Location: PHPKode > scripts > MySessions > mysessions/mysessions.class.php
<?php
#    MySessions v1.0 - MySQL Based Sessions
#    Copyright (C) 2008  João Romão - iceburn.info
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.


/**
 * MySessions v1.0
 * 
 * @package MySQL Based Sessions v1.0
 * @author João Romão (aka =IceBurn=)
 * @copyright João Romão - iceburn.info
 * @version 2008
 * @access public
 * 
 */
class MySessions
{

    /**
     * Define if the session_id should be always regenerated
     * 
     * Setting this to true will improve security, 
     * but also increase memory usage. 
     */
    const always_regenerate = true;

    /**
     * use: mydomain.com or leave blank OR .mydomain.com to keep sessions between sub-domains.
     * @var string
     */
    public $cookie_domain = '';

    /**
     *  usually '/' it's just fine
     * @var string
     */
    public $cookie_path = '/';

    /**
     * Sessions lifetime in seconds
     * @var int
     */
    public $sess_duration = 2300;

    /**
     * Table name to store sessions.
     * @var string
     */
    public $table_name = 'sessions';

    /**
     * Should sessions be passed to URL's? 0 = no / 1 = yes (not recomended!)
     * @var bool
     */
    public $use_trans_id = 0;

    /**
     * The name for the session (PHP's default is the ugly PHPSESSIONID)
     * @var string
     */
    public $session_name = 'sess';


    /**
     * sessions::__construct()
     * 
     * @access public
     * @return void
     */
    public function __construct() {

        /**
         * Comment the ini_set block if you get errors 
         * Errors happen when your host does not allow you to use ini_set function
         * Try use htaccess php_value/php_flag directive instead
         */
        ini_set('session.use_cookies', 1);
        ini_set('session.use_trans_sid', $this->use_trans_id);
        ini_set('session.use_only_cookies', 0);
        ini_set('session.gc_maxlifetime', $this->sess_duration);
        ini_set('session.hash_bits_per_character', 4);
        ini_set('session.name', $this->session_name);

        session_set_save_handler(array('MySessions', 'open'), array('MySessions', 'close'), 
		                         array('MySessions', 'read'), array('MySessions', 'write'), 
								 array('MySessions', 'destroy'), array('MySessions', 'gc')) 
								 or die('Could Not Set Session Handler!');

        session_set_cookie_params($this->sess_duration, $this->cookie_path, $this->cookie_domain);

    }


    /**
     * MySessions::session_start()
     * 
     * @return void
     */
    public function session_start() {
        session_start();
        $this->regenerate();
    }


    /**
     * MySessions::regenerate()
     * 
     * A session is regenerated either if specified in configurations or if somehow 
     * an invalid session_id is passed or if implicit.
     * @param integer $force
     * @return bool
     */
    public function regenerate($force = 0) {

        if (self::always_regenerate == true || strlen($this->protect(session_id())) != 32 || $force != 0) {

            $sid = session_id();

            session_regenerate_id(true);

            $nid = session_id();

            $qry = "UPDATE `" . $this->table_name . "` SET `id` = '" . $this->protect($nid) . "' WHERE id = '" . $this->protect($sid) . "';";

            return mysql_query($qry);

        }

    }


    /**
     * sessions::open()
     * 
     * @access public
     * @param mixed $sess_path
     * @param mixed $sess_name
     * @return bool
     */
    public function open($sess_path, $sess_name) {
        return true;
    }

    /**
     * sessions::close()
     * 
     * @access public
     * @return bool
     */
    public function close() {
        return true;
    }


    /**
     * sessions::read()
     * 
     * @access public
     * @param mixed $sess_id
     * @return string
     */
    public function read($sess_id) {

        $sql = "SELECT `data` FROM `" . $this->table_name . "` WHERE `id` = '" . $this->protect($sess_id) . "' ORDER BY `id` LIMIT 1;";
        $res = mysql_query($sql);

        if ($res) {

            if (mysql_num_rows($res) == 1) {

                $ret = mysql_result($res, 0, 0);
                mysql_free_result($res);

                return $ret;

