sfPDOSessionStorage.class.php 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
  1. <?php
  2. /*
  3. * This file is part of the symfony package.
  4. * (c) 2004, 2005 Fabien Potencier <fabien.potencier@symfony-project.com>
  5. * (c) 2004, 2005 Sean Kerr <sean@code-box.org>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. /**
  11. * Provides support for session storage using a PDO database abstraction layer.
  12. *
  13. * <b>parameters:</b> see sfDatabaseSessionStorage
  14. *
  15. * @package symfony
  16. * @subpackage storage
  17. * @author Mathew Toth <developer@poetryleague.com>
  18. * @author Fabien Potencier <fabien.potencier@symfony-project.com>
  19. * @author Sean Kerr <sean@code-box.org>
  20. * @version SVN: $Id: sfPDOSessionStorage.class.php 13143 2008-11-18 22:22:01Z FabianLange $
  21. */
  22. class sfPDOSessionStorage extends sfDatabaseSessionStorage
  23. {
  24. /**
  25. * Destroys a session.
  26. *
  27. * @param string $id A session ID
  28. *
  29. * @return bool true, if the session was destroyed, otherwise an exception is thrown
  30. *
  31. * @throws <b>DatabaseException</b> If the session cannot be destroyed
  32. */
  33. public function sessionDestroy($id)
  34. {
  35. // get table/column
  36. $db_table = $this->options['db_table'];
  37. $db_id_col = $this->options['db_id_col'];
  38. // delete the record associated with this id
  39. $sql = 'DELETE FROM '.$db_table.' WHERE '.$db_id_col.'= ?';
  40. try
  41. {
  42. $stmt = $this->db->prepare($sql);
  43. $stmt->bindParam(1, $id, PDO::PARAM_STR);
  44. $stmt->execute();
  45. }
  46. catch (PDOException $e)
  47. {
  48. throw new sfDatabaseException(sprintf('PDOException was thrown when trying to manipulate session data. Message: %s', $e->getMessage()));
  49. }
  50. return true;
  51. }
  52. /**
  53. * Cleans up old sessions.
  54. *
  55. * @param int $lifetime The lifetime of a session
  56. *
  57. * @return bool true, if old sessions have been cleaned, otherwise an exception is thrown
  58. *
  59. * @throws <b>DatabaseException</b> If any old sessions cannot be cleaned
  60. */
  61. public function sessionGC($lifetime)
  62. {
  63. // get table/column
  64. $db_table = $this->options['db_table'];
  65. $db_time_col = $this->options['db_time_col'];
  66. // delete the record associated with this id
  67. $sql = 'DELETE FROM '.$db_table.' WHERE '.$db_time_col.' < '.(time() - $lifetime);
  68. try
  69. {
  70. $this->db->query($sql);
  71. }
  72. catch (PDOException $e)
  73. {
  74. throw new sfDatabaseException(sprintf('PDOException was thrown when trying to manipulate session data. Message: %s', $e->getMessage()));
  75. }
  76. return true;
  77. }
  78. /**
  79. * Reads a session.
  80. *
  81. * @param string $id A session ID
  82. *
  83. * @return string The session data if the session was read or created, otherwise an exception is thrown
  84. *
  85. * @throws <b>DatabaseException</b> If the session cannot be read
  86. */
  87. public function sessionRead($id)
  88. {
  89. // get table/columns
  90. $db_table = $this->options['db_table'];
  91. $db_data_col = $this->options['db_data_col'];
  92. $db_id_col = $this->options['db_id_col'];
  93. $db_time_col = $this->options['db_time_col'];
  94. try
  95. {
  96. $sql = 'SELECT '.$db_data_col.' FROM '.$db_table.' WHERE '.$db_id_col.'=?';
  97. $stmt = $this->db->prepare($sql);
  98. $stmt->bindParam(1, $id, PDO::PARAM_STR, 255);
  99. $stmt->execute();
  100. // it is recommended to use fetchAll so that PDO can close the DB cursor
  101. // we anyway expect either no rows, or one row with one column. fetchColumn, seems to be buggy #4777
  102. $sessionRows = $stmt->fetchAll(PDO::FETCH_NUM);
  103. if (count($sessionRows) == 1)
  104. {
  105. return $sessionRows[0][0];
  106. }
  107. else
  108. {
  109. // session does not exist, create it
  110. $sql = 'INSERT INTO '.$db_table.'('.$db_id_col.', '.$db_data_col.', '.$db_time_col.') VALUES (?, ?, ?)';
  111. $stmt = $this->db->prepare($sql);
  112. $stmt->bindParam(1, $id, PDO::PARAM_STR);
  113. $stmt->bindValue(2, '', PDO::PARAM_STR);
  114. $stmt->bindValue(3, time(), PDO::PARAM_INT);
  115. $stmt->execute();
  116. return '';
  117. }
  118. }
  119. catch (PDOException $e)
  120. {
  121. throw new sfDatabaseException(sprintf('PDOException was thrown when trying to manipulate session data. Message: %s', $e->getMessage()));
  122. }
  123. }
  124. /**
  125. * Writes session data.
  126. *
  127. * @param string $id A session ID
  128. * @param string $data A serialized chunk of session data
  129. *
  130. * @return bool true, if the session was written, otherwise an exception is thrown
  131. *
  132. * @throws <b>DatabaseException</b> If the session data cannot be written
  133. */
  134. public function sessionWrite($id, $data)
  135. {
  136. // get table/column
  137. $db_table = $this->options['db_table'];
  138. $db_data_col = $this->options['db_data_col'];
  139. $db_id_col = $this->options['db_id_col'];
  140. $db_time_col = $this->options['db_time_col'];
  141. $sql = 'UPDATE '.$db_table.' SET '.$db_data_col.' = ?, '.$db_time_col.' = '.time().' WHERE '.$db_id_col.'= ?';
  142. try
  143. {
  144. $stmt = $this->db->prepare($sql);
  145. $stmt->bindParam(1, $data, PDO::PARAM_STR);
  146. $stmt->bindParam(2, $id, PDO::PARAM_STR);
  147. $stmt->execute();
  148. }
  149. catch (PDOException $e)
  150. {
  151. throw new sfDatabaseException(sprintf('PDOException was thrown when trying to manipulate session data. Message: %s', $e->getMessage()));
  152. }
  153. return true;
  154. }
  155. }