日期:2014-05-17  浏览次数:20542 次

session_set_save_handler()中write使用的问题
我把SESSION写入数据库,sessionID用URL传。

a.php:
PHP code

<?php
  require('session.php');

  session_start();
  $_SESSION['test'] = 1;

  echo '<a href="b.php?' . session_name() . '=' . session_id() . '">查看</a>';



b.php
PHP code

<?php
  require('session.php');
  session_start();



session.php:
PHP code

<?php
    ini_set('session.save_handler', 'user');
    ini_set('session.use_cookies', 0);
    
    session_set_save_handler('open', 'close', 'read', 'write', 'destroy', 'gc');
    
    $link = null;
    $expiry = 86400;
    
    function open($save_path, $session_name)
    {
        //连接数据库
    }
    
    function close() {
        return true;
    }
    
    function read($sessionId) {
        global $link;
        
        $sessionId = mysql_escape_string($sessionId);
        $time = time();
        $sql = "SELECT value FROM session WHERE session_id='{$sessionId}' AND expiry>{$time}";
        
        $result = mysql_query($sql, $link);
        
        if(@$row = mysql_fetch_row($result, $link)) {
            return $row[0];
        }else {
            return '';
        }
    }
    
    function write($sessionId, $sessionData) {
        global $link, $expiry;
        
        $sessionId = mysql_escape_string($sessionId);
        $sessionData = mysql_escape_string($sessionData);
        $time = time() + $expiry;
        
        $sql = "INSERT INTO session(session_id, value, expiry) VALUES('{$sessionId}', '{$sessionData}', {$time});";
        $result = mysql_query($sql, $link);
        
        if($result) {
            return true;
        }
        
        $sql = "UPDATE session SET value='{$sessionData}', expiry={$time} WHERE session_id='{$sessionId}'";
        $result = mysql_query($sql, $link);
            
        if($result && mysql_affected_rows($link)) {
            return true;
        }else {
            return false;
        }
    }
    
    function destroy($sessionId) {
        global $link;
        
        $sessionId = mysql_escape_string($sessionId);
        
        $sql = "DELETE FROM session WHERE session_id='{$sessionId}';";
        $result = mysql_query($sql, $link);
        
        if($result) {
            return true;
        }else {
            return false;
        }
    }
    
    function gc($maxLifeTime) {
        return true;
    }




现在是这样:
运行a.php,SESSION确实保存到了数据库中:
+----------------------------+--------------------------------+------------+
| session_id | value | expiry |
+----------------------------+--------------------------------+------------+
| o7olki3vmch3k8bakhk71emco6 | isLogin|i:1;permission|s:0:""; | 1344495859 |
+----------------------------+--------------------------------+------------+

问题是:
当点击a.php的超链接去b.php时,传过去的sessionID所代表的SESSION值被清空了。
+----------------------------+-------+------------+
| session_id | value | expiry |
+----------------------------+-------+------------+
| o7olki3vmch3k8bakhk71emco6 | | 1344496029 |
+----------------------------+-------+------------+

后来我发现,原来是运行b.php页面时,执行了write()方法中的UPDATE:
UPDATE session SET value='', expiry=1344496029 WHERE session_id='o7olki3vmch3k8bakhk71emco6'
但是我在b.php页面中并没有更改SESSION的操作啊?这是怎么回事呢?

麻烦大家了!!!


------解决方案-------------