Read PHP Session without actually starting it

2018-06-21 10:51:59

I am looking for a way to read the contents of a PHP session without actually replacing the running session of the current request.

Lets say I have a running session (started before with session_start(), using the default session handler and the session_id given by the PHPSESSID cookie) Now I have another (valid) session_id and I want to read some of the data stored in that session.

The only way I can think of is to replace the current session with $oldSession = session_id(), set the new session with session_id($newId), then read the data from $_SESSION and then restart the original session with session_id($oldSession) - probably involving some aditional calls of session_commit() and session_start().

But I prefer to not touch the current, running session at all...

PHP 5.4 introduces the SessionHandler class (http://php.net/manual/de/class.sessionhandler.php) but manually calling $SessionHandler->read doesn't seem to work either

$handler = new SessionHandler();
var_dump($handler->read($session));

//Fatal error: SessionHandler::read(): Cannot call default session handler

I am using the native php memcached session handler

Thank you for any tipps!

I solved the problem by directly reading the session data from memcached.

Code based on a comment from http://php.net/manual/de/memcached.sessions.php

$session = 'session_id_to_read';
$servers = explode(',', ini_get('session.save_path'));
$c = count($servers);
for ($i = 0; $i < $c; ++$i) {
    $servers[$i] = explode(':', $servers[$i]);
}

$memcached = new Memcached();
$memcached->addServers($servers);
$sessionPrefix = ini_get('memcached.sess_prefix');
$rawData = $memcached->get($sessionPrefix.$session);
$data = $rawData ? unserialize($rawData) : false;

note that unserialize($rawData) only works if session.serialize_handler is set to 'php_serialize'

链接地址: http://www.djcxy.com/p/60242.html

上一篇: SESSION在函数执行后为空

下一篇: 阅读PHP会话而不实际启动它