” in order to register all the callback functions that you saw before, and as a result, all the session data will be stored in a sample “sessions” database table. By tweaking the correct session settings within the php.ini file, in conjunction with implementing this MySQL-driven session storage module, it’s possible to construct a more efficient and secure session management mechanism than the one provided as default by PHP. As you’ve seen, the experience can be instructive and educational, so why don’t you try it for yourself?

Wrapping up

That’s all for the moment. Over this second part of the series, I explored the powerful “session_save_path()” and “session_set_save_handler()” functions. Particularly, this last function can be extremely helpful for developing a custom session management system that uses a MySQL database table for storing session-related data, instead of conventional flat files.

Since this approach is used in many situations where a personalized session storage mechanism is preferred over the default offered by PHP, in the last article, I’ll encapsulate all the pertinent callback functions defined before within a class. In this way, the entire session handling process can be centralized at only one handler object. Therefore, don’t miss the next part!