Asp.net mvc与PHP的Session共享的实现

最近在做的一个ASP.NET MVC的项目，要用到第三方的php系统，为了实现两个系统的互联互通。决定将两者的session打通共享。让asp.net mvc 和php 都能正常访问和修改Session内容。

在决定实现之前，先搜索了一下院子里有没有相类似的文章，对于跨语言的程序互通，有两种方案：

（1） SSO单点登录，其实就是把用户名和密码传给另一个系统在另一个系统上自动创建session 来解决。

（2） 还有就是用同一套Session，在数据库或缓存上架设session服务。

第一种方案因为两套系统的交互比较多，不仅仅是登陆和验证，所以不适合。

第二种方案网上资料不多，不过关于session 数据库持久化的内容不少。选择第二种方案。

先说一下 大概的思路：

（1） 将Asp.net 的Session 采用mysql 存储。

（2） 将PHP的session也采用同一个数据库，同一张表存储。

（3） 修改Asp.net的Session内容的序列化和反序列化方式，使之与PHP的序列号方式相同。

（4） 修改两者的 cookie 中的sessionID 名称让二者采用同一个Sessionid名称。

（5） 修改两者的cookie作用域，使两者的Cookie Domin 位于主域名如 xxx.com。

（6） 解决后续出现的问题。

* php session 序列化格式： user_id|s:1:"3";user_name|s:4:"test";email|s:12:"fdff@fdf.com";avatarSrc|s:0:"";

闲话不多说直接上代码。

--Mysql 数据表的创建代码
CREATE TABLE `sessions` (
`SessionId` VARCHAR(80) NOT NULL,
`ApplicationName` VARCHAR(255) NOT NULL,
`Created` DATETIME NOT NULL,
`Expires` DATETIME NOT NULL,
`LockDate` DATETIME NOT NULL,
`LockId` INT(10) UNSIGNED NOT NULL,
`Timeout` INT(10) UNSIGNED NOT NULL,
`Locked` SMALLINT(1) UNSIGNED NOT NULL,
`SessionItems` LONGTEXT NOT NULL,
`Flags` INT(10) UNSIGNED NOT NULL,
PRIMARY KEY (`SessionId`,`ApplicationName`)
) ENGINE=INNODB DEFAULT CHARSET=utf8

　　

Asp.net SessionProvider 代码

public class SessionProvider : SessionStateStoreProviderBase
{

private SessionStateSection pConfig = null;
private string connectionString;
private ConnectionStringSettings pConnectionStringSettings;
private string eventSource = "OdbcSessionStateStore";
private string eventLog = "Application";
private string exceptionMessage =
"An exception occurred. Please contact your administrator.";
private string pApplicationName;

//
// If false, exceptions are thrown to the caller. If true,
// exceptions are written to the event log.
//

private bool pWriteExceptionsToEventLog = false;

public bool WriteExceptionsToEventLog
{
get { return pWriteExceptionsToEventLog; }
set { pWriteExceptionsToEventLog = value; }
}

//
// The ApplicationName property is used to differentiate sessions
// in the data source by application.
//

public string ApplicationName
{
get { return pApplicationName; }
}

public override void Initialize(string name, NameValueCollection config)
{
//
// Initialize values from web.config.
//

if (config == null)
throw new ArgumentNullException("config");

if (name == null || name.Length == 0)
name = "OdbcSessionStateStore";

if (String.IsNullOrEmpty(config["description"]))
{
config.Remove("description");
config.Add("description", "Sample ODBC Session State Store provider");
}

// Initialize the abstract base class.
base.Initialize(name, config);

//
// Initialize the ApplicationName property.
//

pApplicationName =
System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath;

//
// Get <sessionState> configuration element.
//

Configuration cfg =
WebConfigurationManager.OpenWebConfiguration(ApplicationName);
pConfig =
(SessionStateSection)cfg.GetSection("system.web/sessionState");

//
// Initialize connection string.
//

pConnectionStringSettings =
ConfigurationManager.ConnectionStrings["MySqlSessionServices"];

//if (pConnectionStringSettings == null ||
//  pConnectionStringSettings.ConnectionString.Trim() == "")
//{
//    throw new ProviderException("Connection string cannot be blank.");
//}

connectionString = pConnectionStringSettings.ConnectionString;

//
// Initialize WriteExceptionsToEventLog
//

pWriteExceptionsToEventLog = false;

//if (config["writeExceptionsToEventLog"] != null)
//{
//    if (config["writeExceptionsToEventLog"].ToUpper() == "TRUE")
//        pWriteExceptionsToEventLog = true;
//}
}

//
// SessionStateStoreProviderBase members
//

public override void Dispose()
{
}

//
// SessionStateProviderBase.SetItemExpireCallback
//

public override bool SetItemExpireCallback(SessionStateItemExpireCallback expireCallback)
{
return false;
}

//
// SessionStateProviderBase.SetAndReleaseItemExclusive
//

public override void SetAndReleaseItemExclusive(HttpContext context,
string id,
SessionStateStoreData item,
object lockId,
bool newItem)
{
// Serialize the SessionStateItemCollection as a string.
string sessItems = Serialize((SessionStateItemCollection)item.Items);

#region odbc代码
//MySqlConnection conn = new MySqlConnection(connectionString);
//MySqlCommand cmd;
//MySqlCommand deleteCmd = null;
#endregion

MySqlConnection conn = new MySqlConnection(connectionString);
MySqlCommand cmd;
MySqlCommand deleteCmd = null;

if (newItem)
{
// MySqlCommand to clear an existing expired session if it exists.
deleteCmd = new MySqlCommand("DELETE FROM Sessions " +
"WHERE SessionId = ? AND ApplicationName = ? AND Expires < ?", conn);
deleteCmd.Parameters.Add("@SessionId",MySqlDbType.VarChar, 80).Value = id;
deleteCmd.Parameters.Add
("@ApplicationName", MySqlDbType.VarChar, 255).Value = ApplicationName;
deleteCmd.Parameters.Add
("@Expires", MySqlDbType.DateTime).Value = DateTime.Now;

// MySqlCommand to insert the new session item.
cmd = new MySqlCommand("INSERT INTO Sessions " +
" (SessionId, ApplicationName, Created, Expires, " +
"  LockDate, LockId, Timeout, Locked, SessionItems, Flags) " +
" Values(?, ?, ?, ?, ?, ? , ?, ?, ?, ?)", conn);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add
("@ApplicationName", MySqlDbType.VarChar, 255).Value = ApplicationName;
cmd.Parameters.Add
("@Created", MySqlDbType.DateTime).Value = DateTime.Now;
cmd.Parameters.Add
("@Expires", MySqlDbType.DateTime).Value = DateTime.Now.AddMinutes((Double)item.Timeout);
cmd.Parameters.Add
("@LockDate", MySqlDbType.DateTime).Value = DateTime.Now;
cmd.Parameters.AddWithValue("@LockId", MySqlDbType.Int32).Value = 0;
cmd.Parameters.Add
("@Timeout", MySqlDbType.Int32).Value = item.Timeout;
cmd.Parameters.AddWithValue("@Locked", MySqlDbType.Bit).Value = false;
cmd.Parameters.Add
("@SessionItems", MySqlDbType.VarChar, sessItems.Length).Value = sessItems;
cmd.Parameters.Add("@Flags", MySqlDbType.Int32).Value = 0;
}
else
{
// MySqlCommand to update the existing session item.
cmd = new MySqlCommand(
"UPDATE Sessions SET Expires = ?, SessionItems = ?, Locked = ? " +
" WHERE SessionId = ? AND ApplicationName = ? AND LockId = ?", conn);
cmd.Parameters.Add("@Expires", MySqlDbType.DateTime).Value =DateTime.Now.AddMinutes((Double)item.Timeout);
cmd.Parameters.Add("@SessionItems", MySqlDbType.VarChar, sessItems.Length).Value = sessItems;
cmd.Parameters.Add("@Locked", MySqlDbType.Bit).Value = false;
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar, 255).Value = ApplicationName;
cmd.Parameters.Add("@LockId", MySqlDbType.Int32 ).Value = lockId;
}

try
{
conn.Open();

if (deleteCmd != null)
deleteCmd.ExecuteNonQuery();

cmd.ExecuteNonQuery();
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "SetAndReleaseItemExclusive");
throw new ProviderException(exceptionMessage);
}
else
throw e;
}
finally
{
conn.Close();
}
}

