利用全局变量$_SESSION和register_shutdown_function自定义会话处理

register_shutdown_function 可以注册一个自定义的函数,在程序运行结束之前 执行。

在做ecshop的二次开发过程中,虽然代码 太老太乱太冗余,但ec的会话处理的设计感觉还是不错的,就使用了$_SESSION这个全局变量而已,这个设计是最好改善原来的会话处理方式的

存数据库表的话,有2张表

sessions 表使用内存存储引擎,会话属于临时数据,这样存取速度很快

当然当临时数据很多时,会占用内存空间,对于较多的数据 还是需要存在磁盘上

这是就需要sessions_data 做一个sessions表的关联来存储较多的额外数据

表结构

 

CREATE TABLE `sessions` (
  `sesskey` char(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '',
  `expiry` int(10) unsigned NOT NULL DEFAULT '0',
  `userid` mediumint(8) unsigned NOT NULL DEFAULT '0',
  `adminid` mediumint(8) unsigned NOT NULL DEFAULT '0',
  `ip` char(15) NOT NULL DEFAULT '',
  `user_name` varchar(60) NOT NULL,
  `user_rank` tinyint(3) NOT NULL,
  `discount` decimal(3,2) NOT NULL,
  `email` varchar(60) NOT NULL,
  `data` char(255) NOT NULL DEFAULT '',
  PRIMARY KEY (`sesskey`),
  KEY `expiry` (`expiry`)
) ENGINE=MEMORY DEFAULT CHARSET=utf8;

CREATE TABLE `sessions_data` (
  `sesskey` varchar(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL DEFAULT '',
  `expiry` int(10) unsigned NOT NULL DEFAULT '0',
  `data` longtext NOT NULL,
  PRIMARY KEY (`sesskey`),
  KEY `expiry` (`expiry`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

 

 

程序文件根据ecshop的类有改动

cls_session.php

db.php 数据库处理

fun.php 用到的函数

init.php 初始化程序文件

--------------

两个demo程序

set.php

get.php

程序文件内容

cls_session.php

<?php

class cls_session
{
    public $db = NULL;
    public $session_table = '';

    public $max_life_time = 1800;

    public $session_name = '';
    public $session_id = '';

    public $session_expiry = '';
    public $session_md5 = '';

    public $session_cookie_path = '/';
    public $session_cookie_domain = '';
    public $session_cookie_secure = false;

    public $_ip = '';
    public $_time = 0;

    public function __construct(&$db, $session_table, $session_data_table, $session_name = 'ECS_ID', $session_id = '')
    {
        $_SESSION = array();
        $this->session_cookie_path = !empty($GLOBALS['cookie_path']) ? $GLOBALS['cookie_path'] : "/";
        $this->session_cookie_domain = !empty($GLOBALS['cookie_domain']) ? $GLOBALS['cookie_domain'] : '';
        $this->session_cookie_secure = !empty($GLOBALS['cookie_secure']) ? $GLOBALS['cookie_secure'] : false;


        $this->session_name = $session_name;
        $this->session_table = $session_table;
        $this->session_data_table = $session_data_table;

        $this->db = &$db;

        $this->_ip = real_ip();
        $this->_time = time();

        $this->session_id = $session_id == '' && !empty($_COOKIE[$this->session_name]) ? $_COOKIE[$this->session_name] : $session_id;
        if ($this->session_id) {
            $tmp_session_id = substr($this->session_id, 0, 32);
            if ($this->gen_session_key($tmp_session_id) == substr($this->session_id, 32)) {
                $this->session_id = $tmp_session_id;
            } else {
                $this->session_id = '';
            }
        }


        if ($this->session_id) {
            $this->load_session();
        } else {
            $this->gen_session_id();
            setcookie($this->session_name, $this->session_id . $this->gen_session_key($this->session_id), 0, $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);
        }

        register_shutdown_function(array(&$this, 'close_session'));
    }

    public function gen_session_id()
    {
        $this->session_id = md5(uniqid(mt_rand(), true));

        return $this->insert_session();
    }

    public function gen_session_key($session_id)
    {
        static $ip = '';

        if ($ip == '') {
            $ip = substr($this->_ip, 0, strrpos($this->_ip, '.'));
        }

        return sprintf('%08x', crc32(ROOT_PATH . $ip . $session_id));
    }

    public function insert_session()
    {
        return $this->db->exec('INSERT INTO ' . $this->session_table . " (sesskey, expiry, ip, data) VALUES ('" . $this->session_id . "', '" . $this->_time . "', '" . $this->_ip . "', 'a:0:{}')");
    }

    public function load_session()
    {
        $session = $this->db->getOne('SELECT userid, adminid, user_name, user_rank, discount, email, data, expiry FROM ' . $this->session_table . " WHERE sesskey = '" . $this->session_id . "'");
        if (empty($session)) {
            $this->insert_session();

