Ferreteria/v0.5/sql/user session: Difference between revisions

From Woozle Writes Code
< Ferreteria‎ | v0.5‎ | sql
Jump to navigation Jump to search
(Created page with "==About== * PURPOSE: for managing web sessions * INTERNAL RULES: ** Get the session cookie. (If no cookie, we're not logged in.) ** Load the session record indicated by the co...")
 
No edit summary
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{fmt/title|Ferreteria: <code>user_client</code> table}}
==About==
==About==
* PURPOSE: for managing web sessions
* '''system''': {{l/ver|login}}
* INTERNAL RULES:
** '''subsystems''': {{l/ver|login/session|session management}}, {{l/ver|stash/session|Session stash}}
** Get the session cookie. (If no cookie, we're not logged in.)
==Purpose==
** Load the session record indicated by the cookie.
This table tracks a specific browser app on a specific client-device, using a single cookie (the only cookie Ferreteria uses) to ensure identity. It does not track user-login status. Multiple users can use the same session if they are using the same browser app on the same device.
** Check the session record to make sure it matches the current client.
==Internal Rules==
** If it does, the session's user ID is logged in; otherwise not.
* Get the session cookie. (If no cookie, we're not logged in.)
** A session record is also created for anonymous users.
* Load the session record indicated by the cookie.
* Check the session record to make sure it matches the current client.
* If it does, the session's user ID is logged in; otherwise not.
* A session record is also created for anonymous users.
==SQL==
<syntaxhighlight lang=mysql>
CREATE TABLE `user_session` (
  `ID`          int NOT NULL AUTO_INCREMENT,
  `ID_Client`  int NOT NULL COMMENT 'user_client.ID',
  `ID_Acct`    int DEFAULT NULL COMMENT 'ID of logged-in user account, if any',
  `Token`      varchar(31) CHARACTER SET utf8 NOT NULL COMMENT 'session identifier: random string passed as cookie',
  `Stash`      blob COMMENT 'other values associated with the session (PHP serialized)',
  `WhenCreated` datetime NOT NULL COMMENT 'when session was created',
  `WhenUsed`    datetime DEFAULT NULL COMMENT 'when the session was last accessed',
  `WhenExpires` datetime DEFAULT NULL COMMENT 'when session expired or is due to expire',
 
  PRIMARY KEY (`ID`),
  UNIQUE KEY `Token` (`Token`)
) ENGINE=InnoDB;
</syntaxhighlight>
==History==
==History==
* 2013-10-25 stripped Session classes out of VbzCart shop.php for use in ATC project
* 2013-10-25 stripped Session classes out of VbzCart shop.php for use in ATC project

Latest revision as of 20:37, 13 February 2023

Ferreteria: user_client table

About

Purpose

This table tracks a specific browser app on a specific client-device, using a single cookie (the only cookie Ferreteria uses) to ensure identity. It does not track user-login status. Multiple users can use the same session if they are using the same browser app on the same device.

Internal Rules

  • Get the session cookie. (If no cookie, we're not logged in.)
  • Load the session record indicated by the cookie.
  • Check the session record to make sure it matches the current client.
  • If it does, the session's user ID is logged in; otherwise not.
  • A session record is also created for anonymous users.

SQL

CREATE TABLE `user_session` (
  `ID`          int NOT NULL AUTO_INCREMENT,
  `ID_Client`   int NOT NULL COMMENT 'user_client.ID',
  `ID_Acct`     int DEFAULT NULL COMMENT 'ID of logged-in user account, if any',
  `Token`       varchar(31) CHARACTER SET utf8 NOT NULL COMMENT 'session identifier: random string passed as cookie',
  `Stash`       blob COMMENT 'other values associated with the session (PHP serialized)',
  `WhenCreated` datetime NOT NULL COMMENT 'when session was created',
  `WhenUsed`    datetime DEFAULT NULL COMMENT 'when the session was last accessed',
  `WhenExpires` datetime DEFAULT NULL COMMENT 'when session expired or is due to expire',

  PRIMARY KEY (`ID`),
  UNIQUE KEY `Token` (`Token`)
) ENGINE=InnoDB;

History

  • 2013-10-25 stripped Session classes out of VbzCart shop.php for use in ATC project
  • 2013-11-09 backported improved Session classes back into user-session.php
  • 2016-04-03 moved RandomString() to fcString::Random().
  • 2020-12-12 some updates for v0.4