Can a session on the server be deleted through sessionid in PHP?

Source: Internet
Author: User
Can a session on the server be deleted through sessionid in PHP? I want to implement the function of kicking out members, but how can I do it in PHP? my idea is to record the session id of each member login, this ID is used to delete the session on the server when a member is being kicked, so that the user can be kicked. However, I wonder if the session id in PHP can be used to delete a session, ask everyone !!!


Reply to discussion (solution)

Since you can record the session id of each member login (it is obvious that you want to save it to the database)
Then you can change the session file method to the database method.
Delete the corresponding record if you want to play it.

Since you can record the session id of each member login (it is obvious that you want to save it to the database)
Then you can change the session file method to the database method.
Delete the corresponding record if you want to play it.


Thank you for your answers. I can't say it is more detailed. I am saving the session id in the database. The key is the client. for example, you have obtained the session id of a member in the background, how can I invalidate the session on the client so that the member can be kicked out? what does the moderator mean by deleting the corresponding record? It was not long before I used PHP.

The session is stored on the server. after you delete the session on the client, you cannot obtain the session and can only log on again.

The session is stored on the server. after you delete the session on the client, you cannot obtain the session and can only log on again.


I want to know how to do this and how to delete it. I checked that the function only has session_destroy (). This function has no parameters and can only delete the SESSION logged on to this account, how can I delete other sessionids?

The moderator means to save the session in the db instead of the file. because your session id is already saved in the db, you can save the session in the db for convenient operations. Then, the corresponding db records are deleted based on the session id.

If the session is stored in a file, you can also delete the file by using the session id.
The session file is saved in session. save_path, which can be found in phpinfo ().

session_start();$_SESSION['test'] = 1;echo session_id();

After the preceding code is executed, for example, session_id (), iak6l6lurg6o63a00tsdi0a4m5 is returned.
The sess_iak6l6lurg6o63a00tsdi0a4m5 file is generated in session. save_path. this is the session file.
Then, delete the file according to the session id of iak6l6lurg6o63a00tsdi0a4m5.

The moderator means to save the session in the db instead of the file. because your session id is already saved in the db, you can save the session in the db for convenient operations. Then, the corresponding db records are deleted based on the session id.

If the session is stored in a file, you can also delete the file by using the session id.
The session file is saved in session. save_path, which can be found in phpinfo ().

session_start();$_SESSION['test'] = 1;echo session_id();

After the preceding code is executed, for example, session_id (), iak6l6lurg6o63a00tsdi0a4m5 is returned.
The sess_iak6l6lurg6o63a00tsdi0a4m5 file is generated in session. save_path. this is the session file.
Then, delete the file according to the session id of iak6l6lurg6o63a00tsdi0a4m5.


Thank you. let me try it. thank you.

Since you can record the session id of each member login (it is obvious that you want to save it to the database)
Then you can change the session file method to the database method.
Delete the corresponding record if you want to play it.


If the moderator deletes the session id of a user in this way, the user needs to query the database every time he visits a page to determine whether the session id exists, if it does not exist, it indicates that T is taken offline. Is that true?

The moderator means to save the session in the db instead of the file. because your session id is already saved in the db, you can save the session in the db for convenient operations. Then, the corresponding db records are deleted based on the session id.

If the session is stored in a file, you can also delete the file by using the session id.
The session file is saved in session. save_path, which can be found in phpinfo ().

session_start();$_SESSION['test'] = 1;echo session_id();

After the preceding code is executed, for example, session_id (), iak6l6lurg6o63a00tsdi0a4m5 is returned.
The sess_iak6l6lurg6o63a00tsdi0a4m5 file is generated in session. save_path. this is the session file.
Then, delete the file according to the session id of iak6l6lurg6o63a00tsdi0a4m5.


Use unlink ($ myfile). when you delete a file, the system prompts that you do not have the permission. how can you get the permission to delete the file of the session?

Session_set_save_handler
Related operations are automatically completed by php. you do not need to write code.

Session temporary files in file mode are locked during user operations.
Session_id (user's sessionid );
Session_unset ();
Session_write_close ();
To delete the temporary file of the sessionid.

Session_set_save_handler
Related operations are automatically completed by php. you do not need to write code.

Session temporary files in file mode are locked during user operations.
Session_id (user's sessionid );
Session_unset ();
Session_write_close ();
To delete the temporary file of the sessionid.


I have made a mistake. I should delete the files of other session IDs, instead of the session id being accessed. Also, the moderator will ask you what you said.
After session_set_save_handler reaches the database mode, related operations are automatically completed by PHP. what does it mean? I mean, if I want to kill a user, set the session id value of the user in the database to null, and then query the session id of the user who is kicked off when accessing other pages, if it is empty, it will be dropped. I understand it now. I don't know if it is correct. Is it true? moderator, hope to give me some advice. thank you !!!

