On 25 Jun 2005 17:02:24 -0700, "Google Mike"
<go********@hotpop.com> wrote:
This might be the first time you will hear this, so here goes. My
caution is that session vars, no matter whether it's ASP, PHP, or
whatever, are not a good idea beyond anything but simple apps. They're
useful for simple apps where you only have one web server. But if that
simple app becomes popular, grows up, and is hosted in a web server
"farm", the servers will get confused and not consistently maintained
the state of the session var. In my history of web development,
everything I did that started off as simple was then ultimately
converted into something for hundreds of users via a web farm. That's
just the way it is, I guess. For more powerful apps that use web farms,
you really only have 4 practical choices:
A.
B.
C.
D.
I think you should add :
E. Use custom session handlers to store session variables in a
central database. Just needs a little bit of code. It is very
easy to replace file based sessions in an existing application
by database based sessions.
Which IMHO makes sessions not such a bad idea at all.
Example code:
<?php
/*
------------------------------------------------------------------------
* session_mysql.php
*
------------------------------------------------------------------------
* PHP4 MySQL Session Handler
* Version 1.00
* by Ying Zhang (yi**@zippydesign.com)
* Last Modified: May 21 2000
* Slightly edited by Kees Nuyt, 2003, 2004
*/
$SESS_DBHOST = "localhost"; // database server hostname for
sessions
$SESS_DBUSER = "someuid"; // database user
$SESS_DBPASS = "somepsw"; // database password
$SESS_DBNAME = "somedbnm"; // database name
$SESS_DBHNDL = ""; // database handle
$SESS_LIFE = get_cfg_var("session.gc_maxlifetime");
function sess_open($save_path, $session_name){
global $SESS_DBHOST, $SESS_DBNAME, $SESS_DBUSER,
$SESS_DBPASS, $SESS_DBHNDL;
$SESS_DBHNDL = mysql_connect($SESS_DBHOST, $SESS_DBUSER,
$SESS_DBPASS);
if (!$SESS_DBHNDL) {
echo "<li>Can't connect to $SESS_DBHOST as $SESS_DBUSER";
echo "<li>MySQL Error: ", mysql_error();
return false;
}
if (!mysql_select_db($SESS_DBNAME, $SESS_DBHNDL)) {
echo "<li>Unable to select database $SESS_DBNAME";
return false;
}
return true;
}
function sess_close(){
global $SESS_DBHNDL;
if ($SESS_DBHNDL != ""){
mysql_close($SESS_DBHNDL);
}
return true;
}
function sess_read($key){
global $SESS_DBHNDL, $SESS_LIFE;
$qry = "SELECT `value` FROM `session` WHERE `sesskey` =
'$key' AND `expiry` > UNIX_TIMESTAMP()";
$qid = mysql_query($qry, $SESS_DBHNDL) or die("error on
sess_read");
if (list($value) = mysql_fetch_row($qid)){
return $value;
} else {
return (string)"";
}
}
function sess_write($key, $val){
global $SESS_DBHNDL, $SESS_LIFE;
$expiry = time() + $SESS_LIFE;
$value = addslashes($val);
mysql_query('BEGIN', $SESS_DBHNDL);
$qry = "INSERT INTO session VALUES ('$key', $expiry,
'$value')";
$qid = mysql_query($qry, $SESS_DBHNDL);
if (! $qid){
mysql_query('ROLLBACK', $SESS_DBHNDL);
mysql_query('BEGIN', $SESS_DBHNDL);
$qry = "UPDATE session SET expiry=$expiry, value='$value'
WHERE sesskey='$key'";
$qid = mysql_query($qry, $SESS_DBHNDL);
}
mysql_query('COMMIT', $SESS_DBHNDL);
return $qid;
}
function sess_destroy($key){
global $SESS_DBHNDL;
mysql_query('BEGIN', $SESS_DBHNDL);
$qry = "DELETE FROM session WHERE sesskey = '$key'";
$qid = mysql_query($qry, $SESS_DBHNDL);
mysql_query('COMMIT', $SESS_DBHNDL);
return $qid;
}
function sess_gc($maxlifetime){
global $SESS_DBHNDL;
mysql_query('BEGIN', $SESS_DBHNDL);
$qry = "DELETE FROM session WHERE expiry < " . time();
$qid = mysql_query($qry, $SESS_DBHNDL);
$naff = mysql_affected_rows($SESS_DBHNDL);
mysql_query('COMMIT', $SESS_DBHNDL);
return $naff;
}
session_set_save_handler(
"sess_open",
"sess_close",
"sess_read",
"sess_write",
"sess_destroy",
"sess_gc");
session_start();
?>
--
) Kees Nuyt
(
c[_]