从头开始处理会话 [英] Session Handling From Scratch

问题描述

我想从头开始创建一个会话处理程序.我不想使用 session_set_save_handler.我在任何地方都找不到任何东西，我只是不知道从哪里开始.有人能指出我正确的方向或解释这样做的最佳方法吗?

I want to create a session handler from scratch. I don't want to use session_set_save_handler. I can't find anything anywhere though and I just don't know where to start. Could somebody point me in the right direction or explain the best way to do this?

谢谢！:)

推荐答案

在尝试构建自己的会话机制时，有几件事需要注意.

There are few things to note when trying to build your own session mechanism.

您可以做的第一件事是编写一个 PHP 会话包装器.将包含 PHP Session 功能的类.因此，当您想使用 Sessions 时，您可以实例化您的会话类并使用会话做您想做的事情.你可以这样做:

First thing you can do is to write a PHP Session wrapper. Class that would wrap up PHP Session functionality. So when you want to use Sessions you can instantiate your session class and do things you want with sessions. You can do something like this:

class Session
    {
        /**
         * Starts new or resumes existing session
         * 
         * @access  public
         * @return  bool
         */

        public function start()
        {
            if(session_start()) {
                return true;
            }
            return false;
        }

        /**
         * End existing session, destroy, unset and delete session cookie
         * 
         * @access  public
         * @return  void
         */

        public function end()
        {
            if($this->status != true) {
                $this->start();
            }

            session_destroy();
            session_unset();
            setcookie(session_name(), null, 0, "/");
        }

        /**
         * Set new session item
         * 
         * @access  public
         * @param   mixed
         * @param   mixed
         * @return  mixed
         */

        public function set($key, $value)
        {           
            return $_SESSION[$key] = $value;
        }

        /**
         * Checks if session key is already set
         * 
         * @access  public
         * @param   mixed  - session key
         * @return  bool 
         */

        public function has($key)
        {
            if(isset($_SESSION[$key])) {
                return true;
            }

            return false;
        }   

        /**
         * Get session item
         * 
         * @access  public
         * @param   mixed
         * @return  mixed
         */

        public function get($key)
        {
            if(!isset($_SESSION[$key])) {
                return false;
            }

            return $_SESSION[$key];         
        }
    }

然后你可以像这样使用这个会话类:

Then you can use this session class like this:

$session = new Session();
$session->start();
$session->set('id', 5);
echo $session->get('id);

我喜欢这个，因为我可以像对象一样使用 PHP Sessions 而不必使用 PHP 函数.但是请注意，您无论如何都在使用 PHP 函数，只是在使用此类时看不到它.这样做可以帮助您深入了解 PHP 会话的工作原理.

I like this since I can use PHP Sessions like objects and don't have to use PHP functions. But note that you are anyway using PHP functions, you just dont see it when using this class. Doing this can help you to deeply understand how PHP sessions work.

如果您决定硬着头皮编写自己的会话机制，则有几件事需要注意.您需要决定的第一件事是您将在哪里存储会话信息?您可以将它们保存在数据库、文件系统、cookie 等中...默认情况下，PHP 在文件系统上保存会话.编写自己的会话机制的最简单方法是将会话保存到 cookie 中.如果您使用 Codeigniter 会话，Codeigniter 默认会这样做.

If you decide to bite the bullet and write your own session mechanism, there are few things to note. First thing you need to decide is where will you store session information? You can save them in database, on file system, in a cookie etc... By default PHP saves sessions on file system. The easiest way to write your own session mechanism is to save sessions into a cookie. Codeigniter does that by default if you use Codeigniter sessions.

您将编写自己的对象，该对象具有读取、写入、编辑、删除...会话数组的方法.该数组在保存到 cookie 之前必须被序列化.一旦会话保存在 cookie 中，您可以使用您编写的方法将它们取出、编辑或删除它们等.这样做时，请注意安全，因为用户可以查看他们的 cookie.您必须加密会话值.

You would write your own object, that would have methods for you to read, write, edit, delete... session array. That array would have to be serialized before saving into cookie. Once sessions are saved in a cookie, you can use methods you wrote to get them out, edit them or delete them etc. When doing so, pay attention to security, since user can view their cookies. You would have to crypt session value.

然后，如果您决定将会话保存到数据库中，您可以使用相同的方法，但这次将会话保存到数据库而不是 cookie.

Then if you decide to save sessions into a database you can use those same methods you have, but this time save sessions into database instead into cookie.

最好的方法是编写会话接口，每个会话类都会实现.这样你就可以使用你的 Session 类，而不用关心会话存储在哪里.

The best way to go would be to write Session Interface, that every session class would implement. This way you could use your Session class, and don't care about where are sessions stored.

如果您现在不明白我在说什么，那么只需构建您自己的会话包装器，这可以帮助您了解有关会话的更多信息.并为您提供了使用 OOP 处理会话的好方法.一旦有了它，您就可以使用该 API 来编写您的会话接口，并在每个会话类中实现该接口，并编写您自己的逻辑，以保存会话数据的方式和位置.

If you dont understand what am I talking about now, then just build your own session wrapper, this could help you to learn more about sessions. And gave you nice way of dealing with sessions using OOP. Once you have that, you can use that API to write your Session Interface, and implement that interface in every Session class, and write your own logic how and where would you save session data.

还有一件事，PHP Sessions 机制没有任何问题.

And one more thing, there is nothing wrong with PHP Sessions mechanism.

这篇关于从头开始处理会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！