DB_eSession DB_eSession provides a class that securely stores PHP sessions in a MySQL database.
Download

DB_eSession Ranking & Summary

DB_eSession Tags

MySQL database DB DB eSession stores session eSession stores

DB_eSession Description

DB_eSession provides a class that securely stores PHP sessions in a MySQL database. DB_eSession provides a class that securely stores PHP sessions in a MySQL database.DB_eSession is a feature-packed PHP class that stores session data in a MySQL database rather than files. It is powerful, designed with security in mind, and is easy to utilize. The code contains lots of comments, and it comes with full documentation and examples of how to use the class including a basic authentication login/logout process. It includes member functions useful (to webmasters) for monitoring or viewing, deleting, and altering sessions validity for the case of locking one or more sessions upon detection of unauthorized use.Here are some key features of "DB_eSession":· General features:· Stores session data in a MySQL table using PHP's built-in session handler.· Built-in handling of session expiration and cleanup.· Supports the changes of session related configuration settings (inc. PHP5).· Allows for normal or persistent MySQL database connections.· Access to opened MySQL resource connection to use in your script.· Accepts a passed database resource link to use as the DB connection.· Supports session ID's between 12 and 32 characters long.· Custom or changeable database, table and column names.· An option to create new session ID's (you supply, class or PHP builds).· Can initiate buffered output (using ob_start) within the class.· A session_start() automatically initiated within the class.· Can send 'Cache-Control:' header output within the class (fixes IE6 bug).· Ability to retrieve a specific sessions expiration date and time.· Retrieve current session life setting in seconds or minutes.· Retrieve a numeric total of the number of active and inactive sessions in table.· Facility to make assignment and retrieval of session variables easier.· Ability to create manual URI's and links that includes session name and ID.· The ability to retrieve what the MySQL server version number is.· An adequate form of encode/decode member functions are included and used automatically when libmcrypt is not installed.· Security features:· Standard user inactivity time-out handled automatically.· Absolute user logoff time-out capability (session will be terminated no matter what after a number of designated minutes/seconds have elapsed).· Ability to lock and unlock a particular session or all sessions. When a session is made locked it is immediately not available for use.· User to session verification using IP address and browser information.· Security level (code) clearance for each session/web page.· Encrypt/decrypt as desired each session field.· Encrypt/decrypt an extra session field to compare against original (to detect against possible tampering).· Encrypt/decrypt the whole session data in the table (essentially obscuring session variable names in table). Can be used in combination with per session field encryption, resulting in double encryption security.· A new encryption Initialization Vector is created every time values change.· Ability to manually delete a particular session or all sessions.· The users IP address and web browser is recorded as part of the session for tracing information.· Other features:· Support for multiple language error and warning messages.· Support of a default language as well as current active language settings.· Basic or detailed (with SQL syntax) error/warning reporting.· Buffered error and warning messages.· Option for class to stop execution or not upon encountering an error/warning. Class can display errors/warnings automatically or control in your script.· Can select font color and size separately for error and warning messages.· Code has lots of comments and formatted within 82 characters wide.· Full documentation (only provided in English) is included.· Code use examples provided, including a basic authentication (login/logout) process.· SQL text file provided for creating the MySQL session table. Requirements: · PHP version 4.2.0 or higher · MySQL version 3.22.5 or higher · web server (Apache, IIs) · Unix/Linux/Windows/Mac · an ability to create MySQL databases, usernames and passwords such as with phpMyAdmin · libmcrypt 2.2.x or higher is optional if you want to utilize encryption/decryption

DB_eSession Related Software