v5:session:session_index
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
v5:session:session_library [2016/01/13 02:31] – ↷ Links adapted because of a move operation mnewnham | v5:session:session_index [2018/07/01 22:21] – [Backwards Compatability] typo peterdd | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Session Management ====== | ====== Session Management ====== | ||
- | < | + | ~~NOTOC~~ |
- | The original | + | < |
+ | [[v5:session: | ||
+ | [[v5: | ||
</ | </ | ||
+ | |||
===== Introduction ===== | ===== Introduction ===== | ||
+ | ADOdb session management extends the standard functionality of PHP sessions, by allowing the normal session data seen to be stored in a database itself. There are numerous ways that this method enhances the default behavior | ||
- | ==== Why Session | + | * Simplified clean-up at end =of session life |
+ | * Easy analysis of session data | ||
+ | * Simple session termination | ||
+ | * **//Session | ||
+ | * Encryption of session data | ||
+ | * Allows implementation of session termination callbacks | ||
+ | * Session data can be retained if used across with load balancing servers | ||
- | We store state information specific to a user or web client in session | + | ADOdb session |
- | To use session variables, call session_start() at the beginning of your web page, before your HTTP headers are sent. Then for every variable you want to keep alive for the duration of the session, call variable you want to keep alive for the duration of the session, use '' | ||
- | |||
- | The default method of storing sessions is to store it in a file. However if you have special needs such as you: | ||
- | |||
- | * Have multiple web servers that need to share session info | ||
- | * Need to do special processing of each session | ||
- | * Require notification when a session expires | ||
- | |||
- | The ADOdb session handler provides you with the above additional capabilities by storing the session information as records in a database table that can be shared across multiple servers. | ||
These records will be garbage collected based on the php.ini [session] timeout settings. You can register a notification function to notify you when the record has expired and is about to be freed by the garbage collector. | These records will be garbage collected based on the php.ini [session] timeout settings. You can register a notification function to notify you when the record has expired and is about to be freed by the garbage collector. | ||
- | An alternative to using a database backed session handler is to use [[v5:reference: | + | An alternative to using a database backed session handler is to use [[v5:userguide: |
- | + | ||
- | ===== The Improved Session Handler ===== | + | |
- | + | ||
- | In ADOdb 4.91, we added a new session handler, in adodb-session2.php. It features the following improvements: | + | |
- | * Fully supports server farms using a new database table format. The previous version used the web server time for timestamps, which can cause problems on a system with multiple web servers with possibly inconsistent times. | ||
- | * The new version uses the database server time instead for all timestamps. | ||
- | * The older database table format is obsolete. The database table must be modified to support storage of the database server time mentioned above. | ||
- | * Also the field named DATA has been changed to SESSDATA. In some databases, DATA is a reserved word. | ||
- | * The functions '' | ||
===== Usage ===== | ===== Usage ===== | ||
Line 43: | Line 35: | ||
* Test session vars, the following should increment on refresh | * Test session vars, the following should increment on refresh | ||
*/ | */ | ||
+ | if (!isset($_SESSION[' | ||
+ | $_SESSION[' | ||
+ | | ||
$_SESSION[' | $_SESSION[' | ||
print "< | print "< | ||
Line 73: | Line 68: | ||
adodb-session2.php | adodb-session2.php | ||
- | adodb-cryptsession2.php | + | adodb-cryptsession2.php |
- | adodb-session-clob2.php | + | |
+ | adodb-session-clob2.php | ||
+ | | ||
==== Usage Examples ==== | ==== Usage Examples ==== | ||
Line 90: | Line 87: | ||
ADOdb_Session:: | ADOdb_Session:: | ||
- | ADOdb_session::Persist($connectMode=false); | + | ADOdb_Session::persist($connectMode=false); |
session_start(); | session_start(); | ||
Line 104: | Line 101: | ||
</ | </ | ||
- | The parameter to the '' | + | <WRAP important> |
- | + | The original session management routines that use '' | |
- | ^$connectMode^Connection Method^ | + | </ |
- | ^true|PConnect()| | + | |
- | ^false|Connect()| | + | |
- | ^' | + | |
- | ^' | + | |
- | ^' | + | |
===== Using Encrypted Sessions ===== | ===== Using Encrypted Sessions ===== | ||
To use a encrypted sessions, replace the file '' | To use a encrypted sessions, replace the file '' | ||
Line 125: | Line 116: | ||
ADOdb_Session:: | ADOdb_Session:: | ||
- | adodb_sess_open(false, | ||
session_start(); | session_start(); | ||
</ | </ | ||
Line 140: | Line 130: | ||
ADOdb_Session:: | ADOdb_Session:: | ||
- | adodb_sess_open(false, | ||
session_start(); | session_start(); | ||
</ | </ | ||
Line 152: | Line 141: | ||
CREATE TABLE sessions2( | CREATE TABLE sessions2( | ||
sesskey VARCHAR( 64 ) NOT NULL DEFAULT '', | sesskey VARCHAR( 64 ) NOT NULL DEFAULT '', | ||
- | | + | |
expireref VARCHAR( 250 ) DEFAULT '', | expireref VARCHAR( 250 ) DEFAULT '', | ||
created DATETIME NOT NULL , | created DATETIME NOT NULL , | ||
Line 229: | Line 218: | ||
$user = $ADODB_SESS_CONN-> | $user = $ADODB_SESS_CONN-> | ||
- | $ADODB_SESS_CONN-> | + | $ADODB_SESS_CONN-> |
system(" | system(" | ||
} | } | ||
Line 268: | Line 257: | ||
will compress and then encrypt the record in the database. | will compress and then encrypt the record in the database. | ||
- | ===== Session Cookie Regeneration ===== | ||
- | The method '' | ||
- | ==== Usage ==== | ||
- | |||
- | <code php> | ||
- | include ' | ||
- | |||
- | session_start(); | ||
- | /* | ||
- | * Approximately every 10 page loads, reset cookie for safety. | ||
- | * This is extremely simplistic example, better | ||
- | * to regenerate only when the user logs in or changes | ||
- | * user privilege levels. | ||
- | */ | ||
- | if ((rand()%10) == 0) | ||
- | adodb_session_regenerate_id(); | ||
- | </ | ||
- | |||
- | This function calls '' | ||
- | |||
- | ===== Vacuum/ | ||
- | |||
- | During session garbage collection, if postgresql is detected, ADOdb can be set to run VACUUM. If mysql is detected, then optimize database could be called.You can turn this on or off using: | ||
- | <code php> | ||
- | $turnOn = true; # or false | ||
- | ADODB_Session:: | ||
- | </ | ||
- | The default is optimization is disabled. | ||
- | ===== Backwards | + | ===== Backwards |
The older method of connecting to ADOdb using global variables is now deprecated, and **will be removed** in ADOdb version 6.0: | The older method of connecting to ADOdb using global variables is now deprecated, and **will be removed** in ADOdb version 6.0: |
v5/session/session_index.txt · Last modified: 2023/04/08 18:08 by dregad