On Thu, Dec 22, 2005 at 11:56:12PM -0500, Chris Shiflett wrote: > Greg Donald wrote: > >I've been using this database driven PHP sessions setup for years: > > > >http://dbsessions.destiney.com/ > > I offer a similar implementation: > > http://phpsecurity.org/code/ch08-2 Ok, i'll bite.. :) One thing I tend to avoid is having empty values in the database (a pet peev via the file system), if a typical session_start() is issued and there is no data to be written i believe avoiding the actual insert should be avoided, to avoid the extra overhead of writing 'no data' to the db. The approach i used probably has a flaw if cookie based session is *not* used. Also, i'v always hated the 'global $dbh' approach, I'd rather see a defined database handle within the session. http://zirzow.dyndns.org/session/session.phps session_db_conf.php: <?php $SESSION_DB_HOST = 'localhost'; $SESSION_DB_USER = 'session;; //... ?> session_config.php: <?php include('session/session.php'); Session_System_DB('session_db_conf.php', true); ?> Curt. -- cat .signature: No such file or directory -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
