数据库处理session类

<?php 
    /*
    *    使用数据库处理session
    *    php.ini 中 session.save_handler 设为 "user"
    */
    class Dbsession{
        private static $ua;   //代理浏览器
        private static $ip;        //IP地址
        private static $lifetime;//session生存时间
        private static $time;     //当前时间
        private static $pdo;
        
        public static function start(PDO $pdo){
            self::$pdo = $pdo;
            self::$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
            
            if ( !empty( $_SERVER['HTTP_CLIENT_IP'] ) ) { //check ip from share internet
                self::$ip = $_SERVER['HTTP_CLIENT_IP'];
            } else if ( !empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
                self::$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
            } else {
                self::$ip = $_SERVER['REMOTE_ADDR'];
            }
            filter_var(self::$ip,FILTER_VALIDATE_IP) === FALSE && self::$ip = 'unknown';
            self::$lifetime = ini_get("session.gc_maxlifetime");
            self::$time = time();
            
            session_set_save_handler(
                array(__CLASS__,'open'),
                array(__CLASS__,'close'),
                array(__CLASS__,'read'),
                array(__CLASS__,'write'),
                array(__CLASS__,'destroy'),
                array(__CLASS__,'gc')
            );
            
            session_start();
        }
        
        private static function open($path,$name){
            return true;
        }
        
        public static function close(){
            return true;
        }
        
        private static function read($sid){
            $sql = "select * from session where sid=?";
            $st = self::$pdo->prepare($sql);
            $st->execute(array($sid));
            //没有数据
            if(!$result = $st->fetch(PDO::FETCH_ASSOC)){
                return '';
            }
            //用户更换了浏览器或者IP地址
            if($result['ua'] != self::$ua || $result['ip'] != self::$ip){
                self::destroy($sid);
                return '';
            }
            //时间过期
            if($result['updatetime']+self::$lifetime < self::$time){
                self::destroy($sid);
                return '';
            }
            
            return $result['data']; //返回session数据
            
        }
        
        public static function write($sid,$data){
            //先查有无session
            $sql = "select * from session where sid=?";
            $st = self::$pdo->prepare($sql);
            $st->execute(array($sid));
            if($result = $st->fetch(PDO::FETCH_ASSOC)){
                //数据发生改变或者30秒开外，则更新
                if($result['data'] != $data || $result['updatetime']+30 < self::$time){
                    $sql = "update session set data=? ,updatetime=? where sid=?";
                    $st = self::$pdo->prepare($sql);
                    $st->execute(array($data,self::$time,$sid));
                }
            }else{
                if(!empty($data)){
                    $sql = "insert into session values(?,?,?,?,?)";
                    $st = self::$pdo->prepare($sql);
                    $st->execute(array($sid,$data,self::$time,self::$ua,self::$ip));
                }                
            }
            return true;
        }
        
        public static function destroy($sid){
            $sql = "delete from session where sid=?";
            $st = self::$pdo->prepare($sql);
            $st->execute(array($sid));
            return true;
        }
        
        private static function gc($lifetime){
            $sql = "delete from session where updatetime<?";
            $st = self::$pdo->prepare($sql);
            $st->execute(array(self::$time-$lifetime));
            return true;
        }
    }