I am trying to share session information between our main PHP app and node.js
We currently use a database backend for session storage, because we have several web servers that can handle a request.
Is anyone aware of any solutions for accessing session data from node.js? The only ones I can see use redis or memcache, but we cannot change the method for storing session data.
You would have to use a common format, such as JSON or one of your own invention. Let's assume JSON for convenience.
On the PHP side you will need to register your own session handler.
Set session.name to something less PHP specific, for example SESSID instead of PHPSESSID.
Set session.serialize_handler to php_serialize. In the write() method cast the incoming $data into JSON by first calling unserialize() on it, then calling json_encode() and set the re-encoded data in your database.
Similarly, the read() method should extract the session data from your database (given the value of the ID stored in the SESSID cookie), call json_decode() on it, then serialize it and return that string.
Might I suggest a fast, scalable, and reliable database such as Aerospike. I am, however, biased.
Related
I'm using CodeIgniter 3.x with database session driver and i want to access data cloumn that BLOB type. Here my blob data:
__ci_last_regenerate|i:1435420891;identity|s:13:"john#doe.com ";username|s:13:"johndoe";email|s:13:"john#doe.com ";user_id|s:1:"5";old_last_login|s:10:"1435412865";
I tried with unserialize($string) but didnt work!
unserialize(): Error at offset 0
How can i access blob data element? For ex: $user['email']
There's no straight-forward way to do that ... You could use session_decode(), but it requires that you already have an active session, so that it can put the decoded data into $_SESSION.
I must tell you however, if you want to do that - you're doing it wrong. You should never access another user's session. If there's some data that's tied to a session that's not explicit to the user who owns the session, you should just add another field to the sessions table and save it in there.
I got the solution here
So I have used session decode http://php.net/session_decode
session_decode('__ci_last_regenerate|i:1446535049;ci_UserID|s:1:"2";ci_UserName|s:24:"example#xyz.com";logged_in|b:1;');
So session decode stored all the encrypted data in normal php session.
Which I can access using:
echo $_SESSION['ci_UserID'];
As Narf says there is no easy way to do this.
ykay;s solution presupposes that you are using the current built in session handler. That can be changed at any time by the application, and there are no guarantees that PHP will keep this format.
Your solution trashes the current session and replaces it with the stored data (but at least it will use the "current" serialization method).
The serialization function and the read/write operations for session_ functions can be overridden at runtime. As long as you read back data encoded using the same mechanism as you use for decoding your mechanism will work - but it is a bad approach for long term storage of data or for use in a context where you cannot guarantee consistency of the PHP installations reading the data.
The right way to fix the problem of reading session data outside of a user's session is to use the serialize/unserialize format:
ini_set("session.serialize_handler", 'php_serialize');
Then use unserialize() to read the data.
To my amusement, I understand that one can call session functions in CLI. The way I understand it sessions make sense when the script is running in a response to an HTTP request (e.g. inside a WebServer). Insights ?
You probably want to access a session storage via CLI, and the easiest way is to set the session id, start the session and read from $_SESSION, instead of adding a lot of own code to fetch and parse the serialized data. You won't get the session id via cookie, POST or GET data, though. You have to pass it somehow. Also, you won't benefit from a created cookie when the session is started on CLI.
How can I pass a PHP object created during my initial page load, to an ajax call?
create-page.php creates my page and has an object expensiveObject. I need to pass expensiveObject to ajax-some-stuff.php.
Option 1: Should I json_encode() the object, attach it to my URL, grab that part of my URL with javascript, and send it back to a PHP ajax?
Option 2: Can I store it as a $_SESSION variable?
I would save it in $_SESSION as this would prevent you from sending data trough internet which should be only processed on server. There would be security issues as well as performance issues.
You might need to implement __sleep() and __wakeup() depending on your object when saving it in $_SESSION
I would like go with Option 1 but after json_encode function i will wrap it again with base64_encode because the json_encode is still not URL-safe string.
The $_SESSION method is good and easy but it depends on your object. If i'm not mistaken, the $_SESSION has maximum size of data can be stored there.
- if you're server side session your server memory will consumed
- using cookie as session replacement will limit the data size
I'm using JS Objects to sort and filter a table but I need to store the original table data in case the user wants to return to it. I'm just wondering if there's an easy way to pass the object's data to a PHP session var, via AJAX, and retain stuff like the key/value relationships without doing a lot of heavy lifting.
Build a JSON-string of the object and store this string.
JSON.stringify
It's not possible.
On the client side, the session is identified by a cookie. The session ID is all you've got.
On the server, the session data is stored in a binary file, one file per session (typical scenario).
So you can't touch the contents from the session from the browser without help from the server.
And second: it's not "light". In an app I've been working on, modern computer and virtually no load yet, loading the session seem to be taking around 250ms, 10 times longer than the response time for the whole page when starting from scratch.
In summary:
you cannot touch session variables without writing a script on the server that handles the data
It's not "light".
does any body have any info/links as to how to integrate a cookie based session system? i've used file/mysql, and am currently using memcached. i wanted to play with apc sessions, but thought i'd give a go at cookies, only i don't know much about it.
i imagine i'd have to write my own session handler class?
In PHP session data is usually stored in a file. The only thing stored in the cookie is a session identifier. When sessions are enabled and a valid session cookie is found, PHP loads the users session data from the file into a super global called funnily enough SESSION.
Basic sessions are started using session_start(); called before any text is sent to the browser. then items are added to or removed from the session object using simple array indexing eg.
$_SESSION['favcolour'] = 'blue';
later...
$favcolour = $_SESSION['favcolour'];
basic cookie only sessions (no local storage) can be created with a call to
set_cookie('favcolour','blue'[,other params]);
before any text is sent to the browser, then retrieved from the cookie superglobal
$favcolour = $_COOKIE['favcolour'];
you don't need to call session_start() if doing cookie only sessions.
the optional [,other params] are more advanced and can be read about here http://www.php.net/manual/en/function.setcookie.php
Sessions can become a very complex discussion, I'd suggest doing some light work in them and then expand your knowledge.
DC
all you ever wanted to know about PHP sessions
http://www.php.net/manual/en/book.session.php
DC
To reuse PHP's session handling code you will need to add a write handler using session_set_save_handler and then do exactly nothing in that handler. That's because its called after the output to the browser is closed therefore you cannot send anything to the browser.
Before writing non header data to the browser use the set_cookie functions and store the contents of the $_SESSION array (after serialising and encrypting) into a cookie. when the applications start you can read the cookie unserialise it and put it into the $_SESSION array.
That's a quick hint at what to do as I have never done it, I prefer to write all my own cookie code. There may be some gotcha's but its not hard a few tests should find any gotcha's.
DC