PHP Session Storage


#1

@rbotzer

I am using the PHP library and using Aerospike as a session handler.

This is my change in php.ini session.save_handler => aerospike session.save_path => cache|sessions|10.1.1.248:3000

So far, it works. I just wanted to understand how is the data stored. When I login, I can see that there is a record.

select * from cache.sessions.

{ "edigest": "kT1q+jtpjnFs2GBYY6ESWik+osI=", "set": "sessions", "ttl": 15544522, "gen": 8, "bins": { "PHP_SESSION": "39 32 32 30 39 63 64 30 37 36 63 39 38 32 38 39 65 35 36 63 35 66 37 65 30 31 30 38 63 37 39 30 36 33 62 35 66 32 33 63 36 37 33 30 30 65 37 66 32 31 33 62 35 62 62 36 32 30 37 64 36 32 38 33 7C 61 3A 31 3A 7B 73 3A 34 3A 22 64 61 74 61 22 3B 61 3A 31 3A 7B 73 3A 36 3A 22 74 6F 6B 65 6E 73 22 3B 73 3A 36 34 3A 22 33 36 31 32 63 30 39 63 35 35 64 63 39 33 35 65 64 66 35 32 65 66 36 30 30 36 38 64 62 31 30 31 30 39 30 38 63 66 30 37 35 65 31 61 37 38 37 62 35 65 36 36 61 34 64 32 33 32 35 35 37 64 65 31 22 3B 7D 7D" } } ], [ { "Status": 0 } ]

How do I see the data that is stored in the session. I am storing user data like first/last name, user_id etc. But, I am not seeing it in the aql console.

Also, how do I set the PK? I need to migrate the session data from redis to aerospike and am a bit unsure about the data storage mechanism.

A little guidance would be much appreciated.


#2

The key is your session ID. What you’re seeing in that AQL session is the content of your session, as PHP_BYTES encoded bytes. This means that it was serialized by the PHP’s serialize() function.

Why wouldn’t you use your application to deal with session migration? You could read the Redis session, and using the PHP client save the session.

The details are here:


#3

Thanks for your reply.

Is there a way I can read the data in the bin PHP_SESSION. I want to do that to ensure that all the data is being stored and stored correctly.

I am not seeing a method to verify that in isolation.

Thanks a lot for your patience.


#4

You can write your own test of setting up the session handler to be aerospike, save things in your PHP session, and retrieve them on later access.

If you think there’s something wrong with the C code, you can fork the repo make a change, and submit a pull request. Or if writing C isn’t your thing, and you think you ran into a bug, write a bug report and submit it to the aerospike/aerospike-client-php repo. Otherwise, it works. There are tests for it, that you can find inside the repo and read for yourself.


#5

If you really need to manually verify that information, the process is a little bit involved. The simplest would be to just write to the session and read it back.

<?php

ini_set('session.save_handler', 'aerospike');
session_save_path("test|sess|localhost:3000");

session_id("mykey");
session_start();

$_SESSION["test"] = "testdata";
$_SESSION["other"] = 15;
session_write_close();

$_SESSION["this"] = "should not be loaded";

session_start();
var_dump($_SESSION);

?>

Otherwise you can write that information to the database. Then run AQL and the command

select * from test.sess where PK="mykey"

This will give you back a list of bytes. For me it is: 74 65 73 74 7C 73 3A 38 3A 22 74 65 73 74 64 61 74 61 22 3B 6F 74 68 65 72 7C 69 3A 31 35 3B

You can turn that in to an array of integers in PHP, then turn that into an array of characters, then session_decode the result, e.g.

<?php
$session_bytes = [0x74, 0x65, 0x73, 0x74, 0x7C, 0x73, 0x3A, 0x38, 0x3A, 0x22, 0x74, 0x65, 0x73, 0x74, 0x64, 0x61,
                0x74, 0x61, 0x22, 0x3B, 0x6F, 0x74, 0x68, 0x65, 0x72, 0x7C, 0x69, 0x3A, 0x31, 0x35, 0x3B];
$session_string = implode(array_map("chr", $session_bytes));
session_start();
session_decode($session_string);
var_dump($_SESSION);
?>