From 442c81639abdaa6f3ef2f3fd146d4655dd6e8da7 Mon Sep 17 00:00:00 2001 From: James Swift Date: Mon, 30 Nov 2015 21:22:40 +0000 Subject: [PATCH 1/3] Added new DB columns and increased session timeout to 7 days. --- MySqlSessionHandler.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/MySqlSessionHandler.php b/MySqlSessionHandler.php index 6a9774b..9a5ba2d 100644 --- a/MySqlSessionHandler.php +++ b/MySqlSessionHandler.php @@ -62,7 +62,7 @@ public function setDbTable($dbTable) public function open() { //delete old session handlers - $limit = time() - (3600 * 24); + $limit = time() - (3600 * 24 * 7); $sql = sprintf("DELETE FROM %s WHERE timestamp < %s", $this->dbTable, $limit); return $this->dbConnection->query($sql); } @@ -106,11 +106,14 @@ public function read($id) public function write($id, $data) { - $sql = sprintf("REPLACE INTO %s VALUES('%s', '%s', '%s')", + $sql = sprintf("REPLACE INTO %s VALUES('%s', '%s', '%s', '%s', '%s')", $this->dbTable, $this->dbConnection->escape_string($id), $this->dbConnection->escape_string($data), - time()); + time(), + $this->dbConnection->escape_string($_SERVER['REMOTE_ADDR']), + $this->dbConnection->escape_string($_SESSION['hits']) + ); return $this->dbConnection->query($sql); } From 399fb2d23879ac1e010917b6ff1dc4b126549bea Mon Sep 17 00:00:00 2001 From: James Swift Date: Mon, 30 Nov 2015 21:25:39 +0000 Subject: [PATCH 2/3] Modified readme. --- README.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 1ce5e6b..ff0ddcf 100644 --- a/README.md +++ b/README.md @@ -8,12 +8,14 @@ This class is old and I am personally not using it anymore. Maintenance is very ## Usage Create a table in your database: - CREATE TABLE `session_handler_table` ( - `id` varchar(255) NOT NULL, - `data` mediumtext NOT NULL, - `timestamp` int(255) NOT NULL, - PRIMARY KEY (`id`) - ) ENGINE=InnoDB DEFAULT CHARSET=utf8; +CREATE TABLE IF NOT EXISTS `sessions` ( + `id` varchar(50) NOT NULL, + `data` mediumtext NOT NULL, + `timestamp` int(255) NOT NULL, + `ip` varchar(255) NOT NULL, + `hits` int(11) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; Then have a look at [example.php](example.php).
From a8546f669716a9c80d702bc95c48e95ae42b3e5a Mon Sep 17 00:00:00 2001 From: James Swift Date: Mon, 30 Nov 2015 21:54:09 +0000 Subject: [PATCH 3/3] Improved GC and open() method. --- MySqlSessionHandler.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/MySqlSessionHandler.php b/MySqlSessionHandler.php index 9a5ba2d..d5d3194 100644 --- a/MySqlSessionHandler.php +++ b/MySqlSessionHandler.php @@ -61,10 +61,10 @@ public function setDbTable($dbTable) */ public function open() { - //delete old session handlers - $limit = time() - (3600 * 24 * 7); - $sql = sprintf("DELETE FROM %s WHERE timestamp < %s", $this->dbTable, $limit); - return $this->dbConnection->query($sql); + if (!is_a($this->dbConnection, 'mysqli')){ + throw new Exception('No session DB connection.'); + } + return true; } /** @@ -140,6 +140,12 @@ public function destroy($id) */ public function gc($max) { + //Delete single use sessions (search-bots etc.) + $limit = time() - (3600 * 5); + $sql = sprintf("DELETE FROM %s WHERE hits=1 AND timestamp < %s", $this->dbTable, $limit); + $this->dbConnection->query($sql); + + //Delete according to GC $max age setting $sql = sprintf("DELETE FROM %s WHERE `timestamp` < '%s'", $this->dbTable, time() - intval($max)); return $this->dbConnection->query($sql); }