Thanks! Saved me a huge headache! "Yasuo Ohgaki" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Your save handler has some problem... > > Except read functin, all return values from handler is converted to > boolean and you should return TRUE for success, FALSE for failure. > > For read function, you MUST return string *always*. Return "" (null > string) if there is nothing to read. > > I've updated manual page, it'll be in manual shortly, also. > > > John Branstad wrote: > > > We recently upgraded to php4.1.0 from 4.0.6 and now our custom session > > handling doesn't work! We are running on linux with apache, attempting to > > save session info to a MySQL database (I have session.save_handler=user). > > There are a couple issues: > > > > 1) Occassionally (can't seem to pin down exactly when) I try and access my > > site and get a "The page cannot be displayed" error in IE. > > a. The session_start() command seems to be causing this error - If i put > > die("here"); before session_start(), I see the message. If I move > > die("here"); after session_start(), I get the error. > > b. Clicking refresh (sometimes 1 time, sometimes 10 times) will > > eventually allow me to access my page. > > > > 2) The first time I access my page, I attempt to set a session variable > > ($_SESSION["foo"] = "bar;). When the page finishes loading, the session > > write handler is called which puts the session information in the database. > > However, there is nothing written to the value field! (It's still blank!) > > a. If I refresh the page, the session information is updated in the > > database, and now the value field has the correct entry (foo|s:3:"bar";) > > > > My session save handler is based on <a > > href="http://www.onlamp.com/pub/a/php/2001/05/10/sessions.html?page=2";>this > > article</a> I read: > > I'm attaching a copy of my sesssions.php file in case that will help anyone. > > The only modifications I made were to the read handler - I put in a return > > of the value from the SELECT. If I take that statement out, problem 1) goes > > away, but I would NEVER get session information saved into the database!??! > > (only the SessionID would be stored) > > > > Did something change in session handling from 4.0.6 to 4.1.0? If I can't > > figure this out, we have no choice but to roll back to 4.0.6, but I really > > love the security additions of 4.1.0 - Help!!! MUCH THANKS IN ADVANCE. > > > > John > > > > > > > > <?php > > > > /* > > **************************************** > > ** > > ** Name: template.php > > ** > > ** Author: Cory Factor > > ** > > **************************************** > > */ > > > > // These variables are set in the database_settings.php file > > // which is included using the auto_prepend_file PHP configuration > > // > > $SESS_DBHOST = $Global_DBHOST; /* database server hostname */ > > $SESS_DBNAME = $Global_DBNAME; /* database name */ > > $SESS_DBUSER = $Global_DBUSER; /* database user */ > > $SESS_DBPASS = $Global_DBPASS; /* database password */ > > // > > // End of auto_prepend_file variables > > > > > > $SESS_TABLE = "sessions"; > > $SESS_LIFE = get_cfg_var("session.gc_maxlifetime"); > > $SESS_DB = ""; > > > > /* > > print("host: $SESS_DBHOST<br>"); > > print("name: $SESS_DBNAME<br>"); > > print("user: $SESS_DBUSER<br>"); > > print("pass: $SESS_DBPASS<br>"); > > print("sessid: $PHPSESSID<br>"); > > print("life: $SESS_LIFE<br>"); > > //die(); > > */ > > > > function sess_open($save_path, $session_name) { > > global $SESS_DBHOST, $SESS_DBUSER, $SESS_DBPASS, $SESS_DBNAME, $SESS_DB; > > > > if ( !mysql_pconnect($SESS_DBHOST, $SESS_DBUSER, $SESS_DBPASS)) { > > echo "<li>Can't connect to $SESS_DBHOST as $SESS_DBUSER"; > > echo "<li>MySQL Error: ", mysql_error(); > > die; > > } > > if ( ! mysql_select_db($SESS_DBNAME)) { > > echo "<li>Unable to select database $SESS_DBNAME"; > > die; > > } > > } > > > > function sess_close() { > > return true; > > } > > > > function sess_read($SID) { > > global $SESS_DB, $SESS_TABLE; > > > > $qry = "SELECT value FROM $SESS_TABLE WHERE sesskey = '$SID' AND expiry > " . time(); > > $result = mysql_query($qry); > > > > > > if (list($value) = mysql_fetch_row($result)) { > > return $value; > > } > > } > > > > function sess_write($SID, $val) { > > global $SESS_DB, $SESS_TABLE, $SESS_LIFE; > > > > $expiry = time() + $SESS_LIFE; > > > > $qry = "INSERT INTO $SESS_TABLE VALUES ('$SID', '$expiry', '$value')"; > > $result = mysql_query($qry); > > > > if (! $result) { > > $qry = "UPDATE $SESS_TABLE SET expiry = '$expiry', value = '$value' WHERE sesskey = '$SID' AND expiry > " . time(); > > $result = mysql_query($qry); > > } > > } > > > > function sess_destroy($SID) { > > global $SESS_TABLE; > > > > $qry = "DELETE FROM $SESS_TABLE WHERE sesskey = '$SID'"; > > $result = mysql_query($qry); > > } > > > > function sess_gc($SESS_LIFE) { > > global $SESS_TABLE; > > > > $qry = "DELETE FROM $SESS_TABLE WHERE expiry < " . time() - $SESS_LIFE; > > $result = mysql_query($qry); > > > > return mysql_affected_rows($result); > > } > > > > session_set_save_handler( > > "sess_open", > > "sess_close", > > "sess_read", > > "sess_write", > > "sess_destroy", > > "sess_gc"); > > ?> > > > > > > -- > Yasuo Ohgaki >
Advertising
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
