Home arrow PHP arrow Page 4 - Using Session Handling Objects to Maintain the State of Applications with PHP Sessions

Coding the session handling class - PHP

Here you have it. The tutorial that you were waiting for! Welcome to the concluding part of the series “Maintaining the state of applications with PHP sessions.” In several tutorials, this series goes through the key points of managing sessions in PHP, and explores some of their most advanced features, such as developing user-defined session storage modules and using session handling objects.

  1. Using Session Handling Objects to Maintain the State of Applications with PHP Sessions
  2. A procedural implementation of the “session_set_save_handler()” function
  3. Developing an object-oriented session management module
  4. Coding the session handling class
By: Alejandro Gervasio
Rating: starstarstarstarstar / 27
May 10, 2006

print this article



Since I already defined the structure of the pertinent session handling class, specifically writing each of its methods is just a matter of translating the callback functions defined for the procedural session handling approach into class methods. Even when I’m pretty sure that you know how the complete class will look, I’ll do most of the hard work for you. Please, take a look at the definition of this class:

class SessionHandler {
    function SessionHandler(){

    function openSession($sessionPath,$sessionName){
        return true;
    function closeSession(){
        return true;
    function readSession($sessionId){
        global $db;
        // escape session ID
        $result=$db->query("SELECT sessiondata FROM sessions
WHERE sessionid='$sessionId' AND expiry > NOW()");
            return $row['sessiondata'];
        // return empty string
        return "";
    function writeSession($sessionId,$sessionData){
        global $db;
        // escape session ID & session data
        $result=$db->query("SELECT sessionid FROM sessions WHERE
        // check if a new session must be stored or an existing
one must be updated 
        ($result->countRows()>0)?$db->query("UPDATE sessions SET
'$sessionData'WHERE sessionid='$sessionId'"):$db->query("INSERT
INTO sessions(sessionid,expiry,sessiondata) VALUES
        return true;
    function destroySession($sessionId){
        global $db;
        // escape session ID
        $db->query("DELETE FROM sessions WHERE
        return true;
    function gcSession($maxlifetime){
        global $db;
        $db->query("DELETE FROM sessions WHERE expiry < NOW()");
        return true;

As you can see, the above class now includes each of the previous callback functions directly as methods, which maintain the same original definition. Of course, the most important thing to note here is the inclusion of the “session_set_save_handler()” function inside the class constructor, and the corresponding registration of each method to be appropriately called.

In this case, the “session_set_save_handler()” function accepts an input array, containing both a self reference to the “SessionHandler” object (represented by the &$this pointer) and the name of the callback method to be used. The following expression illustrates this condition:


Now that you know how the “SessionHandler” class looks, here’s a simple implementation of it, using the pair of additional MySQL processing classes shown before:

// include classes
require_once 'mysqlclass.php';
require_once 'resultclass.php';
// connect to MySQL
$db=&new MySQL(array('host'=>'localhost','user'=>'user',
// instantiate new 'SessionHandler' object
$sessionHandler=&new SessionHandler;
// register some session variables

That’s it. The above script demonstrates how to integrate a “SessionHandler” object with the other MySQL processing classes, in order to implement a MySQL-driven session management module. Notice that after instantiating a new session handler object, the session is started normally, by the “session_start()” function, as one would expect using flat files. Definitely, the above source code now looks very compact and readable, since all the hard work for managing sessions is done behind the scenes, by the methods of the useful “SessionHandler” class.

At this point, you hopefully learned how to create a session handling class, which encapsulates all the required methods for implementing a MySQL-based session management module. However, due to their versatility, the methods can be easily rewritten, in order to use another RDBMS. As with most things in Web programming, this will depend on your own development requirements.

To wrap up

Unfortunately, this series has now concluded. Over its different parts, I covered the most relevant aspects of session management in PHP, starting out with the basics of how to create, use and destroy sessions, and additionally explaining the correct implementation of advanced functions, such as “session_set_save_handler()”, which can be used to develop custom session modules, similar to the one I built before.

I hope you find the material I provided you in this series to be useful, so you can use it for extending the boundaries of your grounding in PHP sessions. Meet you in the next PHP series!

>>> More PHP Articles          >>> More By Alejandro Gervasio

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates


Dev Shed Tutorial Topics: