source: trunk/Packages/CoolWeb/WebServer/HTTPSessionMySQL.pas

unit HTTPSessionMySQL;

interface

uses
  Classes, SysUtils, HTTPServer, syncobjs, synacode, Common, SqlDatabase;

type

  { TFileHTTPSessionStorage }

  { THTTPSessionStorageMySQL }

  THTTPSessionStorageMySQL = class(THTTPSessionStorage)
  private
    FSessionIdCookieName: string;
    FDatabase: TSqlDatabase;
    FTimeout: Integer;
    Lock: TCriticalSection;
    function GetNewSessionId: string;
    procedure GetSessionId(HandlerData: THTTPHandlerData);
  public
    Sessions: TStringList;
    procedure Load(HandlerData: THTTPHandlerData); override;
    procedure Save(HandlerData: THTTPHandlerData); override;
    constructor Create(AOwner: TComponent); override;
    destructor Destroy; override;
  published
    property Database: TSqlDatabase read FDatabase write FDatabase;
    property Timeout: Integer read FTimeout write FTimeout; // in seconds
    property SessionIdCookieName: string read FSessionIdCookieName
      write FSessionIdCookieName;
  end;

procedure Register;


implementation

procedure Register;
begin
  RegisterComponents('CoolWeb', [THTTPSessionStorageMySQL]);
end;

{ THTTPSession }

function THTTPSessionStorageMySQL.GetNewSessionId: string;
var
  DbRows: TDbRows;
  Found: Boolean;
begin
  repeat
    Result := BinToHexString(SHA1(FloatToStr(Now)));
    try
      DbRows := TDbRows.Create;
      Database.Query(DbRows, 'SELECT * FROM `HTTPSession` WHERE `Identification`="' +
        Result + '"');
      Found := DbRows.Count > 0;
    finally
      DbRows.Free;
    end;
  until not Found;
end;

procedure THTTPSessionStorageMySQL.GetSessionId(HandlerData: THTTPHandlerData);
var
  Value: string;
begin
  with HandlerData do begin
    if Request.Cookies.TryGetValue(SessionIdCookieName, Value) then begin
      SessionId := Value;
    end else begin
      SessionId := GetNewSessionId;
    end;
  end;
end;

procedure THTTPSessionStorageMySQL.Load(HandlerData: THTTPHandlerData);
var
  DbRows: TDbRows;
begin
  GetSessionId(HandlerData);
  try
    Lock.Acquire;
    DbRows := TDbRows.Create;
    Database.Query(DbRows, 'DELETE FROM `HTTPSession` WHERE `Time` < DATE_SUB(NOW(), INTERVAL ' +
      IntToStr(Timeout) +' SECOND)');
    Database.Query(DbRows, 'SELECT * FROM `HTTPSession` WHERE `Identification`="' +
      HandlerData.SessionId + '"');
    if DbRows.Count > 0 then begin
      HandlerData.Session.Text := DbRows[0].Items['Variables'];
    end else begin
      HandlerData.SessionId := GetNewSessionId;
    end;
  finally
    DbRows.Free;
    Lock.Release;
  end;
  inherited;
end;

procedure THTTPSessionStorageMySQL.Save(HandlerData: THTTPHandlerData);
var
  DbRows: TDbRows;
  DbRows2: TDbRows;
begin
  try
    Lock.Acquire;
    DbRows := TDbRows.Create;
    DbRows2 := TDbRows.Create;
    Database.Query(DbRows, 'SELECT * FROM `HTTPSession` WHERE `Identification`="' +
      HandlerData.SessionId + '"');
    if DbRows.Count > 0 then
      Database.Query(DbRows2, 'UPDATE `HTTPSession` SET `Variables`="' + HandlerData.Session.Text
        + '", `Time` = NOW() WHERE `Identification`="' + HandlerData.SessionId + '"')
    else Database.Query(DbRows2, 'INSERT INTO `HTTPSession` (`Time`,  `Variables`, `Identification`) VALUES (' +
    'NOW(), "' + HandlerData.Session.Text + '", "' + HandlerData.SessionId + '")');
    HandlerData.Response.Cookies.Items[SessionIdCookieName] := HandlerData.SessionId;
  finally
    DbRows2.Free;
    DbRows.Free;
    Lock.Release;
  end;
  inherited;
end;

constructor THTTPSessionStorageMySQL.Create(AOwner: TComponent);
begin
  inherited;
  Lock := TCriticalSection.Create;
  Sessions := TStringList.Create;
  SessionIdCookieName := 'SessionId';
  Timeout := 3 * 3600;
end;

destructor THTTPSessionStorageMySQL.Destroy;
begin
  Sessions.Free;
  Lock.Free;
  inherited;
end;

end.