1

I am stuck in a frustrating rut here. I have an authentication system (built from scratch) that makes use of a singleton object.

The singleton object basically manages the security of sessions and has functions that safeguard against session hijacking and other malicious activities.

These functions depend on member data.

Now the issue is that PHP seems to discard these singleton objects every time the user refreshes or moves to a new page.

Here is a prototype of the sessions class:

class session extends login{
    public   $sessionid;
    private  $fingerprint;
    public  static $temp=0;
    public  static $s_instance = NULL;

    public static function s_getinstance(){

        if (!isset(session::$s_instance) || !isset(session::$sessionid)) {
           $c = __CLASS__;
           if(isset(session::$s_instance)) {
               session::$s_instance = 0;
           }

           session::$s_instance = new $c;
           self::regenerate_id_name();                    
           self::$temp +=1;                
        }

        return session::$s_instance;
    }
}

The last function checks the data member ($s_insntance), if it is NULL it creates an object and throws it back along with managing the activities related to creating a new session.

If the data member is not null, it returns the existing object.

Or in theory, that is what it is supposed to do. However, every time I visit a new page and call upon the s_getinstance function, it tries creating a brand new object for some reason and the old data is lost. Please help me out here.

Improve this question
4
  • What about some proper indentation to make your code readable? Commented Jun 23, 2011 at 12:42
  • (related) Who needs Singletons and The Clean Code Talks Commented Jun 23, 2011 at 12:46
  • 1
    public static $s_instance = NULL; ..your instance can be changed from anywhere! Commented Jun 23, 2011 at 12:46
  • "Now the issue is that PHP seems to discard these singleton objects every time the user refreshes or moves to a new page." Of course it does! You need to save it if you want it to persist. Commented Jun 23, 2011 at 12:48

1 Answer 1

Reset to default
6

What we don't see here is at any point you save the contents of your session object into the $_SESSION. Without doing so, it cannot persist across a page load.

You need a method to save the session instance into the PHP $_SESSION and then your s_getinstance() needs to check if already exists in $_SESSION and retrieve it from there, or retrieve it from memory, or create it from scratch if it doesn't exist anywhere.

Start reading here... (Docs on PHP session handling)

// assuming you've already called session_start()...
public function storeinstance()
{
  $_SESSION['session'] = self::s_getinstance();
}

public static function s_getinstance(){

    if (!isset(session::$s_instance) || !isset(session::$sessionid)) {
       $c = __CLASS__;

       // Check if it's already sitting in $_SESSION
       // Load it from $_SESSION if it's there, and then unset the $_SESSION var
       if (!isset(session::$s_instance) && isset($_SESSION['session'])) {
           session::$s_instance = $_SESSION['session'];
           unset($_SESSION['session']);
       }
       else if(isset(session::$s_instance)) {
           session::$s_instance = 0;
       }

       session::$s_instance = new $c;
       self::regenerate_id_name();                    
       self::$temp +=1;                
    }

    return session::$s_instance;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

In other words, every time the user loads a new page or reloads the current one, it could be compared (in C/C++, Java, ...) to running a new main. Everything is lost. Storing things in a $_SESSION prevents that!
Alright, I will try storing the object in a session. This is weird though, I rebooted the pc and suddenly everything's working. There is some undefined funny business going on in the background. I will do as you guys say though. Thanks again.
Also, I made it public to make debugging easier. Don't worry, I won't go live with this code.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.