Mysql|session session is usually placed in the/tmp directory, and the folder's permissions are everbody readable, this is very scary! School Forum once someone through the session to steal account! So then try to put the session into the database, the table structure and process as follows:
Create a table
Create Sesslib.sql
CREATE TABLE Sesslib (
Data text,
Time datetime,
ID int (one) DEFAULT ' 0 ' not NULL auto_increment,
Sid varchar Not NULL,
PRIMARY KEY (ID),
UNIQUE sid (SID)
);
End
Xx.php customized the session's database path, and when a page needs to use//session, you can include this section, using the following method:
?
Include "xx.php";//xx.php
Session_Start ();
The following session will be used normally
?>
function Sess_open ($save _path, $session _name) {
Global $hostname, $dbusername, $dbpassword, $dbname, $sess _dbh;
$sess _dbh=mysql_pconnect ($hostname, $dbusername, $dbpassword) or Die ("Cannot connect to the database!") ");
$sess _dbh=mysql_pconnect (' localhost ', ' test ', ' test ') or Die ("Cannot connect to the database!") ");
mysql_select_db ("$dbname") or Die ("Cannot select a database!") ");
mysql_select_db (' test ') or Die ("Cannot select a database!") ");
return (true);
}
function Sess_close () {
Mysql_close ();
return (true);
}
function Sess_read ($SID) {
Global $sess _DBH;
$result = mysql_query ("Select data from Sesslib where sid= ' $sid '", $sess _DBH);
$n =mysql_num_rows ($result);
if ($n ==0) {
Return ("");
}
else {
$sess _data=mysql_result ($result, 0);
Return ($sess _data);
}
}
function Sess_write ($sid, $sess _data) {
Global $sess _DBH;
if (!empty ($sess _data)) {
$r =mysql_query ("INSERT into Sesslib set sid= ' $sid ', data= ' $sess _data ', Time=now ()", $sess _DBH);
if (! $r) {//insertion failed, means the session is already there, update it
$r =mysql_query ("Update sesslib set sid= ' $sid ', data= ' $sess _data ', Time=now () where sid= ' $sid '", $sess _DBH);
}
return $r;
}}
function Sess_destroy ($SID) {
Global $sess _DBH;
$r =mysql_query ("Delete from sesslib where sid= ' $sid '", $sess _DBH);
return ($R);
}
function sess_gc ($maxlifetime) {
Global $sess _DBH, $sess _maxlifetime;
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.