//
// SessionStateProviderBase.GetItem
//

public override SessionStateStoreData GetItem(HttpContext context,
string id,
out bool locked,
out TimeSpan lockAge,
out object lockId,
out SessionStateActions actionFlags)
{
return GetSessionStoreItem(false, context, id, out locked,
out lockAge, out lockId, out actionFlags);
}

//
// SessionStateProviderBase.GetItemExclusive
//

public override SessionStateStoreData GetItemExclusive(HttpContext context,
string id,
out bool locked,
out TimeSpan lockAge,
out object lockId,
out SessionStateActions actionFlags)
{
return GetSessionStoreItem(true, context, id, out locked,
out lockAge, out lockId, out actionFlags);
}

//
// GetSessionStoreItem is called by both the GetItem and
// GetItemExclusive methods. GetSessionStoreItem retrieves the
// session data from the data source. If the lockRecord parameter
// is true (in the case of GetItemExclusive), then GetSessionStoreItem
// locks the record and sets a new LockId and LockDate.
//

private SessionStateStoreData GetSessionStoreItem(bool lockRecord,
HttpContext context,
string id,
out bool locked,
out TimeSpan lockAge,
out object lockId,
out SessionStateActions actionFlags)
{
// Initial values for return value and out parameters.
SessionStateStoreData item = null;
lockAge = TimeSpan.Zero;
lockId = null;
locked = false;
actionFlags = 0;

// ODBC database connection.
MySqlConnection conn = new MySqlConnection(connectionString);
// MySqlCommand for database commands.
MySqlCommand cmd = null;
// DataReader to read database record.
MySqlDataReader reader = null;

// DateTime to check if current session item is expired.
DateTime expires;
// String to hold serialized SessionStateItemCollection.
string serializedItems = "";
// True if a record is found in the database.
bool foundRecord = false;
// True if the returned session item is expired and needs to be deleted.
bool deleteData = false;
// Timeout value from the data store.
int timeout = 0;

try
{
conn.Open();

// lockRecord is true when called from GetItemExclusive and
// false when called from GetItem.
// Obtain a lock if possible. Ignore the record if it is expired.
if (lockRecord)
{
cmd = new MySqlCommand(
"UPDATE Sessions SET" +
" Locked = ?, LockDate = ? " +
" WHERE SessionId = ? AND ApplicationName = ? AND Locked = ? AND Expires > ?", conn);
cmd.Parameters.Add("@Locked", MySqlDbType.Bit).Value = true;
cmd.Parameters.Add("@LockDate", MySqlDbType.DateTime).Value= DateTime.Now;
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar, 255).Value = ApplicationName;
cmd.Parameters.Add("@Lockid", MySqlDbType.Int32).Value = 0;
cmd.Parameters.Add("@Expires", MySqlDbType.DateTime).Value = DateTime.Now;

if (cmd.ExecuteNonQuery() == 0)
// No record was updated because the record was locked or not found.
locked = true;
else
// The record was updated.

locked = false;
}

// Retrieve the current session item information.
cmd = new MySqlCommand(
"SELECT Expires, SessionItems, LockId, LockDate, Flags, Timeout " +
"  FROM Sessions " +
"  WHERE SessionId = ? AND ApplicationName = ?", conn);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar,
255).Value = ApplicationName;

// Retrieve session item data from the data source.
reader = cmd.ExecuteReader(CommandBehavior.SingleRow);
while (reader.Read())
{
expires = reader.GetDateTime(0);

if (expires < DateTime.Now)
{
// The record was expired. Mark it as not locked.
locked = false;
// The session was expired. Mark the data for deletion.
deleteData = true;
}
else
foundRecord = true;

serializedItems = reader.GetString(1);
lockId = reader.GetInt32(2);
lockAge = DateTime.Now.Subtract(reader.GetDateTime(3));
actionFlags = (SessionStateActions)reader.GetInt32(4);
timeout = reader.GetInt32(5);
}
reader.Close();

