sfMySQLSessionStorage.class.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207
  1. <?php
  2. /*
  3. * This file is part of the symfony package.
  4. * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
  5. * (c) 2004-2006 Sean Kerr <sean@code-box.org>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. /**
  11. * Provides support for session storage using a MySQL brand database.
  12. *
  13. * <b>parameters:</b> see sfDatabaseSessionStorage
  14. *
  15. * @package symfony
  16. * @subpackage storage
  17. * @author Fabien Potencier <fabien.potencier@symfony-project.com>
  18. * @author Sean Kerr <sean@code-box.org>
  19. * @author Julien Garand <julien.garand@gmail.com>
  20. * @version SVN: $Id: sfMySQLSessionStorage.class.php 12061 2008-10-07 20:18:39Z fabien $
  21. */
  22. class sfMySQLSessionStorage extends sfDatabaseSessionStorage
  23. {
  24. /**
  25. * Destroys a session.
  26. *
  27. * @param string $id A session ID
  28. *
  29. * @return bool true, if the session was destroyed, otherwise an exception is thrown
  30. *
  31. * @throws <b>sfDatabaseException</b> If the session cannot be destroyed.
  32. */
  33. public function sessionDestroy($id)
  34. {
  35. // get table/column
  36. $db_table = $this->options['db_table'];
  37. $db_id_col = $this->options['db_id_col'];
  38. // cleanup the session id, just in case
  39. $id = $this->db_escape($id);
  40. // delete the record associated with this id
  41. $sql = "DELETE FROM $db_table WHERE $db_id_col = '$id'";
  42. if ($this->db_query($sql))
  43. {
  44. return true;
  45. }
  46. // failed to destroy session
  47. throw new sfDatabaseException(sprintf('%s cannot destroy session id "%s" (%s).', get_class($this), $id, mysql_error()));
  48. }
  49. /**
  50. * Cleans up old sessions.
  51. *
  52. * @param int $lifetime The lifetime of a session
  53. *
  54. * @return bool true, if old sessions have been cleaned, otherwise an exception is thrown
  55. *
  56. * @throws <b>sfDatabaseException</b> If any old sessions cannot be cleaned
  57. */
  58. public function sessionGC($lifetime)
  59. {
  60. // get table/column
  61. $db_table = $this->options['db_table'];
  62. $db_time_col = $this->options['db_time_col'];
  63. // delete the record older than the authorised session life time
  64. $lifetime = $this->db_escape($lifetime); // We never know...
  65. $sql = "DELETE FROM $db_table WHERE $db_time_col + $lifetime < UNIX_TIMESTAMP()";
  66. if (!$this->db_query($sql))
  67. {
  68. throw new sfDatabaseException(sprintf('%s cannot delete old sessions (%s).', get_class($this), mysql_error()));
  69. }
  70. return true;
  71. }
  72. /**
  73. * Reads a session.
  74. *
  75. * @param string $id A session ID
  76. *
  77. * @return string The session data if the session was read or created, otherwise an exception is thrown
  78. *
  79. * @throws <b>sfDatabaseException</b> If the session cannot be read
  80. */
  81. public function sessionRead($id)
  82. {
  83. // get table/column
  84. $db_table = $this->options['db_table'];
  85. $db_data_col = $this->options['db_data_col'];
  86. $db_id_col = $this->options['db_id_col'];
  87. $db_time_col = $this->options['db_time_col'];
  88. // cleanup the session id, just in case
  89. $id = $this->db_escape($id);
  90. // get the record associated with this id
  91. $sql = "SELECT $db_data_col FROM $db_table WHERE $db_id_col = '$id'";
  92. $result = $this->db_query($sql);
  93. if ($result != false && $this->db_num_rows($result) == 1)
  94. {
  95. // found the session
  96. $data = $this->db_fetch_row($result);
  97. return $data[0];
  98. }
  99. else
  100. {
  101. // session does not exist, create it
  102. $sql = "INSERT INTO $db_table ($db_id_col, $db_data_col, $db_time_col) VALUES ('$id', '', UNIX_TIMESTAMP())";
  103. if ($this->db_query($sql))
  104. {
  105. return '';
  106. }
  107. // can't create record
  108. throw new sfDatabaseException(sprintf('%s cannot create new record for id "%s" (%s).', get_class($this), $id, mysql_error()));
  109. }
  110. }
  111. /**
  112. * Writes session data.
  113. *
  114. * @param string $id A session ID
  115. * @param string $data A serialized chunk of session data
  116. *
  117. * @return bool true, if the session was written, otherwise an exception is thrown
  118. *
  119. * @throws <b>sfDatabaseException</b> If the session data cannot be written
  120. */
  121. public function sessionWrite($id, $data)
  122. {
  123. // get table/column
  124. $db_table = $this->options['db_table'];
  125. $db_data_col = $this->options['db_data_col'];
  126. $db_id_col = $this->options['db_id_col'];
  127. $db_time_col = $this->options['db_time_col'];
  128. // cleanup the session id and data, just in case
  129. $id = $this->db_escape($id);
  130. $data = $this->db_escape($data);
  131. // update the record associated with this id
  132. $sql = "UPDATE $db_table SET $db_data_col='$data', $db_time_col=UNIX_TIMESTAMP() WHERE $db_id_col='$id'";
  133. if ($this->db_query($sql))
  134. {
  135. return true;
  136. }
  137. // failed to write session data
  138. throw new sfDatabaseException(sprintf('%s cannot write session data for id "%s" (%s).', get_class($this), $id, mysql_error()));
  139. }
  140. /**
  141. * Executes an SQL Query
  142. *
  143. * @param string $query The query to execute
  144. * @return mixed The result of the query
  145. */
  146. protected function db_query($query)
  147. {
  148. return @mysql_query($query, $this->db);
  149. }
  150. /**
  151. * Escapes a string before using it in a query statement
  152. *
  153. * @param string $string The string to escape
  154. * @return string The escaped string
  155. */
  156. protected function db_escape($string)
  157. {
  158. return mysql_real_escape_string($string, $this->db);
  159. }
  160. /**
  161. * Counts the rows in a query result
  162. *
  163. * @param resource $result Result of a query
  164. * @return int Number of rows
  165. */
  166. protected function db_num_rows($result)
  167. {
  168. return mysql_num_rows($result);
  169. }
  170. /**
  171. * Extracts a row from a query result set
  172. *
  173. * @param resource $result Result of a query
  174. * @return array Extracted row as an indexed array
  175. */
  176. protected function db_fetch_row($result)
  177. {
  178. return mysql_fetch_row($result);
  179. }
  180. }