            }

        }

        return;
    }


    /**
     * sessions::write()
     * 
     * @access public
     * @param mixed $sess_id
     * @param mixed $data
     * @return bool
     */
    public function write($sess_id, $data) {
        $sql = "INSERT INTO 
	         `" . $this->table_name . "` (
	          `id`, 
			  `access`, 
			  `data`
			 ) VALUES (
			  '" . $this->protect($sess_id) . "', 
			  " . time() . ", 
			  '" . mysql_real_escape_string($data) . "'
			 ) ON DUPLICATE KEY UPDATE 
			  `access` = " . time() . ",  
			  `data`   = '" . mysql_real_escape_string($data) . "';";

        return mysql_query($sql) or die('Error Writing Session Data!');
    }


    /**
     * sessions::destroy()
     * 
     * Session destroy, useful for logouts
     * @access public
     * @param mixed $sess_id
     * @return bool
     */
    public function destroy($sess_id) {

        $_SESSION = array();

        if (isset($_COOKIE[$this->session_name])) {
            setcookie($this->session_name, '', (time() - 42000), $this->cookie_path, $this->cookie_domain);
        }

        $sql = "DELETE FROM `" . $this->table_name . "` WHERE `id` = '" . $this->protect($sess_id) . "';";
        return mysql_query($sql) or die('Error Destroing Session Data!');
    }


    /**
     * sessions::gc()
     * 
     * Garbage collector
     * @access public
     * @param mixed $sess_maxlifetime
     * @return bool
     */
    public function gc($sess_maxlifetime) {

        $old = (time() - $this->sess_duration);

        $sql = "DELETE FROM `" . $this->table_name . "` WHERE `access` < " . intval($old) . ";";
        $qry = mysql_query($sql);

        /**
         * You can comment the optimize part, and optimize your tables in an independent way.
         * In fact it's addvised that you do it, especially if you have a hight traffic load.
         */
        if (mysql_affected_rows() > 0) { $this->optimize(); }

        return true;
    }


    /**
     * sessions::optimize()
     * 
     * Usefull function for optimizing your sessions table.
     * @access public
     * @return bool
     */
    public function optimize() {
        return mysql_query('OPTIMIZE TABLE `' . $this->table_name . '`;');
    }


    /**
     * sessions::create_table()
     * 
     * You can call this function at the first run to create the necessary table.
     * No problem to call it after the table is created, but will increase memory.
     * If the table does not exist, the very first call to sessions will be stored 
     * as usual. It will always return true or die() if fail to create table.
     * @access public
     * @return bool
     */
    public function create_table() {
        $sql  = "CREATE TABLE IF NOT EXISTS `" . $this->table_name . "` (";
        $sql .= " `id` varchar(32) NOT NULL,";
        $sql .= " `access` int(10) unsigned default NULL,";
        $sql .= " `data` text,";
        $sql .= " PRIMARY KEY  (`id`) ";
        $sql .= ") ENGINE=MyISAM DEFAULT CHARSET=latin1;";
        $qry  = mysql_query($sql) or die('An Error Occorred: ' . mysql_error());
        $this->regenerate(1);
        return true;
    }


    /**
     * sessions::protect()
     * 
     * @access private
     * @param mixed $string
     * @return string
     */
    private function protect($string) {
        return mysql_real_escape_string(preg_replace('/[^a-v0-9]/i', '', $string));
    }


    /**
     * MySessions::debug()
     * 
     * Only for debugging reasons.
     * @return string
     */
    public function debug() {
        $ret  = var_dump($_COOKIE);
        $ret .= var_dump($_SESSION);
        return $ret;
    }


    /**
     * MySessions::__destruct()
     * 
     * @return void
     */
    public function __destruct() {
        session_write_close();
    }


} // End of class 'MySessions'
?>
Return current item: MySessions