PHP and Sessions
- ScottG
- Proficient
- Joined: Jul 06, 2010
- Posts: 280
- Status: Online
March 6th, 2013, 9:52 am
Ok So this isn't an error or issue It's a more of a inquiry into other peoples thoughts. Since the last issue I had that caused me, well several days of heavy thought, trial and error, and frustration. I'm starting to rethink how I'm going to handle sessions.
In the past I have a file that is included into every page of my php projects called initialize.php The sole role of this file is to setup the session @session_start(); and any classes that are needed through out the project like the database class.
That file looks like
A bit of overview with my last issue I had was with ImageMagick(IM) (programming-forum/imagemagick-and-windows-t108116.html for those who want to know the details), but to put it simply I chased down an issue and the call to IM was indeed causing the issue to happen so i was chasing my tail trying to find a fix/alternative for popen(). It wasn't until I really ripped the script to bare bones i discovered the issue, and that being that since i had sessions going when the call to IM was made if the page was refreshed or called again the php script would try to setup the sessions again but it couldn't because the sessions were in use resulting in a session lock this in turn would lockup IM. Closing the php sessions before the IM call and then reopening them after the call was completed resolved this issue.
While reading the article above about PHP Session Locks, has brought me to rethink how I handle sessions. I am thinking about creating a Session class to handle the sessions. The idea being that the file that php writes session info to will always be closed unless you need to add or change sessions. Once the sessions have been setup they can be closed and you will still be able to access the $_SESSION variable.
Take the following test
s1.php This file sets up a custom session variable
s2.php This file represents a bad attempt since the session was not continued resulting in no Session info
s3.php This file starts/continues the session and then immediately closes the session file which gives us access to the $_SESSION variable.
So this is the basic idea behind my session class. when the constructor is called it starts and closes the session right away giving you the $_SESSION variable. a important thing to note is that you are NOT able to set any other sessions unless you start the session again. See the example below
So the class I would be making also will be able to add and change session info as well so instead of doing $_SESSION['index'] = 'content'; you would do something like $sess->modify('index', 'content');.
Any thoughts or concerns? What do think of this approach to Sessions? Since this is a very simple class it will most likely be completed before anyone reads this post lol.
In the past I have a file that is included into every page of my php projects called initialize.php The sole role of this file is to setup the session @session_start(); and any classes that are needed through out the project like the database class.
That file looks like
PHP Code: [ Select ]
<?php
/**
* The initialize class starts all of the main classes and
* sets the site up.
*
* @Author William Gaines <sgscott87@gmail.com>
* @Copyright 2013-2014 indefinite Designs.
*
*/
/***********************************/
/* Start Session */
/***********************************/
// Start/Continue a session
@session_start();
/***********************************/
/* Error Reporting */
/***********************************/
// We want to see our errors
ini_set('display_errors', '1');
// Report all except notices
error_reporting(E_ALL ^ E_NOTICE);
/***********************************/
/* Includes and Objects */
/***********************************/
// Include the config
require_once('config.php');
// General Functions
require_once('general.php');
// Start our error class
require_once('class.error.php');
$err = new Error();
// Database Authentication File
require_once('dbauth.php');
// Start our database object instance (singleton)
require_once('class.db_connect.php');
$db = DBConnection::instance();
?>
/**
* The initialize class starts all of the main classes and
* sets the site up.
*
* @Author William Gaines <sgscott87@gmail.com>
* @Copyright 2013-2014 indefinite Designs.
*
*/
/***********************************/
/* Start Session */
/***********************************/
// Start/Continue a session
@session_start();
/***********************************/
/* Error Reporting */
/***********************************/
// We want to see our errors
ini_set('display_errors', '1');
// Report all except notices
error_reporting(E_ALL ^ E_NOTICE);
/***********************************/
/* Includes and Objects */
/***********************************/
// Include the config
require_once('config.php');
// General Functions
require_once('general.php');
// Start our error class
require_once('class.error.php');
$err = new Error();
// Database Authentication File
require_once('dbauth.php');
// Start our database object instance (singleton)
require_once('class.db_connect.php');
$db = DBConnection::instance();
?>
- <?php
- /**
- * The initialize class starts all of the main classes and
- * sets the site up.