Yes, you have to log on again without the sessionid record.

Yes, you have to log on again without the sessionid record.


Thank you for your reply. you can close the post.

Yes, you have to log on again without the sessionid record.


I am sorry to ask you again. how can I use such a php file?
/* ============================ File description ========== ======================================
@ Filename: session. class. php
@ Description: the database saves the online user session to implement the online user function!
@ Notice: the session expiration time is one hour, because our site uses cookies (valid for 1 hour) to log on.
Therefore, we only record the user logon time, instead of refresh once.
The action of deleting session records in the database occurs when the user times out and executes the file or exits normally (session_destory)
@ Database: sessions field: sessionid (char32), uid (int10), last_visit (int10)
========================================================== ============================================
*/
Class session {
Private $ db;
Private $ lasttime = 3600; // timeout: one hour
Function session (& $ db ){
$ This-> db = & $ db;
Session_module_name ('user'); // session file storage method. this is required! Unless it is set in the Php. ini file
Session_set_save_handler (
Array (& $ this, 'open'), // run
Array (& $ this, 'close'), // it is executed when the script is executed or session_write_close () or session_destroy () is called, that is, it is executed after all session operations are completed.
Array (& $ this, 'read'), // it is executed when session_start () is run, because the current session data is read during session_start.
Array (& $ this, 'write'), // this method is executed when the script ends and session_write_close () is used to force the SESSION data to be submitted.
Array (& $ this, 'deststroy'), // execute when running session_destroy ()
Array (& $ this, 'gc ') // The execution probability is determined by the session. gc_probability and session. the value of gc_pisor is determined by the time when session_start runs open, read, and gc successively after open and read.
);
Session_start (); // This is also required. to open a session, it must be executed after session_set_save_handler.
}
Function unserializes ($ data_value ){
$ Vars = preg_split (
'/([A-zA-Z_x7f-xff] [a-zA-Z0-9_x7f-xff] *) | /',
$ Data_value,-1, PREG_SPLIT_NO_EMPTY |
PREG_SPLIT_DELIM_CAPTURE
);
For ($ I = 0; isset ($ vars [$ I]); $ I ++ ){
$ Result [$ vars [$ I ++] = unserialize ($ vars [$ I]);
}
Return $ result;
}
Function open ($ path, $ name ){
Return true;
}
Function close (){
$ This-> gc ($ this-> lasttime );
Return true;
}
Function read ($ SessionKey ){
$ SQL = "SELECT uid FROM sessions WHERE session_id = '". $ SessionKey. "'limit 1 ";
$ Query = $ this-> db-> query ($ SQL );
If ($ row = $ this-> db-> fetch_array ($ query )){
Return $ row ['uid'];
} Else {
Return "";
}
}
Function write ($ SessionKey, $ VArray ){
Require_once (MRoot. DIR_WS_CLASSES. 'DB _ mysql_class.php ');
$ Db1 = new DbCom ();
// Make a connection to the database... now
$ Db1-> connect (DB_SERVER, DB_SERVER_USERNAME, DB_SERVER_PASSWORD, DB_DATABASE );
$ Db1-> query ("set names utf8 ");
$ This-> db = $ db1;
$ SessionArray = addslashes ($ VArray );
$ Data = $ this-> unserializes ($ VArray );
$ Sql0 = "SELECT uid FROM sessions WHERE session_id = '". $ SessionKey. "'submit 1 ";
$ Query0 = $ this-> db-> query ($ sql0 );
If ($ this-> db-> num_rows ($ query0) <= 0 ){
If (isset ($ data ['webid']) &! Empty ($ data ['webid']) {
$ This-> db-> query ("insert into 'session' set 'session _ id' = '$ sessionkey', uid = '". $ data ['webid']. "', last_visit = '". time (). "'");
}
Return true;
} Else {
/* $ SQL = "update 'session' set ";
If (isset ($ data ['webid']) {
$ SQL. = "uid = '". $ data ['webid']. "',";
}
$ SQL. = "'Last _ visit' = null"
. "Where 'session _ id' = '$ sessionkey '";
$ This-> db-> query ($ SQL );*/
Return true;
}
}
Function destroy ($ SessionKey ){
$ This-> db-> query ("delete from 'session' where 'session _ id' = '$ sessionkey '");
Return true;
}
Function gc ($ lifetime ){
$ This-> db-> query ("delete from 'session' where unix_timestamp (now ()-'Last _ visit'> '". $ this-> lasttime. "'");
Return true;
}
}
?>
If this technology is used on other pages, will every page introduce this class and create a session class object? will the destroy and gc functions be called when each session fails?

Many adults, it's best to save it to the database.


The moderator means to save the session in the db instead of the file. because your session id is already saved in the db, you can save the session in the db for convenient operations. Then, the corresponding db records are deleted based on the session id.