// If the returned session item is expired,
// delete the record from the data source.
if (deleteData)
{
cmd = new MySqlCommand("DELETE FROM Sessions " +
"WHERE SessionId = ? AND ApplicationName = ?", conn);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar,
255).Value = ApplicationName;

cmd.ExecuteNonQuery();
}

// The record was not found. Ensure that locked is false.
if (!foundRecord)
locked = false;

// If the record was found and you obtained a lock, then set
// the lockId, clear the actionFlags,
// and create the SessionStateStoreItem to return.
if (foundRecord && !locked)
{
lockId = (int)lockId + 1;

cmd = new MySqlCommand("UPDATE Sessions SET" +
" LockId = ?, Flags = 0 " +
" WHERE SessionId = ? AND ApplicationName = ?", conn);
cmd.Parameters.Add("@LockId", MySqlDbType.Int32).Value = lockId;
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar, 255).Value = ApplicationName;

cmd.ExecuteNonQuery();

// If the actionFlags parameter is not InitializeItem,
// deserialize the stored SessionStateItemCollection.
if (actionFlags == SessionStateActions.InitializeItem)
item = CreateNewStoreData(context, pConfig.Timeout.Minutes);
else
item = Deserialize(context, serializedItems, timeout);
}
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "GetSessionStoreItem");
throw new ProviderException(exceptionMessage);
}
else
throw e;
}
finally
{
if (reader != null) { reader.Close(); }
conn.Close();
}

return item;
}

//
// Serialize is called by the SetAndReleaseItemExclusive method to
// convert the SessionStateItemCollection into a Base64 string to
// be stored in an Access Memo field.
//

private string Serialize(SessionStateItemCollection items)
{

items["LastName"] = "Wilson";
items["FirstName"] = "Dan";

string ret = "";
for (int i = 0; i < items.Count;i++ )
{
string str = "";
if (items[i] != null)
{
str = items.Keys[i] + "|s:" + items[i].ToString().Length + ":\"" + items[i].ToString() + "\";";
}
else
{
str = items.Keys[i] + "|N;";
}
ret += str;
}
return ret;
}

#region base64 序列化session
//
// DeSerialize is called by the GetSessionStoreItem method to
// convert the Base64 string stored in the Access Memo field to a
// SessionStateItemCollection.
//

//private SessionStateStoreData Deserialize(HttpContext context,
//  string serializedItems, int timeout)
//{
//    MemoryStream ms =
//      new MemoryStream(Convert.FromBase64String(serializedItems));

//    SessionStateItemCollection sessionItems =
//      new SessionStateItemCollection();

//    if (ms.Length > 0)
//    {
//        BinaryReader reader = new BinaryReader(ms);
//        sessionItems = SessionStateItemCollection.Deserialize(reader);

//    }

//    return new SessionStateStoreData(sessionItems,
//      SessionStateUtility.GetSessionStaticObjects(context),
//      timeout);
//}

#endregion

/// <summary>
/// 自定义获取session项
/// </summary>
/// <param name="context"></param>
/// <param name="serializedItems"></param>
/// <param name="timeout"></param>
/// <returns></returns>
private SessionStateStoreData Deserialize(HttpContext context,
string serializedItems, int timeout)
{

SessionStateItemCollection sessionItems = new SessionStateItemCollection();

string[] arry = serializedItems.Split(';');
foreach (string item in arry)
{
if (!string.IsNullOrEmpty(item))
{
string strKey = item.Split('|')[0];
string other = item.Split('|')[1];
string strValue = "";
if (other == "N")
{
sessionItems[strKey]=null;
}
else if (other.Split(':').Count() > 2)
{//s:1:"1"
strValue = other.Split(':')[2];
sessionItems[strKey] = strValue.Replace("\"", "");
}
else
{
sessionItems[strKey] = null;
}
}
}

return new SessionStateStoreData(sessionItems,
SessionStateUtility.GetSessionStaticObjects(context),
timeout);
}