- *
- * @Author William Gaines <sgscott87@gmail.com>
- * @Copyright 2013-2014 indefinite Designs.
- *
- */
- /***********************************/
- /* Start Session */
- /***********************************/
- // Start/Continue a session
- @session_start();
- /***********************************/
- /* Error Reporting */
- /***********************************/
- // We want to see our errors
- ini_set('display_errors', '1');
- // Report all except notices
- error_reporting(E_ALL ^ E_NOTICE);
- /***********************************/
- /* Includes and Objects */
- /***********************************/
- // Include the config
- require_once('config.php');
- // General Functions
- require_once('general.php');
- // Start our error class
- require_once('class.error.php');
- $err = new Error();
- // Database Authentication File
- require_once('dbauth.php');
- // Start our database object instance (singleton)
- require_once('class.db_connect.php');
- $db = DBConnection::instance();
- ?>
A bit of overview with my last issue I had was with ImageMagick(IM) (programming-forum/imagemagick-and-windows-t108116.html for those who want to know the details), but to put it simply I chased down an issue and the call to IM was indeed causing the issue to happen so i was chasing my tail trying to find a fix/alternative for popen(). It wasn't until I really ripped the script to bare bones i discovered the issue, and that being that since i had sessions going when the call to IM was made if the page was refreshed or called again the php script would try to setup the sessions again but it couldn't because the sessions were in use resulting in a session lock this in turn would lockup IM. Closing the php sessions before the IM call and then reopening them after the call was completed resolved this issue.
While reading the article above about PHP Session Locks, has brought me to rethink how I handle sessions. I am thinking about creating a Session class to handle the sessions. The idea being that the file that php writes session info to will always be closed unless you need to add or change sessions. Once the sessions have been setup they can be closed and you will still be able to access the $_SESSION variable.
Take the following test
s1.php This file sets up a custom session variable
PHP Code: [ Select ]
<?php
@session_start();
$_SESSION['my_session'] = 'Yay! It works';
session_write_close();
?>
<br />
<a href="s2.php">Next</a>
@session_start();
$_SESSION['my_session'] = 'Yay! It works';
session_write_close();
?>
<br />
<a href="s2.php">Next</a>
- <?php
- @session_start();
- $_SESSION['my_session'] = 'Yay! It works';
- session_write_close();
- ?>
- <br />
- <a href="s2.php">Next</a>
s2.php This file represents a bad attempt since the session was not continued resulting in no Session info
PHP Code: [ Select ]
<?php
echo (!empty($_SESSION['my_session'])) ? $_SESSION['my_session'] : 'Boo! It failed! You Suck Sessions!';
?>
<br />
<a href="s3.php">Next</a>
echo (!empty($_SESSION['my_session'])) ? $_SESSION['my_session'] : 'Boo! It failed! You Suck Sessions!';
?>
<br />
<a href="s3.php">Next</a>
- <?php
- echo (!empty($_SESSION['my_session'])) ? $_SESSION['my_session'] : 'Boo! It failed! You Suck Sessions!';
- ?>
- <br />
- <a href="s3.php">Next</a>
s3.php This file starts/continues the session and then immediately closes the session file which gives us access to the $_SESSION variable.
