我可以使用 php Sessions 在多个客户端之间共享 Session 变量吗? [英] Can I share Session variables between multiple clients with php Sessions?
问题描述
我想知道的是,我是否可以为多个客户端共享一个 Session 变量.就像他们可以使用完全相同的 Object.下面的例子将说明我想要做什么.
what I am trying to find out is, if I can share a Session variable for multiple clients. Like they can use the exactly same Object. The below example will illustrate what I would like to do.
客户端 1:
start_session();
include('somelcass.php');
//some code...
$someobj = new someclass();
$_SESSION['myobject'] = serialize($someobj);
$id = sha1("somephrase");
set_session_var_for_other_users_by_id('myobject', $id);
客户端 2:
start_session();
include('somelcass.php');
$id = sha1("somephrase");
get_sessionvars_from_other_users($id);
$someobj = unserialize($_SESSION['myobject']);
//now use someobj from class someclass
我的附加问题是:您是否建议使用某些会话扩展,例如:sessionPsql
And my additional question is: Do you recommand using some session extention like: sessionPsql
推荐答案
先回答你的最后一个问题:
Answering your last question first:
会话 PgSQL文档 您链接的是 PostgreSQL 会话保存处理程序.它是一个会话保存处理程序,您可以配置使用它来代替默认的会话保存处理程序.默认 PHP 中的会话保存处理程序 将会话存储到磁盘(文件).如果您使用 PostgreSQL 会话的保存处理程序,则会将其保存到 PostgreSQL 数据库中 (pgsql).
The Session PgSQLDocs you linked is the PostgreSQL Session Save Handler. It is a Session Save Handler you can configure to use instead of the default session save handler. The default session save handler in PHP is storing sessions to disk (files). If you use the save handler for PostgreSQL sessions are saved into a PostgreSQL database instead (pgsql).
如果您希望允许从多个网络服务器访问会话存储(扩展应用程序)或在您的情况下(可能)使用 SQL 查询访问所有会话,尽管通常是 为此定义了一个定制的会话保存处理程序(可以基于 PgSQL 会话保存处理程序函数).
Saving sessions inside a database can make sense if you want to allow access to the session store from multiple webservers (scaling an application) or in your case (probably) to access all sessions with SQL queries albeit normally a tailored session save handler is defined for that (which could be based on the PgSQL session save handler functions).
回答你的第一个问题:
是的,只要您拥有对相关对象的引用并且知道如何访问它,就可以这样做.这可以通过手动访问会话存储或通过共享自己的会话并切换会话以访问其他会话数据来完成.这取决于您的需求,在您的情况下,仅访问由 ID 存储在一些与会话无关的额外表中的序列化数据可能更容易.如果您不再需要数据,您应该考虑如何处理数据,例如一段时间不活动后将其删除.最后,您正在以可行的方式编写自己的会话实现.版本 4 之前的 PHP 没有开箱即用的会话支持,现在它拥有的会话支持非常轻量级,因此如果您需要做更具体的事情,就像您需要做的那样,您通常自己编写.
Yes you can do so as long as you've got a reference to the object you relate to and you know how to access it. This can be either done by manually accessing the session storage or by sharing a session on it's own and switching sessions to access other session data. It depends on your needs, in your case it's probably more easy to just access serialized data that is stored by the ID in some extra table that has nothing to do with sessions. You should think about how to take care of the data if you don't need it any longer, e.g. remove it after some time of inactivity. In the end you're writing your own session implementation that way which is do-able. PHP before version 4 had no session support out of the box and the session support it has nowadays is very lightweight so if you need to do more specific stuff like you need to do, you normally write your own.
因此多个客户端可以使用同一个会话(共享一个会话),这实际上也是一种攻击网络应用程序的方式(会话劫持攻击),但只要劫持"是在您的应用程序数据流中进行的,我看不出任何技术上的错误用它.在 PHP 中,这意味着您需要关闭当前会话,打开另一个会话(会话由它们的名称 和 ID 标识),读取值,关闭另一个会话并重新打开当前会话.从技术上讲,它可以在 PHP 中运行,但是当您这样做时要编写可靠的代码,因为会话问题很难调试.
So multiple clients can use the same session (share a session) which is actually as well a way to attack webapps (session hijackingAttack) but as long as the "hijack" is intended inside your application data-flow, I do not see anything technically wrong with it. In PHP that means you need to close the current session, open the other one (sessions are identified by their name and ID), read the value, close the other session and re-open the current one. It technically works in PHP however write solid code when you do this because session problems are quite hard to debug.
这通常也是在多个客户端之间编写自己的对象共享机制而不是重复使用 PHP 的一个很好的理由会话功能文档.
This is also often a good reason to write your own object-sharing mechanism between multiple clients instead of re-using PHP's session featureDocs for that.
这篇关于我可以使用 php Sessions 在多个客户端之间共享 Session 变量吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