public override void ReleaseItemExclusive(HttpContext context,
string id,
object lockId)
{
MySqlConnection conn = new MySqlConnection(connectionString);
MySqlCommand cmd =
new MySqlCommand("UPDATE Sessions SET Locked = 0, Expires = ? " +
"WHERE SessionId = ? AND ApplicationName = ? AND LockId = ?", conn);
cmd.Parameters.Add("@Expires", MySqlDbType.DateTime).Value =
DateTime.Now.AddMinutes(pConfig.Timeout.Minutes);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar,
255).Value = ApplicationName;
cmd.Parameters.Add("@LockId", MySqlDbType.Int32).Value = lockId;

try
{
conn.Open();

cmd.ExecuteNonQuery();
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "ReleaseItemExclusive");
throw new ProviderException(exceptionMessage);
}
else
throw e;
}
finally
{
conn.Close();
}
}

//
// SessionStateProviderBase.RemoveItem
//

public override void RemoveItem(HttpContext context,
string id,
object lockId,
SessionStateStoreData item)
{
MySqlConnection conn = new MySqlConnection(connectionString);
MySqlCommand cmd = new MySqlCommand("DELETE * FROM Sessions " +
"WHERE SessionId = ? AND ApplicationName = ? AND LockId = ?", conn);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar,
255).Value = ApplicationName;
cmd.Parameters.Add("@LockId", MySqlDbType.Int32).Value = lockId;

try
{
conn.Open();

cmd.ExecuteNonQuery();
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "RemoveItem");
throw new ProviderException(exceptionMessage);
}
else
throw e;
}
finally
{
conn.Close();
}
}

//
// SessionStateProviderBase.CreateUninitializedItem
//

public override void CreateUninitializedItem(HttpContext context,
string id,
int timeout)
{
//MySqlConnection conn = new MySqlConnection(connectionString);

MySqlConnection conn = new MySqlConnection(connectionString);

MySqlCommand cmd = new MySqlCommand("INSERT INTO Sessions " +
" (SessionId, ApplicationName, Created, Expires, " +
"  LockDate, LockId, Timeout, Locked, SessionItems, Flags) " +
" Values(?, ?, ?, ?, ?, ? , ?, ?, ?, ?)", conn);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar,
255).Value = ApplicationName;
cmd.Parameters.Add("@Created", MySqlDbType.DateTime).Value
= DateTime.Now;
cmd.Parameters.Add("@Expires", MySqlDbType.DateTime).Value
= DateTime.Now.AddMinutes((Double)timeout);
cmd.Parameters.Add("@LockDate", MySqlDbType.DateTime).Value
= DateTime.Now;
cmd.Parameters.Add("@LockId", MySqlDbType.Int32).Value = 0;
cmd.Parameters.Add("@Timeout", MySqlDbType.Int32).Value = timeout;
cmd.Parameters.Add("@Locked", MySqlDbType.Bit).Value = false;
cmd.Parameters.Add("@SessionItems", MySqlDbType.VarChar, 0).Value = "";
cmd.Parameters.Add("@Flags", MySqlDbType.Int32).Value = 1;

try
{
conn.Open();

cmd.ExecuteNonQuery();
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "CreateUninitializedItem");
throw new ProviderException(exceptionMessage);
}
else
throw e;
}
finally
{
conn.Close();
}
}

//
// SessionStateProviderBase.CreateNewStoreData
//

public override SessionStateStoreData CreateNewStoreData(
HttpContext context,
int timeout)
{
return new SessionStateStoreData(new SessionStateItemCollection(),
SessionStateUtility.GetSessionStaticObjects(context),
timeout);
}

//
// SessionStateProviderBase.ResetItemTimeout
//

public override void ResetItemTimeout(HttpContext context,
string id)
{
MySqlConnection conn = new MySqlConnection(connectionString);
MySqlCommand cmd =
new MySqlCommand("UPDATE Sessions SET Expires = ? " +
"WHERE SessionId = ? AND ApplicationName = ?", conn);
cmd.Parameters.Add("@Expires", MySqlDbType.DateTime).Value
= DateTime.Now.AddMinutes(pConfig.Timeout.Minutes);
cmd.Parameters.Add("@SessionId", MySqlDbType.VarChar, 80).Value = id;
cmd.Parameters.Add("@ApplicationName", MySqlDbType.VarChar,
255).Value = ApplicationName;