PHP Code: [ Select ]
<?php
@session_start(); session_write_close();
echo (!empty($_SESSION['my_session'])) ? $_SESSION['my_session'] : 'Boo! It failed! You Suck Sessions!';
?>
<br />
FIN
@session_start(); session_write_close();
echo (!empty($_SESSION['my_session'])) ? $_SESSION['my_session'] : 'Boo! It failed! You Suck Sessions!';
?>
<br />
FIN
- <?php
- @session_start(); session_write_close();
- echo (!empty($_SESSION['my_session'])) ? $_SESSION['my_session'] : 'Boo! It failed! You Suck Sessions!';
- ?>
- <br />
- FIN
So this is the basic idea behind my session class. when the constructor is called it starts and closes the session right away giving you the $_SESSION variable. a important thing to note is that you are NOT able to set any other sessions unless you start the session again. See the example below
PHP Code: [ Select ]
<?php
@session_start();
$_SESSION['my_session'] = 'Yay! It works';
session_write_close();
$_SESSION['bad_session'] = 'This will not work!';
@session_start();
$_SESSION['good_session'] = 'Yay! Another good session!';
session_write_close();
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
FIN
@session_start();
$_SESSION['my_session'] = 'Yay! It works';
session_write_close();
$_SESSION['bad_session'] = 'This will not work!';
@session_start();
$_SESSION['good_session'] = 'Yay! Another good session!';
session_write_close();
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
FIN
- <?php
- @session_start();
- $_SESSION['my_session'] = 'Yay! It works';
- session_write_close();
- $_SESSION['bad_session'] = 'This will not work!';
- @session_start();
- $_SESSION['good_session'] = 'Yay! Another good session!';
- session_write_close();
- ?>
- <pre>
- <?php
- var_dump($_SESSION);
- ?>
- </pre>
- <br />
- FIN
So the class I would be making also will be able to add and change session info as well so instead of doing $_SESSION['index'] = 'content'; you would do something like $sess->modify('index', 'content');.
Any thoughts or concerns? What do think of this approach to Sessions? Since this is a very simple class it will most likely be completed before anyone reads this post lol.
- Anonymous
- Bot
- Joined: 25 Feb 2008
- Posts: ?
- Loc: Ozzuland
- Status: Online
March 6th, 2013, 9:52 am
- ScottG
- Proficient
- Joined: Jul 06, 2010
- Posts: 280
- Status: Online
March 6th, 2013, 10:40 am
As stated I have completed the class and am testing it out currently
- Bigwebmaster
- Site Admin
- Joined: Dec 20, 2002
- Posts: 8934
- Loc: Seattle, WA & Phoenix, AZ
- Status: Offline
March 7th, 2013, 11:38 am
Have you considered completely scrapping using PHPs basic session handler and writing your own so that you can tailor it to your exact needs and avoid the pitfalls that this seems to be causing you?
Ozzu Hosting - Want your website on a fast server like Ozzu?
- ScottG
- Proficient
- Joined: Jul 06, 2010
- Posts: 280
- Status: Online
March 12th, 2013, 8:12 am
I have thought about doing that, but then there would be a lot more processing going on either database or physical files to manage. Most my issues have been resolved by closing the session when not in use which by the link in the other post confirmed the issue.
here is the class i made to handle session and some uses
session class
test 1
test 2
<?php
require_once('cms/classes/class.session.php');
$session = new Session();
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<?php
echo 'What about removing Sessions?';
$session->kill('second_test');
$session->kill(array('forth_test', 'fith_test'));
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
<a href="s2.php">Refresh</a> <a href="s3.php">Next</a>
test 3
test 4
here is the class i made to handle session and some uses
session class
PHP Code: [ Select ]
<?php
/**
* This file is the user class. It is used to add edit
* delete login or anything else that involes the user.
*
* @Author William Gaines <sgscott87@gmail.com>
* @Copyright 2013-2015
*
*/
/***********************************/
/* Initialize */
/***********************************/
class Session {
// Start up the Session
function __construct() {
// Setup the session
$this->start();
$this->stop();
}
// This function will start the session
public function start() {
// Start/Continue the session
(headers_sent()) ? @session_start() : session_start();
}
// This function will stop the session
public function stop() {
// Write the close of the seesion file and unlock it
session_write_close();
}
/**
* Adds/Edits Session info
*
* @param string/array $index This variable can be used as a string for the index in the session variable or as an associative array for the index and content
* @param string/boolean $content This is the content that will be added to the index in the session. This will be false if the $index is an array.
