Skip navigation.
Home
Frozenminds Modules for phpLD
Home » Catalog » Modules

Session Handler

Submitted by Boby on Wed, 18/03/2009 - 10:32.
phpld-session-handler
$4.00

Here is a custom session handler that stores PHP Link Directory's persisten data into the database.

By default the medium used as persistent storage by the default PHP session handler will be a series of disk files, one per session, where the file name is the session_id. A file is created when a new session starts, and is deleted when the session terminates (or has expired). This is perfectly adequate for most circumstances, but it has the following drawbacks:

  • If you are using a shared server then other users of that server may be able to access your session files, thus compromising the security of your site.
  • I/O is usually slower than database queries.
  • Sensitive data is not encrypted.
  • Each server will have its own directory where these session files are maintained, so if you are employing load balancing across multiple servers there is no guarantee that a request for an existing session will be given to the server which is maintaining the state for that session.
  • It would be difficult for a site administrator to perform such queries as "how many sessions are currently active?" or "which users are currently logged in?"
  • There are certainly more exemples...

I have tried several other database session handlers, but either they are lacking some features or are badly designed. Because phpLD is using the nice AdoDB database abstraction library to handle DB operations, I've tried AdoDB's session handler but I have found out the code is just over bloated with unnecessary code, it has a very poor design. While working on a very large project recently, I was in need of a good session handler so I ended up writing my own library for that.

This session handler for phpLD, stores all information encrypted to the database, eliminating most of the security problems regular session handlers have.

Features of this database session handler

  • PHP-5 & MySQL powered
  • Full OOP design
  • Session data can be stored encrypted into DB (using Mcrypt)
  • Very fast, should be much faster than AdoDB's session handler
  • Extandable, you may write more modules for user statistics for example

The requirements for this module is PHP Link Directory version 3+, but I guess it will work with version 2 too. PHP-5 is strictly required and if you choose to encrypt your session data (highly suggested) you also need the Mcrypt extension compiled with phpLD.

Price: $4.00

This work is licensed under the Commercial License.

Copyright (c) Constantin Bejenaru (www.frozenminds.com)

This work is NOT free software! You may NOT reproduce, distribute, or transfer this work, or portions thereof, to any third party, sell, rent, lease, assign, or sublet the work or portions thereof, grant rights to any other person.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, WARRANTIES OF QUALITY, PERFORMANCE, NON-INFRINGEMENT, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE. FURTHER, THE AUTHOR DOES NOT WARRANT THAT THE SOFTWARE OR ANY RELATED SERVICE WILL ALWAYS BE AVAILABLE.

YOU ASSUME ALL RISK ASSOCIATED WITH THE INSTALLATION AND USE OF THE SOFTWARE. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS OF THE SOFTWARE BE LIABLE FOR CLAIMS, DAMAGES OR OTHER LIABILITY ARISING FROM, OUT OF, OR IN CONNECTION WITH THE SOFTWARE. LICENSE HOLDERS ARE SOLELY RESPONSIBLE FOR DETERMINING THE APPROPRIATENESS OF USE AND ASSUME ALL RISKS ASSOCIATED WITH ITS USE, INCLUDING BUT NOT LIMITED TO THE RISKS OF PROGRAM ERRORS, DAMAGE TO EQUIPMENT, LOSS OF DATA OR SOFTWARE PROGRAMS, OR UNAVAILABILITY OR INTERRUPTION OF OPERATIONS.