try
{
conn.Open();

cmd.ExecuteNonQuery();
}
catch (MySqlException e)
{
if (WriteExceptionsToEventLog)
{
WriteToEventLog(e, "ResetItemTimeout");
throw new ProviderException(exceptionMessage);
}
else
throw e;
}
finally
{
conn.Close();
}
}

public override void InitializeRequest(HttpContext context)
{
}
public override void EndRequest(HttpContext context)
{
}

private void WriteToEventLog(Exception e, string action)
{
EventLog log = new EventLog();
log.Source = eventSource;
log.Log = eventLog;

string message =
"An exception occurred communicating with the data source.\n\n";
message += "Action: " + action + "\n\n";
message += "Exception: " + e.ToString();

log.WriteEntry(message);
}
}

　　Php Session 提供程序代码

function sess_open($save_path, $session_name) {
global $SESS_DBHOST, $SESS_DBNAME, $SESS_DBUSER, $SESS_DBPASS, $SESS_DBH;

if (! $SESS_DBH = mysql_pconnect($SESS_DBHOST, $SESS_DBUSER, $SESS_DBPASS)) {
echo "<li>Can't connect to $SESS_DBHOST as $SESS_DBUSER";
echo "<li>MySQL Error: " . mysql_error();
die;
}

if (! mysql_select_db($SESS_DBNAME, $SESS_DBH)) {
echo "<li>Unable to select database $SESS_DBNAME";
die;
}

return true;
}

function sess_close() {
return true;
}

function sess_read($key) {
global $SESS_DBH, $SESS_LIFE;

$qry = "SELECT SessionItems FROM sessions WHERE SessionId = '$key' and ApplicationName='/'   AND Expires > '" .date("Y-m-d H:i:s")."'";
$qid = mysql_query($qry, $SESS_DBH);

if (list($value) = mysql_fetch_row($qid)) {
return $value;
}
//else
//{
//    sess_write($key,'');
//    return '';
//}
return false;
}

function sess_write($key, $val) {
global $SESS_DBH, $SESS_LIFE;

$Tnow=date("Y-m-d H:i:s");//当前时间
$expiry =date("Y-m-d H:i:s", time() + $SESS_LIFE); //过期时间
$value = addslashes($val);

$qry = "INSERT INTO sessions (SessionId, ApplicationName, Created, Expires, ".
"  LockDate, LockId, Timeout, Locked, SessionItems, Flags) ".
"  VALUES ('$key','/', '$Tnow' ,'$expiry','$Tnow', 0, 20,0, '$value',0 )";
$qid = mysql_query($qry, $SESS_DBH);

if (! $qid) {
$qry = "UPDATE sessions SET Expires = '$expiry', SessionItems = '$value' WHERE SessionId = '$key' AND Expires > '" . date("Y-m-d H:i:s")."'";
$qid = mysql_query($qry, $SESS_DBH);
}

return $qid;
}

function sess_destroy($key) {
global $SESS_DBH;

$qry = "DELETE FROM sessions WHERE SessionId = '$key'";
$qid = mysql_query($qry, $SESS_DBH);

return $qid;
}

function sess_gc($maxlifetime) {
global $SESS_DBH;

$qry = "DELETE FROM sessions WHERE Expires < '" . date("Y-m-d H:i:s")."'";
$qid = mysql_query($qry, $SESS_DBH);

return mysql_affected_rows($SESS_DBH);
}

session_set_save_handler(
"sess_open",
"sess_close",
"sess_read",
"sess_write",
"sess_destroy",
"sess_gc");

session_start();

　　

至于修改作用域 直接在php网站的配置里修改就行，其他的php.ini的修改网上多的是。

后续产生的问题

Asp.net 创建的session信息 ，php能读能写。Php创建的session ASP.NET 在没有创建过Session 的时候不能读取。仅当Asp.Net的程序创建过 Session后，Php 修改过的内容才会生效。

这个问题产生的原因 是ASP.Net 的Session产生机制的问题，页面请求Asp.net并不会马上创建Session和读取Cookie 的SessionID去查找Session

解决这个问题又有多种方案，而我选用的是 最简单的一种 只用 Asp.net的登陆程序做入口。