* @return boolean
*/
public function modify($index, $content = false) {
// Start Session
$this->start();
// Check to see if the $index is an array
if(is_array($index)) {
// Loop the index array
foreach($index as $key => $value) {
// Add to the Session
$_SESSION[$key] = $value;
}
} else {
// Add to the Session
$_SESSION[$index] = $content;
}
// Stop Session
$this->stop();
// Kick out
return true;
}
/**
* Removes session info
*
* @param string/array $index This variable can be used as a string for the index in the session variable or as an array of indexs
* @return boolean
*/
public function kill($index) {
// Start Session
$this->start();
// Check to see if the $index is an array
if(is_array($index)) {
// Loop the index array
foreach($index as $key => $value) {
// Add to the Session
unset($_SESSION[$value]);
}
} else {
// Add to the Session
unset($_SESSION[$index]);
}
// Stop Session
$this->stop();
// Kick out
return true;
}
/**
* Removes ALL session info and reset everything
*
* Note: This will cause an error if there is already output on the page before calling the destroy
* @return boolean
*/
public function destroy() {
// Kill the variables
$this->kill($_SESSION);
// Start Session
$this->start();
// Unset the session
session_unset();
// Check for headers sent and spit out a better error if they are. This is so that there is only one error that better describes what is going on
// this will suppress the errors if the headers are sent and spit out nice warnings
if(headers_sent($filename, $linenum)) {
// Clear cookies
@setcookie(session_name(),'',0,'/');
// Reset the session id
@session_regenerate_id();
// Spit out error
echo "<br /><strong>Warning:</strong> Your session may not be destroyed. You are receiving this warning due to the headers already being sent. This could occur due to output already on the page before the destroy function was called in <strong>$filename</strong> on line <strong>$linenum</strong><br />\n";
} else {
// Clear cookies
setcookie(session_name(),'',0,'/');
// Reset the session id
session_regenerate_id();
}
// Stop Session
$this->stop();
// Kick out
return true;
}
}
?>
/**
* This file is the user class. It is used to add edit
* delete login or anything else that involes the user.
*
* @Author William Gaines <sgscott87@gmail.com>
* @Copyright 2013-2015
*
*/
/***********************************/
/* Initialize */
/***********************************/
class Session {
// Start up the Session
function __construct() {
// Setup the session
$this->start();
$this->stop();
}
// This function will start the session
public function start() {
// Start/Continue the session
(headers_sent()) ? @session_start() : session_start();
}
// This function will stop the session
public function stop() {
// Write the close of the seesion file and unlock it
session_write_close();
}
/**
* Adds/Edits Session info
*
* @param string/array $index This variable can be used as a string for the index in the session variable or as an associative array for the index and content
* @param string/boolean $content This is the content that will be added to the index in the session. This will be false if the $index is an array.
* @return boolean
*/
public function modify($index, $content = false) {
// Start Session
$this->start();
// Check to see if the $index is an array
if(is_array($index)) {
// Loop the index array
foreach($index as $key => $value) {
// Add to the Session
$_SESSION[$key] = $value;
}
} else {
// Add to the Session
$_SESSION[$index] = $content;
}
// Stop Session
$this->stop();
// Kick out
return true;
}
/**
* Removes session info
*
* @param string/array $index This variable can be used as a string for the index in the session variable or as an array of indexs
* @return boolean
*/
public function kill($index) {
// Start Session
$this->start();
// Check to see if the $index is an array
if(is_array($index)) {
// Loop the index array
foreach($index as $key => $value) {
// Add to the Session
unset($_SESSION[$value]);
}
} else {
// Add to the Session
unset($_SESSION[$index]);
}
// Stop Session
$this->stop();
// Kick out
return true;
}
/**
* Removes ALL session info and reset everything
*
* Note: This will cause an error if there is already output on the page before calling the destroy
* @return boolean
*/
public function destroy() {
// Kill the variables
$this->kill($_SESSION);
// Start Session
$this->start();
// Unset the session
session_unset();
// Check for headers sent and spit out a better error if they are. This is so that there is only one error that better describes what is going on
// this will suppress the errors if the headers are sent and spit out nice warnings
if(headers_sent($filename, $linenum)) {
// Clear cookies
@setcookie(session_name(),'',0,'/');
// Reset the session id
@session_regenerate_id();
// Spit out error
echo "<br /><strong>Warning:</strong> Your session may not be destroyed. You are receiving this warning due to the headers already being sent. This could occur due to output already on the page before the destroy function was called in <strong>$filename</strong> on line <strong>$linenum</strong><br />\n";
} else {
// Clear cookies
setcookie(session_name(),'',0,'/');
// Reset the session id
session_regenerate_id();
}
// Stop Session
$this->stop();
// Kick out
return true;
}
}
?>
- <?php
- /**
- * This file is the user class. It is used to add edit
- * delete login or anything else that involes the user.
