在php.ini中搜索“session.”即可查看session的相关配置。
SessionHandlerInterface 的数据库实现
/**
*自定义session管理器
*/
class CustomSession implements SessionHandlerInterface{
//存放数据库连接
private $link;
//存放过期时间
private $lifetime;
/**
* 打开会话
*/
public function open($savePath, $session_name){
//获取session默认过期时间,session.gc_maxlifetime指定多少秒之后数据就会被视为垃圾并被清除
$this->lifetime = get_cfg_var('session.gc_maxlifetime');
//连接数据库
$this->link = mysqli_connect('localhost', 'root', 'abc123');
mysqli_set_charset($this->link, 'utf8');
mysqli_select_db($this->link, 'test');
if($this->link){
return true;
}
return false;
}
/**
* 关闭session,即关闭连接
*/
public function close(){
mysqli_close($this->link);
return true;
}
/**
* 读取session
*/
public function read($session_id){
//安全处理传入的session_id
$session_id = mysqli_escape_string($this->link, $session_id);
$sql = "select * from sessions where session_id = '{$session_id}' and session_expires > " . time();
$result = mysqli_query($this->link, $sql);
if(mysqli_num_rows($result) == 1){
return mysqli_fetch_assoc($result);
}else{
return '';
}
}
/**
* 写入session,即插入记录
*/
public function write($session_id, $session_data){
//过期时间
$new_expires = time() + $this->lifetime;
//处理传入的session_id
$session_id = mysqli_escape_string($this->link, $session_id);
//查询指定session_id是否存在,存在则更新数据;不存在,则写入数据
$sql = "select * from sessions where session_id = '{$session_id}'";
$result = mysqli_query($this->link, $sql);
//判断是否存在
if(mysqli_num_rows($result) == 1){
$sql = "update sessions set session_expires = '{$new_expires}', session_data = '{$session_data}' where session_id = '{$session_id}'";
}else{
$sql = "insert into sessions values ('{$session_id}', '{$session_data}', '{$new_expires}')";
}
mysqli_query($this->link, $sql);
if(mysqli_affected_rows($this->link) == 1){
return true;
}else{
return false;
}
}
public function destroy($session_id){
$session_id = mysqli_escape_string($this->link, $session_id);
$sql = "delete from sessions where session_id = '{$session_id}'";
mysqli_query($this->link, $sql);
return mysqli_affected_rows($this->link) == 1;
}
//垃圾回收
public function gc($maxlifetime){
$sql = "delete from sessions where session_expires < " . time();
mysqli_query($this->link, $sql);
if(mysqli_affected_rows($this->link) > 0){
return true;
}
return false;
}
}
上述类的使用:
require_once 'CustomSession.php';
$CustomSession = new CustomSession;
ini_set('session.save_handler','user');
session_set_save_handler($CustomSession,true);
session_start();
//写入session
//$_SESSION['username'] = 'testname';
//$_SESSION['age'] = 24;
//$_SESSION['email'] = '[email protected]';
//读取session
//print_r($_SESSION);
//销毁session
//session_destroy();
tip:用户浏览器关闭cookie后,session可以继续使用,通过URL将session_id传给服务器即可(这样不安全,session_id任何人都能从URL中查看到)。