PHP custom session handler not working?

PHP custom session handler not working?

I am in the process of building a database-driven website which needs to
include user authentication. If I use standard file-based session
management, all works as expected but if I try to use a custom session
handler (so that sessions are saved in the database), the only things that
seem to get stored are the ID and the timestamp.
Anything saved in a $_SESSION variable is nuked (although interestingly
this only occurs if I use header(Location: ...) to redirect to another
page upon successful login.
This is my session handler class file:
// include class files
require_once('database.php');
require_once('database-functions.php');
// set up session handler class
class Session {
private $session_login = null;
private $session_db = null;
public function __construct() {
// connect to database
$this -> session_login = new Database;
$this -> session_db = new SimplifiedDB;
$session_db_info = $this -> session_login -> getLogin();
$this -> session_db -> dbConnect(
$session_db_info['host'],
$session_db_info['user'],
$session_db_info['pass'],
$session_db_info['database']);
}
// open
public function open($save_path, $session_name) {
return true;
}
// close
public function close() {
return true;
}
// read
public function read($id) {
$get_data = $this -> session_db -> dbGetVariable('session',
'data', array('id' => $id));
if(empty($get_data)) {
return '';
} else {
return $get_data['data'];
}
}
// write
public function write($id, $data) {
$access = time();
$get_data = $this -> session_db -> dbGetVariable('session', 'id',
array('id' => $id));
if(empty($get_data)) {
// no ID, insert a record
$write_query = $this -> session_db -> dbInsert('session', array(
'id' => $id,
'data' => $data,
'access' => $access));
return true;
} else {
// ID exists, update it
$write_query = $this -> session_db -> dbUpdate('session', array(
'id' => $id,
'data' => $data,
'access' => $access));
return true;
}
return false;
}
// destroy (destroys a session)
public function destroy($sessionId) {
$destroy_query = $this -> session_db -> dbDelete('session',
array('id' => $sessionId));
return true;
}
// garbage collector (randomly deletes old sessions)
public function gc($lifetime) {
$the_time = time();
$sql = "DELETE FROM 'session' WHERE 'access' + $lifetime <
$this_time";
$gc_query = $this -> session_db -> dbExecuteQuery($sql);
return true;
}
}
I am using a SimplifiedDB class (database-functions.php) to connect to the
MySQL database using PDO, and the database.php file is another class which
contains my database credentials.
I've spent many hours on this problem and for the life of me cannot figure
out where I am going wrong. I have a header.php file which I include as
the first line of every PHP file, contents are as follows:
require_once('sessions.php');
$user_session = new Session();
session_set_save_handler(
array($user_session, 'open'),
array($user_session, 'close'),
array($user_session, 'read'),
array($user_session, 'write'),
array($user_session, 'destroy'),
array($user_session, 'gc'));
register_shutdown_function('session_write_close');
session_start();
I did originally have that stuff in the Session constructor in my session
handler class, but I put it in a separate class in the end (probably out
of desperation). My web host says that there are no server issues with
regards to session management, and I also have this problem on my
localhost webserver so it's definitely something wrong in the code.
I should also point out that I've done some other checks such as making
sure my header.php file is located on the first line of each PHP file, and
I use exit() after all redirects, as follows:
$_SESSION['test'] = 'testval';
header("Location: /index.php");
exit();
(using a full URL in the header line above makes no difference by the way,
I still have disappearing session variables).
Thanks for taking the time to read this, hopefully someone might be able
to point anything out that I have missed? :)