需要一些關於如何處理會話的幫助。我正在使用Ajax技術來實現一個小組討論平臺,它的成功取決於我是否可以正確處理會話,能夠看到誰在線等。我如何有效地做到這一點。請記住,這是一個典型的單一url ajax應用程序,其中服務器只響應請求。所有表單驗證都是在用戶輸入數據時在客戶端完成的。我需要幫助。下面到目前爲止寫的。處理會話
<?php
include_once "../database/dbconnect.php";
session_start();
$username = isset($_POST["userNameLogin"]) ? $_POST["userNameLogin"] : $_SESSION["userNameLogin"];
$pwd = isset($_POST["passwordLogin"]) ? $_POST["passwordLogin"] : $_SESSION["passwordLogin"];
// Sending these messages to my client side validation code json-style.
if(!isset($username)){
echo("{message : 'NoName'}");
}
elseif(!isset($pwd)){
echo("{message : 'NoPW'}");
}
// creating the session variables to hold username and pwd
$_SESSION['userNameLogin'] = $username;
$_SESSION['passwordLogin'] = $pwd;
// calling the function incuded above to make connection to mysql db
dbConnection();
//query retrieves username and pwd from db and counts the result. if it is one, then they //certianly exist and if not unset the variables created above. The varibles were created
//above so i do not have to check if they exist before unsetting them.
$sQuery = "SELECT * FROM users WHERE
username = '$username' AND password = '$pwd'";
$result = mysql_query($sQuery) or die(mysql_error());
$intFound = mysql_num_rows($result);
if ($intFound == 0) {
unset($_SESSION['userNameLogin']);
unset($_SESSION['passwordLogin']);
// AD - Access Denied
echo("{message : 'AD'}");
}
else{
//a flag to set in the database who is currently online. value of 1 for users who are //online and zero for users who are not. If i want a list of those online, i check the //column called online and then check to see if the $_SESSION['username'] exist. If it //does then i know the user is online. That is what the second script is for. New to this //stuff, and do not know a better way of doing it
mysql_query("UPDATE users SET online = '1' WHERE username = '$username'") or die(mysql_error);
}
上面的腳本應該讓用戶通過發送消息到客戶端的驗證代碼來登錄或拒絕訪問。 正如你所看到的,我是新來的這個東西,我有我的問題。我能做些什麼來確保會話已正確設置並取消設置,即用戶註銷時。 其次,我如何監控誰在線以及誰不使用會話。這是我如何檢查誰在線,然後用用戶名建立一個json文件併發送給客戶端。 Json更容易解析。
下面的腳本試圖確定誰是在線
<?php
// this script determines which sessions are currently active by
// 1.) checking to see which online fields in the users table are set to 1
// 2.) by determining if a session variable has been set for these users.
// If it is not set, it means user is no longer active and script sets its online field in the users table to zero.
// After doing this, the script, then queries the users table for online fields with values one, writes them to an
// array and passes them to the client.
include_once "../database/dbconnect.php";
//include "../validation/accessControl.php";
$tempActiveUsers = array();
$activeUsers = array();
$nonActiveUsers = array();
dbConnection();
$sql = "SELECT username from users WHERE online = '1' ";
$active_result = mysql_query($sql) or die(mysql_error);
if($active_result){
while($aValues = mysql_fetch_array($active_result)){
array_push($tempActiveUsers, $aValues['username']);
}
}
forEach($tempActiveUsers as $value){
/*if($_SESSION['$value'] == $value){
$activeUsers += $value;
} */
if(isset($_SESSION['userNameLogin']) == $value){
array_push($activeUsers, $value);
}else{
array_push($nonActiveUsers, $value);
}
}
forEach($nonActiveUsers as $value1){
$sql1 = "UPDATE users SET online='0' WHERE username = '$value1'";
$set_result = mysql_query($sql1) or die(mysql_error);
}
$length = sizeof($activeUsers);
$len = 1;
$json ='{"users" : {';
$json .= '"user":[';
forEach($activeUsers as $value2){
$json .= '{';
$json .= '"username" : "' .$value2.'" }';
if($len != $length){
$json .= ',';
}
$len++;
}
$json .= ']';
$json .= '}}';
echo $json;
請翻閱並給出一些建議。非常感謝。我的項目框架很好,但我可以實現很多用戶功能,因爲我無法跟蹤誰在線以及如何管理他們的會話。如果你需要更多的背景信息,請告訴我。在此先感謝
將代碼放入正確的格式有助於易讀性。嘗試在每個代碼行的開頭放置四個空格。 – Joe 2009-12-04 10:29:12
就我個人而言,我有一個Session類,充當會話模型的API。我想調用'Session :: keyExists('key');' 我認爲實現一個密鑰是不存在的,而不是調用isset($ _SESSION ['key'])'抽象層a)鼓勵代碼重用和b)更容易管理。 – 2009-12-04 10:46:52