[Sommaire] [Imprimer]

   1  John,
   2  
   3  I have been an extremely satisfied ADODB user for several years now.
   4  
   5  To give you something back for all your hard work, I've spent the last 3
   6  days rewriting the adodb-session.php code.
   7  
   8  ----------
   9  What's New
  10  ----------
  11  
  12  Here's a list of the new code's benefits:
  13  
  14  * Combines the functionality of the three files:
  15  
  16  adodb-session.php
  17  adodb-session-clob.php
  18  adodb-cryptsession.php
  19  
  20  each with very similar functionality, into a single file adodb-session.php.
  21  This will ease maintenance and support issues.
  22  
  23  * Supports multiple encryption and compression schemes.
  24    Currently, we support:
  25  
  26    MD5Crypt (crypt.inc.php)
  27    MCrypt
  28    Secure (Horde's emulation of MCrypt, if MCrypt module is not available.)
  29    GZip
  30    BZip2
  31  
  32  These can be stacked, so if you want to compress and then encrypt your
  33  session data, it's easy.
  34  Also, the built-in MCrypt functions will be *much* faster, and more secure,
  35  than the MD5Crypt code.
  36  
  37  * adodb-session.php contains a single class ADODB_Session that encapsulates
  38  all functionality.
  39    This eliminates the use of global vars and defines (though they are
  40  supported for backwards compatibility).
  41  
  42  * All user defined parameters are now static functions in the ADODB_Session
  43  class.
  44  
  45  New parameters include:
  46  
  47  * encryptionKey(): Define the encryption key used to encrypt the session.
  48  Originally, it was a hard coded string.
  49  
  50  * persist(): Define if the database will be opened in persistent mode.
  51  Originally, the user had to call adodb_sess_open().
  52  
  53  * dataFieldName(): Define the field name used to store the session data, as
  54  'DATA' appears to be a reserved word in the following cases:
  55      ANSI SQL
  56      IBM DB2
  57      MS SQL Server
  58      Postgres
  59      SAP
  60  
  61  * filter(): Used to support multiple, simulataneous encryption/compression
  62  schemes.
  63  
  64  * Debug support is improved thru _rsdump() function, which is called after
  65  every database call.
  66  
  67  ------------
  68  What's Fixed
  69  ------------
  70  
  71  The new code includes several bug fixes and enhancements:
  72  
  73  * sesskey is compared in BINARY mode for MySQL, to avoid problems with
  74  session keys that differ only by case.
  75    Of course, the user should define the sesskey field as BINARY, to
  76  correctly fix this problem, otherwise performance will suffer.
  77  
  78  * In ADODB_Session::gc(), if $expire_notify is true, the multiple DELETES in
  79  the original code have been optimized to a single DELETE.
  80  
  81  * In ADODB_Session::destroy(), since "SELECT expireref, sesskey FROM $table
  82  WHERE sesskey = $qkey" will only return a single value, we don't loop on the
  83  result, we simply process the row, if any.
  84  
  85  * We close $rs after every use.
  86  
  87  ---------------
  88  What's the Same
  89  ---------------
  90  
  91  I know backwards compatibility is *very* important to you.  Therefore, the
  92  new code is 100% backwards compatible.
  93  
  94  If you like my code, but don't "trust" it's backwards compatible, maybe we
  95  offer it as beta code, in a new directory for a release or two?
  96  
  97  ------------
  98  What's To Do
  99  ------------
 100  
 101  I've vascillated over whether to use a single function to get/set
 102  parameters:
 103  
 104  $user = ADODB_Session::user();     // get

 105  ADODB_Session::user($user);        // set

 106  
 107  or to use separate functions (which is the PEAR/Java way):
 108  
 109  $user = ADODB_Session::getUser();
 110  ADODB_Session::setUser($user);
 111  
 112  I've chosen the former as it's makes for a simpler API, and reduces the
 113  amount of code, but I'd be happy to change it to the latter.
 114  
 115  Also, do you think the class should be a singleton class, versus a static
 116  class?
 117  
 118  Let me know if you find this code useful, and will be including it in the
 119  next release of ADODB.
 120  
 121  If so, I will modify the current documentation to detail the new
 122  functionality.  To that end, what file(s) contain the documentation?  Please
 123  send them to me if they are not publically available.
 124  
 125  Also, if there is *anything* in the code that you like to see changed, let
 126  me know.
 127  
 128  Thanks,
 129  
 130  Ross
 131