PHP

sessionOpen

Example D-3 shows the first of the session handlers required by PHP session management. The sessionOpen( ) function sets two global variables to hold the database connection and the table that manages the session variables. PHP passes the php.ini file values of session.save_path and session.name as $database_name and $table_name, respectively. The $database_name parameter selects the database, and the $table_name parameter is stored in the global variable $session_table. The global variables $session_table and $connection formulate and execute SELECT, INSERT, UPDATE, and DELETE queries in the other handlers.

Example D-3. The sessionOpen handler
// The database connection
$connection;
// The global variable that holds the table name
$session_table;
// The session open handler called by PHP whenever
// a session is initialized. Always returns true.
function sessionOpen($database_name, $table_name)
{
  // Save the database name in a global variable
  global $connection;
  global $hostName;
  global $username;
  global $password;
  if (!($connection = @ mysql_pconnect($hostName,
                                       $username,
                                       $password)))
     showerror(  );
  if (!mysql_select_db($database_name, $connection))
     showerror(  );
  // Save the table name in a global variable
  global $session_table;
  $session_table = $table_name;
  return true;
}

Using the values of session.save_path and session.name as the database name and the table name respectively, the MySQL session handlers developed in this appendix can be configured to use any database and table as a session store. With the handler shown in Example D-3, the name of the table is the same as the name of the cookie used to hold the session ID. For example, consider the followingphp.ini file settings:

session.save_path = winestore
session.name = PHPSESSION

With these settings, our module uses the PHPSESSION table in the winestore database.