Ferreteria/v0.5/sql/user session: Difference between revisions
< Ferreteria | v0.5 | sql
Jump to navigation
Jump to search
(Created page with "==About== * PURPOSE: for managing web sessions * INTERNAL RULES: ** Get the session cookie. (If no cookie, we're not logged in.) ** Load the session record indicated by the co...") |
No edit summary |
||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{fmt/title|Ferreteria: <code>user_client</code> table}} | |||
==About== | ==About== | ||
* | * '''system''': {{l/ver|login}} | ||
* | ** '''subsystems''': {{l/ver|login/session|session management}}, {{l/ver|stash/session|Session stash}} | ||
==Purpose== | |||
This table tracks a specific browser app on a specific client-device, using a single cookie (the only cookie Ferreteria uses) to ensure identity. It does not track user-login status. Multiple users can use the same session if they are using the same browser app on the same device. | |||
==Internal Rules== | |||
* Get the session cookie. (If no cookie, we're not logged in.) | |||
* Load the session record indicated by the cookie. | |||
* Check the session record to make sure it matches the current client. | |||
* If it does, the session's user ID is logged in; otherwise not. | |||
* A session record is also created for anonymous users. | |||
==SQL== | |||
<syntaxhighlight lang=mysql> | |||
CREATE TABLE `user_session` ( | |||
`ID` int NOT NULL AUTO_INCREMENT, | |||
`ID_Client` int NOT NULL COMMENT 'user_client.ID', | |||
`ID_Acct` int DEFAULT NULL COMMENT 'ID of logged-in user account, if any', | |||
`Token` varchar(31) CHARACTER SET utf8 NOT NULL COMMENT 'session identifier: random string passed as cookie', | |||
`Stash` blob COMMENT 'other values associated with the session (PHP serialized)', | |||
`WhenCreated` datetime NOT NULL COMMENT 'when session was created', | |||
`WhenUsed` datetime DEFAULT NULL COMMENT 'when the session was last accessed', | |||
`WhenExpires` datetime DEFAULT NULL COMMENT 'when session expired or is due to expire', | |||
PRIMARY KEY (`ID`), | |||
UNIQUE KEY `Token` (`Token`) | |||
) ENGINE=InnoDB; | |||
</syntaxhighlight> | |||
==History== | ==History== | ||
* 2013-10-25 stripped Session classes out of VbzCart shop.php for use in ATC project | * 2013-10-25 stripped Session classes out of VbzCart shop.php for use in ATC project | ||
Latest revision as of 20:37, 13 February 2023
|
Ferreteria:
user_client table |
About
- system: login
- subsystems: session management, Session stash
Purpose
This table tracks a specific browser app on a specific client-device, using a single cookie (the only cookie Ferreteria uses) to ensure identity. It does not track user-login status. Multiple users can use the same session if they are using the same browser app on the same device.
Internal Rules
- Get the session cookie. (If no cookie, we're not logged in.)
- Load the session record indicated by the cookie.
- Check the session record to make sure it matches the current client.
- If it does, the session's user ID is logged in; otherwise not.
- A session record is also created for anonymous users.
SQL
CREATE TABLE `user_session` (
`ID` int NOT NULL AUTO_INCREMENT,
`ID_Client` int NOT NULL COMMENT 'user_client.ID',
`ID_Acct` int DEFAULT NULL COMMENT 'ID of logged-in user account, if any',
`Token` varchar(31) CHARACTER SET utf8 NOT NULL COMMENT 'session identifier: random string passed as cookie',
`Stash` blob COMMENT 'other values associated with the session (PHP serialized)',
`WhenCreated` datetime NOT NULL COMMENT 'when session was created',
`WhenUsed` datetime DEFAULT NULL COMMENT 'when the session was last accessed',
`WhenExpires` datetime DEFAULT NULL COMMENT 'when session expired or is due to expire',
PRIMARY KEY (`ID`),
UNIQUE KEY `Token` (`Token`)
) ENGINE=InnoDB;
History
- 2013-10-25 stripped Session classes out of VbzCart shop.php for use in ATC project
- 2013-11-09 backported improved Session classes back into user-session.php
- 2016-04-03 moved RandomString() to fcString::Random().
- 2020-12-12 some updates for v0.4