Posted by Curt Zirzow on 12/27/05 02:27

On Thu, Dec 22, 2005 at 11:56:12PM -0500, Chris Shiflett wrote:
> Greg Donald wrote:
> >I've been using this database driven PHP sessions setup for years:
> >
> >http://dbsessions.destiney.com/
>
> I offer a similar implementation:
>
> http://phpsecurity.org/code/ch08-2

Ok, i'll bite.. :)

One thing I tend to avoid is having empty values in the database (a
pet peev via the file system), if a typical session_start() is
issued and there is no data to be written i believe avoiding the
actual insert should be avoided, to avoid the extra overhead of
writing 'no data' to the db. The approach i used probably has a
flaw if cookie based session is *not* used.

Also, i'v always hated the 'global $dbh' approach, I'd rather see
a defined database handle within the session.

http://zirzow.dyndns.org/session/session.phps

session_db_conf.php:
<?php
$SESSION_DB_HOST = 'localhost';
$SESSION_DB_USER = 'session;;
//...
?>

session_config.php:
<?php
include('session/session.php');
Session_System_DB('session_db_conf.php', true);
?>


Curt.
--
cat .signature: No such file or directory

• Next in forum: php / mysql / js search result question
• Prev in forum: Re: [PHP] Re: Can the URL be controlled for more user-friendly readability? [SOLVED]
• Thread view: Re: [PHP] Sessions...

[Reply to this message]