- *
- * @Author William Gaines <sgscott87@gmail.com>
- * @Copyright 2013-2015
- *
- */
- /***********************************/
- /* Initialize */
- /***********************************/
- class Session {
- // Start up the Session
- function __construct() {
- // Setup the session
- $this->start();
- $this->stop();
- }
- // This function will start the session
- public function start() {
- // Start/Continue the session
- (headers_sent()) ? @session_start() : session_start();
- }
- // This function will stop the session
- public function stop() {
- // Write the close of the seesion file and unlock it
- session_write_close();
- }
- /**
- * Adds/Edits Session info
- *
- * @param string/array $index This variable can be used as a string for the index in the session variable or as an associative array for the index and content
- * @param string/boolean $content This is the content that will be added to the index in the session. This will be false if the $index is an array.
- * @return boolean
- */
- public function modify($index, $content = false) {
- // Start Session
- $this->start();
- // Check to see if the $index is an array
- if(is_array($index)) {
- // Loop the index array
- foreach($index as $key => $value) {
- // Add to the Session
- $_SESSION[$key] = $value;
- }
- } else {
- // Add to the Session
- $_SESSION[$index] = $content;
- }
- // Stop Session
- $this->stop();
- // Kick out
- return true;
- }
- /**
- * Removes session info
- *
- * @param string/array $index This variable can be used as a string for the index in the session variable or as an array of indexs
- * @return boolean
- */
- public function kill($index) {
- // Start Session
- $this->start();
- // Check to see if the $index is an array
- if(is_array($index)) {
- // Loop the index array
- foreach($index as $key => $value) {
- // Add to the Session
- unset($_SESSION[$value]);
- }
- } else {
- // Add to the Session
- unset($_SESSION[$index]);
- }
- // Stop Session
- $this->stop();
- // Kick out
- return true;
- }
- /**
- * Removes ALL session info and reset everything
- *
- * Note: This will cause an error if there is already output on the page before calling the destroy
- * @return boolean
- */
- public function destroy() {
- // Kill the variables
- $this->kill($_SESSION);
- // Start Session
- $this->start();
- // Unset the session
- session_unset();
- // Check for headers sent and spit out a better error if they are. This is so that there is only one error that better describes what is going on
- // this will suppress the errors if the headers are sent and spit out nice warnings
- if(headers_sent($filename, $linenum)) {
- // Clear cookies
- @setcookie(session_name(),'',0,'/');
- // Reset the session id
- @session_regenerate_id();
- // Spit out error
- echo "<br /><strong>Warning:</strong> Your session may not be destroyed. You are receiving this warning due to the headers already being sent. This could occur due to output already on the page before the destroy function was called in <strong>$filename</strong> on line <strong>$linenum</strong><br />\n";
- } else {
- // Clear cookies
- setcookie(session_name(),'',0,'/');
- // Reset the session id
- session_regenerate_id();
- }
- // Stop Session
- $this->stop();
- // Kick out
- return true;
- }
- }
- ?>
test 1
PHP Code: [ Select ]
<?php
require_once('cms/classes/class.session.php');
$session = new Session();
$session->modify('first_test', 'Yay! It works');
// Make an array for sessions
$test_array = array(
"first_test" => '1 I think you\'ve won!',
"second_test" => '2 you belong in a zoo!',
"third_test" => '3 your just like me!',
"forth_test" => '4 get off the floor!',
"fith_test" => '5 ... Umm your starting to jive?',
"sixth_test" => '6 pickup those sticks!'
);
$session->modify($test_array);
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
<a href="s2.php">Next</a>
require_once('cms/classes/class.session.php');
$session = new Session();
$session->modify('first_test', 'Yay! It works');
// Make an array for sessions
$test_array = array(
"first_test" => '1 I think you\'ve won!',
"second_test" => '2 you belong in a zoo!',
"third_test" => '3 your just like me!',
"forth_test" => '4 get off the floor!',
"fith_test" => '5 ... Umm your starting to jive?',
"sixth_test" => '6 pickup those sticks!'