            $this->session_expiry = 0;
            $this->session_md5 = '40cd750bba9870f18aada2478b24840a';
            $_SESSION = array();
        } else {
            if (!empty($session['data']) && $this->_time - $session['expiry'] <= $this->max_life_time) {
                $this->session_expiry = $session['expiry'];
                $this->session_md5 = md5($session['data']);
                $_SESSION = unserialize($session['data']);
                $_SESSION['user_id'] = $session['userid'];
                $_SESSION['admin_id'] = $session['adminid'];
                $_SESSION['user_name'] = $session['user_name'];
                $_SESSION['user_rank'] = $session['user_rank'];
                $_SESSION['discount'] = $session['discount'];
                $_SESSION['email'] = $session['email'];
            } else {
                $session_data = $this->db->getOne('SELECT data, expiry FROM ' . $this->session_data_table . " WHERE sesskey = '" . $this->session_id . "'");
                if (!empty($session_data['data']) && $this->_time - $session_data['expiry'] <= $this->max_life_time) {
                    $this->session_expiry = $session_data['expiry'];
                    $this->session_md5 = md5($session_data['data']);
                    $_SESSION = unserialize($session_data['data']);
                    $_SESSION['user_id'] = $session['userid'];
                    $_SESSION['admin_id'] = $session['adminid'];
                    $_SESSION['user_name'] = $session['user_name'];
                    $_SESSION['user_rank'] = $session['user_rank'];
                    $_SESSION['discount'] = $session['discount'];
                    $_SESSION['email'] = $session['email'];
                } else {
                    $this->session_expiry = 0;
                    $this->session_md5 = '40cd750bba9870f18aada2478b24840a';
                    $_SESSION = array();
                }
            }
        }
    }

    public function update_session()
    {
        $adminid = !empty($_SESSION['admin_id']) ? intval($_SESSION['admin_id']) : 0;
        $userid = !empty($_SESSION['user_id']) ? intval($_SESSION['user_id']) : 0;
        $user_name = !empty($_SESSION['user_name']) ? trim($_SESSION['user_name']) : 0;
        $user_rank = !empty($_SESSION['user_rank']) ? intval($_SESSION['user_rank']) : 0;
        $discount = !empty($_SESSION['discount']) ? round($_SESSION['discount'], 2) : 0;
        $email = !empty($_SESSION['email']) ? trim($_SESSION['email']) : 0;
        unset($_SESSION['admin_id']);
        unset($_SESSION['user_id']);
        unset($_SESSION['user_name']);
        unset($_SESSION['user_rank']);
        unset($_SESSION['discount']);
        unset($_SESSION['email']);

        $data = serialize($_SESSION);
        $this->_time = time();

        if ($this->session_md5 == md5($data) && $this->_time < $this->session_expiry + 10) {
            return true;
        }

        $data = addslashes($data);

        if (isset($data{255})) {

            $this->db->autoReplace($this->session_data_table, array('sesskey' => $this->session_id, 'expiry' => $this->_time, 'data' => $data), array('expiry' => $this->_time, 'data' => $data));
            $data = '';
        }

        return $this->db->exec('UPDATE ' . $this->session_table . " SET expiry = '" . $this->_time . "', ip = '" . $this->_ip . "', userid = '" . $userid . "', adminid = '" . $adminid . "', user_name='" . $user_name . "', user_rank='" . $user_rank . "', discount='" . $discount . "', email='" . $email . "', data = '$data' WHERE sesskey = '" . $this->session_id . "' LIMIT 1");
    }

    public function close_session()
    {
        $this->update_session();

        if (mt_rand(0, 2) == 2) {
            $this->db->query('DELETE FROM ' . $this->session_data_table . ' WHERE expiry < ' . ($this->_time - $this->max_life_time));
        }

        if ((time() % 2) == 0) {
            return $this->db->query('DELETE FROM ' . $this->session_table . ' WHERE expiry < ' . ($this->_time - $this->max_life_time));
        }

        return true;
    }

    public function delete_spec_admin_session($adminid)
    {
        if (!empty($_SESSION['admin_id']) && $adminid) {
            return $this->db->query('DELETE FROM ' . $this->session_table . " WHERE adminid = '$adminid'");
        }

        return false;
    }

    public function destroy_session()
    {
        $_SESSION = array();

        setcookie($this->session_name, $this->session_id, 1, $this->session_cookie_path, $this->session_cookie_domain, $this->session_cookie_secure);


