数据库处理session类
<?php /* * 使用数据库处理session * php.ini 中 session.save_handler 设为 "user" */ class Dbsession{ private static $ua; //代理浏览器 private static $ip; //IP地址 private static $lifetime;//session生存时间 private static $time; //当前时间 private static $pdo; public static function start(PDO $pdo){ self::$pdo = $pdo; self::$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if ( !empty( $_SERVER['HTTP_CLIENT_IP'] ) ) { //check ip from share internet self::$ip = $_SERVER['HTTP_CLIENT_IP']; } else if ( !empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) { self::$ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { self::$ip = $_SERVER['REMOTE_ADDR']; } filter_var(self::$ip,FILTER_VALIDATE_IP) === FALSE && self::$ip = 'unknown'; self::$lifetime = ini_get("session.gc_maxlifetime"); self::$time = time(); session_set_save_handler( array(__CLASS__,'open'), array(__CLASS__,'close'), array(__CLASS__,'read'), array(__CLASS__,'write'), array(__CLASS__,'destroy'), array(__CLASS__,'gc') ); session_start(); } private static function open($path,$name){ return true; } public static function close(){ return true; } private static function read($sid){ $sql = "select * from session where sid=?"; $st = self::$pdo->prepare($sql); $st->execute(array($sid)); //没有数据 if(!$result = $st->fetch(PDO::FETCH_ASSOC)){ return ''; } //用户更换了浏览器或者IP地址 if($result['ua'] != self::$ua || $result['ip'] != self::$ip){ self::destroy($sid); return ''; } //时间过期 if($result['updatetime']+self::$lifetime < self::$time){ self::destroy($sid); return ''; } return $result['data']; //返回session数据 } public static function write($sid,$data){ //先查有无session $sql = "select * from session where sid=?"; $st = self::$pdo->prepare($sql); $st->execute(array($sid)); if($result = $st->fetch(PDO::FETCH_ASSOC)){ //数据发生改变或者30秒开外,则更新 if($result['data'] != $data || $result['updatetime']+30 < self::$time){ $sql = "update session set data=? ,updatetime=? where sid=?"; $st = self::$pdo->prepare($sql); $st->execute(array($data,self::$time,$sid)); } }else{ if(!empty($data)){ $sql = "insert into session values(?,?,?,?,?)"; $st = self::$pdo->prepare($sql); $st->execute(array($sid,$data,self::$time,self::$ua,self::$ip)); } } return true; } public static function destroy($sid){ $sql = "delete from session where sid=?"; $st = self::$pdo->prepare($sql); $st->execute(array($sid)); return true; } private static function gc($lifetime){ $sql = "delete from session where updatetime<?"; $st = self::$pdo->prepare($sql); $st->execute(array(self::$time-$lifetime)); return true; } }