Reply to Re: Session problem

Your name:

Reply:


Posted by Jerry Stuckle on 10/23/07 11:13

mabobine wrote:
> if($session->userHasSession($user['id'])) {
> throw new Exception('You can only have One session at a time. Please
> wait for the other session to expire.');
> }
>
>
> public function userHasSession($user_id)
> {
> $this->cleanup();
>
> // Check first, that the User exists on the Database
> $query = 'select * from `users` where id = {user_id}';
> $query_subst = array('user_id' => $user_id);
> $mysqlres = mysqlConn::executeQuery($query, $query_subst);
> if(mysql_num_rows($mysqlres) < 1) {
> mysql_free_result($mysqlres);
>
> // Block remaining operations, because the User is not valid on the
> system
> die("Exception: User requesting the Session is invalid!");
>
> return false;
> }
>
> // Now, check if there is a Session for this User
> $query = 'select * from `' . $this->table . '` where user_id =
> {user_id}';
> $mysqlres = mysqlConn::executeQuery($query, $query_subst);
> if(mysql_num_rows($mysqlres) > 0) {
> mysql_free_result($mysqlres);
> return true;
> } else {
> mysql_free_result($mysqlres);
> return false;
> }
> }
>
> public function killSession()
> {
> if($this->started)
> {
> $query = 'DELETE FROM ' . $this->table . ' WHERE id =
> {session_id}';
> $query_subst = array('session_id' => $this->session_id);
> if(mysqlConn::executeQuery($query, $query_subst))
> {
> setcookie('session_id', '', time() - 259200);
>
> return true;
> }
> }
>
> return false;
> }
>
>
>
>
>
>
>

OK, you're keeping track of sessions in your MySQL database. You need
to clean up the session, even if they just close their browser and never
log off. That means removing the entry from your table, which you
evidently are not doing (it's hard to tell since you only show part of
your code).

The problem is - when to do it? You can do it on a timer (i.e. every 2
hours), for instance. Another way would be to delete the old session
when they log on the new time.

This is a good reason why I don't uses a database to keep track of
sessions. I just use the $_SESSION superglobal.


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация