自定义session handler的数据库实现

在php.ini中搜索“session.”即可查看session的相关配置。
SessionHandlerInterface 的数据库实现

/**
     *自定义session管理器
     */
    class CustomSession implements SessionHandlerInterface{
        //存放数据库连接
        private $link;

        //存放过期时间
        private $lifetime;

        /**
         * 打开会话
         */
        public function open($savePath, $session_name){
            //获取session默认过期时间,session.gc_maxlifetime指定多少秒之后数据就会被视为垃圾并被清除
            $this->lifetime = get_cfg_var('session.gc_maxlifetime');

            //连接数据库
            $this->link = mysqli_connect('localhost', 'root', 'abc123');
            mysqli_set_charset($this->link, 'utf8');
            mysqli_select_db($this->link, 'test');
            if($this->link){
                return true;
            }
            return false;
        }

        /**
         * 关闭session，即关闭连接
         */
        public function close(){
            mysqli_close($this->link);
            return true;
        }

        /**
         * 读取session
         */
        public function read($session_id){
            //安全处理传入的session_id
            $session_id = mysqli_escape_string($this->link, $session_id);

            $sql = "select * from sessions where session_id = '{$session_id}' and session_expires > " . time();
            $result = mysqli_query($this->link, $sql);
            if(mysqli_num_rows($result) == 1){
                return mysqli_fetch_assoc($result);
            }else{
                return '';
            }
        }

        /**
         * 写入session，即插入记录
         */
        public function write($session_id, $session_data){
            //过期时间
            $new_expires = time() + $this->lifetime;

            //处理传入的session_id
            $session_id = mysqli_escape_string($this->link, $session_id);

            //查询指定session_id是否存在，存在则更新数据；不存在，则写入数据
            $sql = "select * from sessions where session_id = '{$session_id}'";

            $result = mysqli_query($this->link, $sql);

            //判断是否存在
            if(mysqli_num_rows($result) == 1){
                $sql = "update sessions set session_expires = '{$new_expires}', session_data = '{$session_data}' where session_id = '{$session_id}'";

            }else{
                $sql = "insert into sessions values ('{$session_id}', '{$session_data}', '{$new_expires}')";
            }
            mysqli_query($this->link, $sql);

            if(mysqli_affected_rows($this->link) == 1){
                return true;
            }else{
                return false;
            }
        }

        public function destroy($session_id){
            $session_id = mysqli_escape_string($this->link, $session_id);
            $sql = "delete from sessions where session_id = '{$session_id}'";
            mysqli_query($this->link, $sql);
            return mysqli_affected_rows($this->link) == 1;
        }

        //垃圾回收
        public function gc($maxlifetime){
            $sql = "delete from sessions where session_expires < " . time();
            mysqli_query($this->link, $sql);
            if(mysqli_affected_rows($this->link) > 0){
                return true;
            }
            return false;
        }
    }

上述类的使用：

    require_once 'CustomSession.php';
    $CustomSession = new CustomSession;
    ini_set('session.save_handler','user');
    session_set_save_handler($CustomSession,true);
    session_start();
    //写入session
    //$_SESSION['username'] = 'testname';
    //$_SESSION['age'] = 24;
    //$_SESSION['email'] = '[email protected]';

    //读取session
    //print_r($_SESSION);

    //销毁session
    //session_destroy();

tip:用户浏览器关闭cookie后，session可以继续使用，通过URL将session_id传给服务器即可（这样不安全，session_id任何人都能从URL中查看到）。