        $this->db->query('DELETE FROM ' . $this->session_data_table . " WHERE sesskey = '" . $this->session_id . "' LIMIT 1");

        return $this->db->query('DELETE FROM ' . $this->session_table . " WHERE sesskey = '" . $this->session_id . "' LIMIT 1");
    }

    public function get_session_id()
    {
        return $this->session_id;
    }

    public function get_users_count()
    {
        return $this->db->getOne('SELECT count(*) FROM ' . $this->session_table);
    }

}


?>
cls_session.php

db.php

<?php
class db{
    protected $pdo;
    public function __construct($dsn,$user,$pwd,$opt=''){
        $this->pdo= new PDO($dsn,$user,$pwd,$opt);
    }
    public function getRow($sql, $limited = false){
        $sql=$limited==true?trim($sql . ' LIMIT 1'):$sql;

        $pdo_statement = $this->pdo->query($sql);

        if($pdo_statement){
            $res=$pdo_statement->fetchAll(PDO::FETCH_ASSOC);
            if($limited) return $res[0];
            return $res;
        }
        return false;
    }
    public function getOne($sql){
        $sql=trim($sql . ' LIMIT 1');
        $pdo_statement = $this->pdo->query($sql);
        if($pdo_statement){
            $res=$pdo_statement->fetch(PDO::FETCH_ASSOC);
            return $res;
        }
        return false;
    }

    public function autoReplace($table, $field_values, $update_values, $where = '')
    {
        $field_descs = $this->getAll('DESC ' . $table);

        $primary_keys = array();
        foreach ($field_descs AS $value)
        {
            $field_names[] = $value['Field'];
            if ($value['Key'] == 'PRI')
            {
                $primary_keys[] = $value['Field'];
            }
        }

        $fields = $values = array();
        foreach ($field_names AS $value)
        {
            if (array_key_exists($value, $field_values) == true)
            {
                $fields[] = $value;
                $values[] = "'" . $field_values[$value] . "'";
            }
        }

        $sets = array();
        foreach ($update_values AS $key => $value)
        {
            if (array_key_exists($key, $field_values) == true)
            {
                if (is_int($value) || is_float($value))
                {
                    $sets[] = $key . ' = ' . $key . ' + ' . $value;
                }
                else
                {
                    $sets[] = $key . " = '" . $value . "'";
                }
            }
        }

        $sql = '';
        if (empty($primary_keys))
        {
            if (!empty($fields))
            {
                $sql = 'INSERT INTO ' . $table . ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
            }
        }
        else
        {
            if (empty($where))
            {
                $where = array();
                foreach ($primary_keys AS $value)
                {
                    if (is_numeric($value))
                    {
                        $where[] = $value . ' = ' . $field_values[$value];
                    }
                    else
                    {
                        $where[] = $value . " = '" . $field_values[$value] . "'";
                    }
                }
                $where = implode(' AND ', $where);
            }

            if ($where && (!empty($sets) || !empty($fields)))
            {
                $count=$this->getOne("SELECT COUNT(*)  as count FROM $table WHERE $where");
                $count=$count['count'];
                if (intval($count) > 0)
                {
                    if (!empty($sets))
                    {
                        $sql = 'UPDATE ' . $table . ' SET ' . implode(', ', $sets) . ' WHERE ' . $where;
                    }
                }
                else
                {
                    if (!empty($fields))
                    {
                        $sql = 'REPLACE INTO ' . $table . ' (' . implode(', ', $fields) . ') VALUES (' . implode(', ', $values) . ')';
                    }
                }
            }

        }

        return $sql?$this->exec($sql):false;

