I am using a PHP session manager class that will handle user sessions in MongoDB, but it's not working, and I can not for the life of me figure out why. Session variables set successfully, but will not persist into other pages. Connectivity with MongoDB is not the issue. I've determined the issue has to do with the session_set_save_handler, because if I comment that function out, native PHP session handling works fine.
Thanks in advance for your help.
...
require('database.class.php');
class SessionManager {
const COLLECTION = 'sessions';
const SESSION_TIMEOUT = 600;
const SESSION_LIFESPAN = 3600;
const SESSION_NAME = 'mongosessid';
const SESSION_COOKIE_PATH = '/';
const SESSION_COOKIE_DOMAIN = '';
private $_mongo;
private $_collection;
private $_currentSession;
public function __construct() {
$this->_mongo = DBConnection::instantiate();
$this->_collection = $this->_mongo->getCollection(SessionManager::COLLECTION);
register_shutdown_function('session_write_close');
session_set_save_handler(
array(&$this, 'open'),
array(&$this, 'close'),
array(&$this, 'read'),
array(&$this, 'write'),
array(&$this, 'destroy'),
array(&$this, 'gc')
);
//Set session garbage collection period
ini_set('session.gc_maxlifetime', SessionManager::SESSION_LIFESPAN);
//Set session cookie config
session_set_cookie_params(
SessionManager::SESSION_LIFESPAN,
SessionManager::SESSION_COOKIE_PATH,
SessionManager::SESSION_COOKIE_DOMAIN
);
//Replace 'PHPSESSID' with 'mongosessid' as the session name
session_name(SessionManager::SESSION_NAME);
session_cache_limiter('nocache');
session_start();
}
public function open($path, $name) {
return true;
}
public function close() {
return true;
}
public function read($sessionId) {
$query = array('session_id' => $sessionId,
'timedout_at' => array('$gte' => time()),
'expired_at' => array('$gte' => time() - SessionManager::SESSION_LIFESPAN)
);
$result = $this->_collection->findOne($query);
$this->_currentSession = $result;
if (!isset($result['data'])) {
return '';
}
return $result['data'];
}
public function write($sessionId, $data) {
$expired_at = time() + self::SESSION_TIMEOUT;
$new_obj = array('data' => $data,
'timedout_at' => time() + SessionManager::SESSION_TIMEOUT,
'expired_at' => (empty($this->_currentSession)) ? time() + SessionManager::SESSION_LIFESPAN : $this->_currentSession['expired_at']
);
$query = array('session_id' => $sessionId);
$this->_collection->update($query,
array('$set' => $new_obj),
array('$upsert' => TRUE)
);
}
public function destroy($sessionId) {
$this->_collection->remove(array('session_id' => $sessionId));
return TRUE;
}
public function gc() {
$query = array('expired_at' => array('$lt' => time()));
$this->_collection->remove($query);
return TRUE;
}
}
$session = new SessionManager();
?>
write is called after object destruction. Your $_mongo object has already been destroyed by the time you come to use it.
Use session_write_close() with register_shutdown_function() to get around this.
register_shutdown_function('session_write_close');
In addition to this (because this was almost certainly happening), the options for the update query do not begin with a $ (a mistake I've made myself numerous times), you need upsert not $upsert