);
$session->modify($test_array);
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
<a href="s2.php">Next</a>
- <?php
- require_once('cms/classes/class.session.php');
- $session = new Session();
- $session->modify('first_test', 'Yay! It works');
- // Make an array for sessions
- $test_array = array(
- "first_test" => '1 I think you\'ve won!',
- "second_test" => '2 you belong in a zoo!',
- "third_test" => '3 your just like me!',
- "forth_test" => '4 get off the floor!',
- "fith_test" => '5 ... Umm your starting to jive?',
- "sixth_test" => '6 pickup those sticks!'
- );
- $session->modify($test_array);
- ?>
- <pre>
- <?php
- var_dump($_SESSION);
- ?>
- </pre>
- <br />
- <a href="s2.php">Next</a>
test 2
PHP Code: [ Select ]
<?php
require_once('cms/classes/class.session.php');
$session = new Session();
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<?php
echo 'What about removing Sessions?';
$session->kill('second_test');
$session->kill(array('forth_test', 'fith_test'));
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
<a href="s2.php">Refresh</a> <a href="s3.php">Next</a>
- <?php
- require_once('cms/classes/class.session.php');
- $session = new Session();
- ?>
- <pre>
- <?php
- var_dump($_SESSION);
- ?>
- </pre>
- <?php
- echo 'What about removing Sessions?';
- $session->kill('second_test');
- $session->kill(array('forth_test', 'fith_test'));
- ?>
- <pre>
- <?php
- var_dump($_SESSION);
- ?>
- </pre>
- <br />
- <a href="s2.php">Refresh</a> <a href="s3.php">Next</a>
test 3
PHP Code: [ Select ]
<?php
require_once('cms/classes/class.session.php');
$session = new Session();
// Please Note that before trying to destroy the sessions you CANNOT have any output before this call.
// This call is to destroy and rest the session info. This would happen mostly on a logout page.
$session->destroy();
echo 'What about Destroying Sessions?';
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
<a href="s4.php">Next</a>
require_once('cms/classes/class.session.php');
$session = new Session();
// Please Note that before trying to destroy the sessions you CANNOT have any output before this call.
// This call is to destroy and rest the session info. This would happen mostly on a logout page.
$session->destroy();
echo 'What about Destroying Sessions?';
?>
<pre>
<?php
var_dump($_SESSION);
?>
</pre>
<br />
<a href="s4.php">Next</a>
- <?php
- require_once('cms/classes/class.session.php');
- $session = new Session();
- // Please Note that before trying to destroy the sessions you CANNOT have any output before this call.
- // This call is to destroy and rest the session info. This would happen mostly on a logout page.
- $session->destroy();
- echo 'What about Destroying Sessions?';
- ?>
- <pre>
- <?php
- var_dump($_SESSION);
- ?>
- </pre>
- <br />
- <a href="s4.php">Next</a>
test 4
PHP Code: [ Select ]
<?php
require_once('cms/classes/class.session.php');
$session = new Session();
?>
So you need to do something with the sessions that's not in this class?
<br />
<?php
$session->start();
// Do your stuff here
$session->stop();
?>
<br />
<br />
FIN
require_once('cms/classes/class.session.php');
$session = new Session();
?>
So you need to do something with the sessions that's not in this class?
<br />
<?php
$session->start();
// Do your stuff here
$session->stop();
?>
<br />
<br />
FIN
- <?php
- require_once('cms/classes/class.session.php');
- $session = new Session();
- ?>
- So you need to do something with the sessions that's not in this class?
- <br />
- <?php
- $session->start();
- // Do your stuff here
- $session->stop();
- ?>
- <br />
- <br />
- FIN
Page 1 of 1
To Reply to this topic you need to LOGIN or REGISTER. It is free.
Post Information
- Total Posts in this topic: 4 posts
- Users browsing this forum: No registered users and 166 guests
- You cannot post new topics in this forum
- You cannot reply to topics in this forum
- You cannot edit your posts in this forum
- You cannot delete your posts in this forum
- You cannot post attachments in this forum