    }
    public function getAll($sql)
    {
        $res = $this->pdo->query($sql);
        if ($res !== false)
        {
            $arr = array();
            while ($row = $res->fetch(PDO::FETCH_ASSOC))
            {
                $arr[] = $row;
            }

            return $arr;
        }
        return false;
    }

    public function __call($method,$args){

        return call_user_func(array($this->pdo,$method),$args[0]);
    }
}
db.php

fun.php

<?php

function real_ip()
{
    static $realip = NULL;

    if ($realip !== NULL) {
        return $realip;
    }

    if (isset($_SERVER)) {
        if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
            $arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);

            /* 取X-Forwarded-For中第一个非unknown的有效IP字符串 */
            foreach ($arr AS $ip) {
                $ip = trim($ip);

                if ($ip != 'unknown') {
                    $realip = $ip;

                    break;
                }
            }
        } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
            $realip = $_SERVER['HTTP_CLIENT_IP'];
        } else {
            if (isset($_SERVER['REMOTE_ADDR'])) {
                $realip = $_SERVER['REMOTE_ADDR'];
            } else {
                $realip = '0.0.0.0';
            }
        }
    } else {
        if (getenv('HTTP_X_FORWARDED_FOR')) {
            $realip = getenv('HTTP_X_FORWARDED_FOR');
        } elseif (getenv('HTTP_CLIENT_IP')) {
            $realip = getenv('HTTP_CLIENT_IP');
        } else {
            $realip = getenv('REMOTE_ADDR');
        }
    }

    preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
    $realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';

    return $realip;
}
fun.php

init.php

<?php
define("ROOT_PATH",__DIR__);
include "db.php";
include "fun.php";
include "cls_session.php";
$dsn='mysql:dbname=test;host=127.0.0.1';
$user="root";
$passwd="";
$opt=array(
    PDO :: ATTR_PERSISTENT  =>  true
);
$db=new db($dsn,$user,$passwd,$opt);


$cls=new cls_session($db,'sessions',"sessions_data");
init

下面是2个运行测试程序

set.php

<?php
include "init.php";
$_SESSION['a']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax";
//$_SESSION['b']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
//$_SESSION['c']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
//$_SESSION['d']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
//$_SESSION['e']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
//$_SESSION['f']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
//$_SESSION['g']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
$_SESSION['h']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
$_SESSION['i']="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaajax11212312333333333333333333333333333333333333333333333333333333333333333";
unset($_SESSION['b']);
unset($_SESSION['c']);
unset($_SESSION['d']);
unset($_SESSION['e']);
unset($_SESSION['f']);
//unset($_SESSION['h']);
//unset($_SESSION['i']);
unset($_SESSION['g']);
var_dump($_SESSION);
View Code

get.php

<?php

include "init.php";
var_dump($_SESSION);
get.php

最重要的是cls_session.php

session存库 有利于统计当前网站在线用户

因为ecshop至始至终没用session_start,session的存取还是和以前一样直接操作$_SESSION数组,所以,如果原来的session是存在文件里,现在可以不修改代码的使用这种方式

 

session的配置相关

session.save_handler=files 
session.save_path=/tmp
session.use_cookies=1

session.name=PHPSESSID
session.auto_start=0
session.cookie_lifetime=0
这个代表SessionID在客户端Cookie储存的时间,默认是0,代表浏览器一关闭SessionID就作废,就是因为这个所以Session不能永久使用
session.cookie_path=/
session.cookie_domain=
;处理连续资料的方式,本功能只有WDDX模组或PHP内部使用(预设:php)
session.serialize_handler = php

session.gc_maxlifetime 
session在服务器端存在的时间,过期后按照gc启动的比率删除

;按千分之一的比率进行垃圾收集
;垃圾收集的处理几率(预设:1)
session.gc_probability = 1
;设置进程比率,(php5新增参数,预设:1000)
session.gc_divisor = 1000

;(垃圾收集)被处理前的生存期(预设:1440[秒])
session.gc_maxlifetime = 1440

;使用cache限制器(预设:不要cache)
session.cache_limiter = nocache

;使用cache的生存期
session.cache_expire = 180

;使用sid值(session_id)传送模式(基于安全,预设:关)
session.use_trans_sid = 0

;选择一个HASH函数,0为MD5(128比特强度),1为SHA-1(160比特强度)
session.hash_function = 

设置方式
$expire=20;
ini_set("session.gc_maxlifetime",$expire);
ini_set("session.cookie_lifetime",$expire);

 

posted @ 2016-04-03 21:42  H&K  阅读(890)  评论(0编辑  收藏  举报