There's an article "PHP Web Auditing, Authorization and Monitoring with Oracle Database" at www.oracle.com/technetwork/articles/dsl/php-web-auditing-171451.html which is all about using oci_set_client_identifier()
(PHP 5 >= 5.3.2, PHP 7, PHP 8, PECL OCI8 >= 1.4.0)
oci_set_client_identifier — Sets the client identifier
Sets the client identifier used by various database components to identify lightweight application users who authenticate as the same database user.
The client identifier is registered with the database when the next 'round-trip' from PHP to the database occurs, typically when an SQL statement is executed.
The identifier can subsequently be queried, for example
with SELECT SYS_CONTEXT('USERENV','CLIENT_IDENTIFIER')
FROM DUAL
. Database administration views such
as V$SESSION
will also contain the value. It
can be used with DBMS_MONITOR.CLIENT_ID_TRACE_ENABLE
for tracing and can also be used for auditing.
The value may be retained across page requests that use the same persistent connection.
connection
An Oracle connection identifier, returned by oci_connect(), oci_pconnect(), or oci_new_connect().
client_id
User chosen string up to 64 bytes long.
Example #1 Setting the client identifier to the application user
<?php
// Find the application user's login name
session_start();
$un = my_validate_session($_SESSION['username']);
$c = oci_connect('myschema', 'welcome', 'localhost/XE');
// Tell Oracle who that user is
oci_set_client_identifier($c, $un);
// The next round-trip to the database will piggyback the identifier
$s = oci_parse($c, 'select mydata from mytable');
oci_execute($s);
// ...
?>
Some but not all OCI8 functions cause round-trips. Round-trips to the database may not occur with queries when result caching is enabled.
There's an article "PHP Web Auditing, Authorization and Monitoring with Oracle Database" at www.oracle.com/technetwork/articles/dsl/php-web-auditing-171451.html which is all about using oci_set_client_identifier()