If the session is stored in a file, you can also delete the file by using the session id.
The session file is saved in session. save_path, which can be found in phpinfo ().

session_start();$_SESSION['test'] = 1;echo session_id();

After the preceding code is executed, for example, session_id (), iak6l6lurg6o63a00tsdi0a4m5 is returned.
The sess_iak6l6lurg6o63a00tsdi0a4m5 file is generated in session. save_path. this is the session file.
Then, delete the file according to the session id of iak6l6lurg6o63a00tsdi0a4m5.


Use unlink ($ myfile). when you delete a file, the system prompts that you do not have the permission. how can you get the permission to delete the file of the session?



I have tested it. Are you sure you want to delete the session file you are using? Of course not.



The moderator means to save the session in the db instead of the file. because your session id is already saved in the db, you can save the session in the db for convenient operations. Then, the corresponding db records are deleted based on the session id.

If the session is stored in a file, you can also delete the file by using the session id.
The session file is saved in session. save_path, which can be found in phpinfo ().

session_start();$_SESSION['test'] = 1;echo session_id();

After the preceding code is executed, for example, session_id (), iak6l6lurg6o63a00tsdi0a4m5 is returned.
The sess_iak6l6lurg6o63a00tsdi0a4m5 file is generated in session. save_path. this is the session file.
Then, delete the file according to the session id of iak6l6lurg6o63a00tsdi0a4m5.


Use unlink ($ myfile). when you delete a file, the system prompts that you do not have the permission. how can you get the permission to delete the file of the session?



I have tested it. Are you sure you want to delete the session file you are using? Of course not.


Indeed, I deleted the currently in use. no wonder it doesn't work. session_set_save_handler should be the best method. let me try it.

Session_set_save_handler
Related operations are automatically completed by php. you do not need to write code.

Session temporary files in file mode are locked during user operations.
Session_id (user's sessionid );
Session_unset ();
Session_write_close ();
To delete the temporary file of the sessionid.



$ Con = mysql_connect ("Wagner. 0.0.1", "root", "111111 ");

Mysql_select_db ("session ");

Function open ($ save_path, $ session_name ){
Return (true );
}

Function close (){
Return (true );
}

Function read ($ id ){
If ($ result = mysql_query ("select * from session where id = '$ ID '")){

If ($ row = mysql_fetch_array ($ result )){
Return $ row ["data"];
}
} Else {
Return "";
}
}

Function write ($ id, $ sess_data ){

$ SQL = "SELECT * FROM session WHERE id = '". $ id. "'limit 1 ";
$ Check = mysql_query ($ SQL );
$ Total = mysql_num_rows ($ check );
$ Result = false;
If ($ total <= 0 ){
$ SQL = "insert into 'session 'set' ID' = '$ ID', data = '". $ sess_data. "', last_visit = '". time (). "'";
Mysql_query ($ SQL );
} Else {
$ SQL = "update session set data = '$ sess_data', last_visit = '". time (). "'Where id =' $ ID '";
$ Result = mysql_query ($ SQL );
}

If ($ result = true ){
Return true;
} Else {
Return false;
}
}

Function destroy ($ id ){

If ($ result = mysql_query ("delete * from session where id = '$ ID '")){
Return true;
} Else {
Return false;
}
}

Function gc ($ maxlifetime ){
$ SQL = "delete from 'session 'where unix_timestamp (now ()-'Last _ visit'> '60 '";
$ Result = mysql_query ($ SQL );
If ($ result = true ){
Echo $ SQL;
Return true;

} Else {
Echo "error ";
Return false;

}

}

Session_set_save_handler ("open", "close", "read", "write", "destroy", "gc ");
@ Ini_set ('session. gc_probability ', 1 );
@ Ini_set ('session. gc_pisor ', 2 );
@ Ini_set ('session. gc_maxlifetime', 60 );
Session_start ();

?> // File name session_user_start.php
I wrote two pages for testing,
1. php

Include 'session _ user_start.php ';

$ _ SESSION ['test'] = "OK la ";

Echo "init OK ";

?>

Another
2. php

Include 'session _ user_start.php ';
Echo $ _ SESSION ['test'];
?>
Yes, but I can access it 60 seconds later. 2. php found that the gc function was not called. how can I access 2. php to execute the GC function when the session fails?

Gc can write a crontab implementation.
Http://blog.csdn.net/fdipzone/article/details/7263361

Gc can write a crontab implementation.
Http://blog.csdn.net/fdipzone/article/details/7263361


Gc has been called, but it is found that other pages include 'session _ user_start.php ';
Echo $ _ SESSION ['test'];, and found that the SESSION assigned to the previous page has arrived at the introduced session page. The value of $ _ SESSION is blank, strange

The reason is that the session data will be returned during the read operation, so that the session data will be obtained only when it is introduced to other pages.

It is feasible to use static array and session to save both the user name and logon time, and compare the session data with the array data during verification.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.