All geek questions in one place

Reading PHP session data without loading it

I have session_id and I would like to read its data without loading it into the $_SESSION . Please keep in mind that I have not limited my question to a specific session handler.

[UPDATE]

Here is my scenario:

I have two (or more) different open source projects that I want to merge into one. These projects use a session, but it is possible that they overwrite each other (since they are all on the same host and in the same domain). To prevent this from happening, I set up different session_names for each so that they have their own sessions. But there are glue codes that I need to write in which I should have access to both sessions. I can load it in $_SESSION , but I have to read others without loading.

[UPDATE]

Given the answers that have been given so far, I thought to clarify the situation a little more. The solution I'm looking for is to start a session twice (or more) within the same query. And each time with a different session_id. That way I can make a copy of the session and load another. Having said that, not necessarily the only solution, but it is closest to what I'm looking for (just a hint).

+4
source share
4 answers

I start both sessions one by one and save the value of $ _SESSION in local arrays.

i.e.

 // Loading the first session. session_name('first_session_name'); session_start(); // Now we have first session variables available in $_SESSION $_FIRST_SESSION = $_SESSION; // End current session. session_write_close(); // Just to make sure nothing remains in the session. unset($_SESSION); // Now set the second session name. session_name('second_session_name'); // Check and see if the second session name has a session id. if (isset($_COOKIE['second_session_name'])) // There already a session id for this name. session_id($_COOKIE['second_session_name']); else // We need to generate a new session id as this is the first time. session_id(sha1(mt_rand())); session_start(); $_SECOND_SESSION = $_SESSION;
+5
source

I would hide in projects that you use $_SESSION . Projects should use just $_SESSION , as before, but you control what data is read. Also use your own SessionHandler so that when you destroy one project, $_SESSION will not have another.

You must include this file when the session starts. Then do not use session_start() anywhere.

 class SessionAccess implements ArrayAccess { protected $handler; public $session; public function __construct (SharedSessionHandler $handler) { $this->handler = $handler; $this->session = $_SESSION; if (!isset($this->session[NULL])) $this->session[NULL] = []; } public function __get ($project) { return $this->session[$project]; } public function offsetGet ($id) { return $this->getKey($id)[$id]; } public function __set ($project, $val) { $this->session[$project] = $val; } public function offsetSet ($id, $val) { return $this->getKey($id)[$id] = $val; } public function __isset ($project) { // don't think it should be used with empty() ... return isset($this->session[$project]); } public function offsetExists ($id) { return isset($this->getKey($id)[$id]); } public function __unset ($project) { $this->session[$project] = []; } public function offsetUnset ($id) { unset($this->getKey($id)[$id]); } protected function &getKey ($id) { return isset($this->session[NULL][$id])?$this->session[NULL]:$this->session[$this->handler->projectMapper()]; } } class SharedSessionHandler extends SessionHandler { // we want to preserve write/read functions etc., only put a thin layer of abstraction between protected $projects = []; private $writing = false; private $tmpSessionStore; public function registerProject ($project_name, $base) { $this->projects[$base] = $project_name; if (!isset($_SESSION->$project_name)) $_SESSION->$project_name = []; } public function projectMapper () { $bt = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 3)[2]; foreach ($this->projects as $base => $name) { if (substr_compare(realpath($base), realpath($bt["file"]), 0, strlen($base)) === 0) return $name; } return NULL; } public function write ($session_id, $session_data) { if (!$this->writing) { $this->writing = true; $this->tmpSessionStore = $_SESSION; $_SESSION = $_SESSION->session; session_write_close(); } else { parent::write($session_id, $session_data); $_SESSION = $this->tmpSessionStore; $this->writing = false; } } public function close () { // as session_write_close() _will_ trigger this (prevent writing to closed stream) return true; } public function destroy ($session_id) { $key = $this->projectMapper(); if ($key === null) { foreach ($this->projects as $project) unset($_SESSION->$project); } else { unset($_SESSION->$key); } } } session_set_save_handler($sessionHandler = new SharedSessionHandler()); session_start(); $_SESSION = new SessionAccess($sessionHandler);

If you use this, you will have one large session for all of your projects. You do not need to change anything (other than deleting all session_start() ).

I believe that each of your projects is in its own way, so to distinguish between different $_SESSION s, use:

 $sessionHandler->registerProject("projectName", __DIR__); // __DIR__ or the path to the project

To access other sessions, use $_SESSION->projectName[$variable] .

Anything that is not in any registered directory will use the same global session repository. If any key is not installed in this global store, it takes the key from your local store - or a failure with a notification.

+2
source

Use the SessionHandler class and its read($session_id) method read($session_id) .

More details here: http://www.php.net/manual/en/class.sessionhandler.php

0
source

If your projects run on the same server, you can find where these sessions are stored and try to read it manually without loading a PHP instance (e.g. php). For example, all php sessions are located on a path that is stored in the session.save_path variable in php.ini. So you can read this variable (parse it with script [bash?]), And then read the session like regular files. For perl, it depends on the session module that will be used in the project. In any case, in the end, it will be a folder with files in the server file system. And you will need to create your own parsing rule for all projects that use different languages.

0
source

Source: https://habr.com/ru/post/1487228/

More articles:


All Articles