Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>You're effectively looking to write your own session handler to bypass PHP's cookie expiration issue on session cookies. This is pretty straightforward, and pretty optimized if done properly.</p> <p><strong>Step 1: generating the session ID</strong></p> <p>A session ID is unique. However, if you're planning for permanent sessions, you have to bear a couple of things in mind: you want the session to carry over per browser, regardless of connection issues. So, you can cheat the system a bit by mapping the session ID with the user agent of the navigator (which doesn't change).</p> <p>This allows you to reduce the chance for your session ID generator to generate the same ID for two distinct visitors. The rest is up to a random number generator and a hash algorithm, though - <code>md5(microtime().$_SERVER['REMOTE_ADDR'])</code> is usually a trusted friend.</p> <p><strong>Step 2: storing and retrieving the data</strong></p> <p>Storing the data is also trivial. Your aim is to create a MySQL table with a minimum of two columns: the session key (set to <code>PRIMARY</code>), and the data (serialized array for the simplest form, stored as <code>TEXT</code>).</p> <p>When you create a session, just insert a new row and watch for errors. If an error comes up, the key was already used, so you'll need to re-generate another. If the row was inserted successfully - all good, you now have a session row for the user! All you need to do from there on is to read/write to this row as you see fit.</p> <p>Cookie the user with the session ID, and you're done!</p> <p><strong>Caveats</strong></p> <ul> <li>Never <em>ever</em> use a userID as session ID. Cookies can be very easily manipulated. You want the cookie value to be random and completely separated from the user. It should be meaningless.</li> <li>You'll need to write clean-up code to clean up the session table from time to time. A good way to do this is to keep track of when a session was last used - and delete accordingly.</li> </ul>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload