I'm using CodeIgniter 3.x with database session driver and i want to access data cloumn that BLOB type. Here my blob data:
__ci_last_regenerate|i:1435420891;identity|s:13:"john#doe.com ";username|s:13:"johndoe";email|s:13:"john#doe.com ";user_id|s:1:"5";old_last_login|s:10:"1435412865";
I tried with unserialize($string) but didnt work!
unserialize(): Error at offset 0
How can i access blob data element? For ex: $user['email']
There's no straight-forward way to do that ... You could use session_decode(), but it requires that you already have an active session, so that it can put the decoded data into $_SESSION.
I must tell you however, if you want to do that - you're doing it wrong. You should never access another user's session. If there's some data that's tied to a session that's not explicit to the user who owns the session, you should just add another field to the sessions table and save it in there.
I got the solution here
So I have used session decode http://php.net/session_decode
session_decode('__ci_last_regenerate|i:1446535049;ci_UserID|s:1:"2";ci_UserName|s:24:"example#xyz.com";logged_in|b:1;');
So session decode stored all the encrypted data in normal php session.
Which I can access using:
echo $_SESSION['ci_UserID'];
As Narf says there is no easy way to do this.
ykay;s solution presupposes that you are using the current built in session handler. That can be changed at any time by the application, and there are no guarantees that PHP will keep this format.
Your solution trashes the current session and replaces it with the stored data (but at least it will use the "current" serialization method).
The serialization function and the read/write operations for session_ functions can be overridden at runtime. As long as you read back data encoded using the same mechanism as you use for decoding your mechanism will work - but it is a bad approach for long term storage of data or for use in a context where you cannot guarantee consistency of the PHP installations reading the data.
The right way to fix the problem of reading session data outside of a user's session is to use the serialize/unserialize format:
ini_set("session.serialize_handler", 'php_serialize');
Then use unserialize() to read the data.
Related
I have a nasty problem with Symfony2 session. I have a cart in which I can insert things. I add several items and it works, but on some items the app crashes telling me
ContextErrorException: Warning: session_start(): Failed to decode session object. Session has been destroyed in ...
The session is destroyed and I'm logged out of the site.
I have the session stored in the DB and the line about the session is deleted too, like a clean logoff.
I triple checked all the code and I have no code of mine that invalidates the session. I also commented out each line containing session->invalidate to no avail.
I noted that the session cleanup comes between the "return" of one function and the following line in my code after the code returns, but there is no code between them. It seems something related to events/listeners but none are configured by me.
I don't know where to check, any ideas?
Based on this report and other searches, my guess is you're storing multi-byte strings in your session data and it's getting corrupted. It's also possible the database column storing the data is too short and the string is getting truncated, corrupting it. Here's what I would look at:
If you're using a database for storage be sure it's prepared for multi-byte strings.
Make sure your session database column is large enough, e.g. MEDIUMTEXT instead of VARCHAR.
Maybe there's a bug in Symfony's session handler (unlikely since that probably would have been caught quickly).
Maybe you've somehow corrupted your own multi-byte strings. Check you're not using any PHP functions that aren't binary-safe.
If you can't find the root cause I would try overriding the session storage handler and running base64_encode over the data before storage and decode after retrieval. But that's a last resort to work around the real problem.
I changed the write e read method of PDOSessionHandler instead of base64encode/decode i put utf8_encode for write and in the read method i put utf8_decode. This workaround works for me but is not a clean solution. The question now is: why base64encode/decode fails?
I am trying to share session information between our main PHP app and node.js
We currently use a database backend for session storage, because we have several web servers that can handle a request.
Is anyone aware of any solutions for accessing session data from node.js? The only ones I can see use redis or memcache, but we cannot change the method for storing session data.
You would have to use a common format, such as JSON or one of your own invention. Let's assume JSON for convenience.
On the PHP side you will need to register your own session handler.
Set session.name to something less PHP specific, for example SESSID instead of PHPSESSID.
Set session.serialize_handler to php_serialize. In the write() method cast the incoming $data into JSON by first calling unserialize() on it, then calling json_encode() and set the re-encoded data in your database.
Similarly, the read() method should extract the session data from your database (given the value of the ID stored in the SESSID cookie), call json_decode() on it, then serialize it and return that string.
Might I suggest a fast, scalable, and reliable database such as Aerospike. I am, however, biased.
I have set Yii application session to save in database.
In one part of my app i need to read created session by Yii but
i can't use Yii::app()->session because my code is out of Yii application.
Can i read this session with PHP function?
or
create and save this specific session with Yii in temp folder instead of database(so i can easily use $_SESSION)?
The function you're looking for is session_set_save_handler().
This function allows you to override the default handling of the $_SESSION variable. You can use it to specify a set of functions that will handle the loading, saving, and other tasks associated with session handling.
You can use these functions to load session data from a database, or any other source you may want.
Hope that helps.
You could catch the cookie sent by browser and select from table using session id from cookie, but most probably there is a better way to solve your problem.
Why can't you simply move the code into Yii controller? Even if it is something specific, it's usually easy to work around.
I'm using JS Objects to sort and filter a table but I need to store the original table data in case the user wants to return to it. I'm just wondering if there's an easy way to pass the object's data to a PHP session var, via AJAX, and retain stuff like the key/value relationships without doing a lot of heavy lifting.
Build a JSON-string of the object and store this string.
JSON.stringify
It's not possible.
On the client side, the session is identified by a cookie. The session ID is all you've got.
On the server, the session data is stored in a binary file, one file per session (typical scenario).
So you can't touch the contents from the session from the browser without help from the server.
And second: it's not "light". In an app I've been working on, modern computer and virtually no load yet, loading the session seem to be taking around 250ms, 10 times longer than the response time for the whole page when starting from scratch.
In summary:
you cannot touch session variables without writing a script on the server that handles the data
It's not "light".
I need to share sessions between subdomain but my sessions are stored in weird format. For example if ill compare same session data (from session file) from different servers i see that in first case data are stored correctly but not in second one.
First server session string:
TEST_VAR|s:10:"TEST VALUE";
Second server session string:
NUnNmu-NLaO2lP-1J_LVRdJm5cPH54dlnDN1W1GaHXrebf3hl_clOl3xeoZlvHsj
I'm using same code to generate sessions, where is the problem? Anyone know whats wrong? How can i decode this weird string? session_decode() can't handle it.
This might help: PHP / Drupal, Session Storage and encryption
If not, check the php.ini/phpinfo() on both servers and see if there are any differences in the session-related configuration.