Sessions are usually stored in the/tmp directory, and the permission of the folder is everbody readable, which is terrible! In the school Forum, someone used session to steal accounts! Later, I tried to put the session into the database. the table structure and process were as follows: // create a table // createsesslib. sqlCREATETABLEsesslib (datatext, time session is usually placed in the/tmp directory, and the permission for this folder is everbody readable, which is terrible! In the school Forum, someone used session to steal accounts! Later, I tried to put the session into the database. the table structure and process were as follows:
// Create a table
// Create sesslib. SQL
Create table sesslib (
Data text,
Time datetime,
Id int (11) DEFAULT '0' not null auto_increment,
Sid varchar (32) not null,
Primary key (id ),
UNIQUE sid (sid)
);
// End
// XX. php customizes the session database path. when a page needs to use // session, you can include this part by using the following methods:
Include "XX. php"; // XX. php
Session_start ();
// The session can be used normally below
?>
Function sess_open ($ save_path, $ session_name ){
Global $ hostname, $ dbusername, $ dbpassword, $ dbname, $ sess_dbh;
// $ Sess_dbh = mysql_pconnect ($ hostname, $ dbusername, $ dbpassword) or die ("cannot connect to the database! ");
$ Sess_dbh = mysql_pconnect ('localhost', 'test', 'test') or die ("cannot connect to the database! ");
// Mysql_select_db ("$ dbname") or die ("You cannot select a database! ");
Mysql_select_db ('test') or die ("You cannot select a database! ");
Return (true );
}
Function sess_close (){
// Mysql_close ();
Return (true );
}
Function sess_read ($ sid ){
Global $ sess_dbh;
$ Result = mysql_query ("select data from sesslib where sid = '$ sid'", $ sess_dbh );
$ N = mysql_num_rows ($ result );
If ($ n = 0 ){
Return ("");
}
Else {
$ Sess_data = mysql_result ($ result, 0 );
Return ($ sess_data );
}
}
Function sess_write ($ sid, $ sess_data ){
Global $ sess_dbh;
If (! Empty ($ sess_data )){
$ R = mysql_query ("insert into sesslib set sid = '$ sid', data = '$ sess_data', time = now ()", $ sess_dbh );
If (! $ R) {// insertion failed, means the session is already there, update it
$ R = mysql_query ("update sesslib set sid = '$ sid', data = '$ sess_data', time = now () where sid = '$ sid '", $ sess_dbh );
}
Return $ r;
}}
Function sess_destroy ($ sid ){
Global $ sess_dbh;
$ R = mysql_query ("delete from sesslib where sid = '$ sid'", $ sess_dbh );
Return ($ r );
}
Function sess_gc ($ maxlifetime ){
Global $ sess_dbh, $ sess_maxlifetime;
$ R = mysql_query ("delete from sesslib where unix_timestamp (now ()-unix_timestamp (time)> $ sess_maxlifetime", $ sess_dbh );
Return mysql_affected_rows ($ sess_dbh );
}
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.