PHP Class Prado\Web\THttpSession
THttpSession provides session-level data management and the related configurations.
To start the session, call {@link open}; to complete and send out session data, call {@link close};
to destroy the session, call {@link destroy}. If AutoStart is true, then the session
will be started once the session module is loaded and initialized.
To access data stored in session, use THttpSession like an associative array. For example,
$session=new THttpSession;
$session->open();
$value1=$session['name1']; // get session variable 'name1'
$value2=$session['name2']; // get session variable 'name2'
foreach($session as $name=>$value) // traverse all session variables
$session['name3']=$value3; // set session variable 'name3'
The following configurations are available for session:
{@link setAutoStart AutoStart}, {@link setCookieMode CookieMode},
{@link setSavePath SavePath},
{@link setUseCustomStorage UseCustomStorage}, {@link setGCProbability GCProbability},
{@link setTimeout Timeout}.
See the corresponding setter and getter documentation for more information.
Note, these properties must be set before the session is started.
THttpSession can be inherited with customized session storage method.
Override {@link _open}, {@link _close}, {@link _read}, {@link _write}, {@link _destroy} and {@link _gc}
and set {@link setUseCustomStorage UseCustomStorage} to true.
Then, the session data will be stored using the above methods.
By default, THttpSession is registered with {@link TApplication} as the
request module. It can be accessed via {@link TApplication::getSession()}.
THttpSession may be configured in application configuration file as follows,
where {@link getSessionName SessionName}, {@link getSavePath SavePath},
{@link getCookieMode CookieMode}, {@link getUseCustomStorage UseCustomStorage}, {@link getAutoStart AutoStart}, {@link getGCProbability GCProbability}, {@link getUseTransparentSessionID UseTransparentSessionID}
and {@link getTimeout TimeOut} are configurable properties of THttpSession.
To avoid the possibility of identity theft through some variants of XSS attacks,
THttpSessionshould always be configured to enforce HttpOnly setting on session cookie.
The HttpOnly setting is disabled by default. To enable it, configure the THttpSession
module as follows,
Afficher le fichier
Open project: pradosoft/prado
Class Usage Examples
Méthodes publiques
Method Details
This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.
_destroy()
public méthode
This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.
This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.
public _gc ( $maxLifetime ) : boolean |
Résultat |
boolean |
whether session is GCed successfully |
This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.
public _open ( $savePath, $sessionName ) : boolean |
Résultat |
boolean |
whether session is opened successfully |
This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.
This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.
Note, if the specified name already exists, the old value will be removed first.
public add ( $key, $value ) |
Removes all session variables
Ends the current session and store session data.
contains()
public méthode
This method is required by \Countable interface.
Destroys all data registered to a session.
getAutoStart()
public méthode
public getAutoStart ( ) : boolean |
Résultat |
boolean |
whether the session should be automatically started when the session module is initialized, defaults to false. |
getCookie()
public méthode
public getCookie ( ) : THttpCookie |
Résultat |
THttpCookie |
cookie that will be used to store session ID |
getCookieMode()
public méthode
public getCookieMode ( ) : THttpSessionCookieMode |
Résultat |
THttpSessionCookieMode |
how to use cookie to store session ID. Defaults to THttpSessionCookieMode::Allow. |
getCount()
public méthode
getGCProbability()
public méthode
public getGCProbability ( ) : integer |
Résultat |
integer |
the probability (percentage) that the gc (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance. |
getIsStarted()
public méthode
getIterator()
public méthode
This method is required by the interface \IteratorAggregate.
public getIterator ( ) : TSessionIterator |
Résultat |
TSessionIterator |
an iterator for traversing the session variables. |
getSavePath()
public méthode
getSessionID()
public méthode
getSessionName()
public méthode
getTimeout()
public méthode
public getTimeout ( ) : integer |
Résultat |
integer |
the number of seconds after which data will be seen as 'garbage' and cleaned up, defaults to 1440 seconds. |
getUseCustomStorage()
public méthode
getUseTransparentSessionID()
public méthode
This method is required by IModule.
If AutoStart is true, the session will be started.
This method is exactly the same as {@link offsetGet}.
public itemAt ( $key ) : mixed |
Résultat |
mixed |
the session variable value, null if no such variable exists |
offsetExists()
public méthode
This method is required by the interface \ArrayAccess.
offsetGet()
public méthode
This method is required by the interface \ArrayAccess.
public offsetGet ( $offset ) : mixed |
Résultat |
mixed |
the element at the offset, null if no element is found at the offset |
offsetSet()
public méthode
This method is required by the interface \ArrayAccess.
offsetUnset()
public méthode
This method is required by the interface \ArrayAccess.
Starts the session if it has not started yet.
regenerate()
public méthode
Update the current session id with a newly generated one
Removes a session variable.
public remove ( $key ) : mixed |
Résultat |
mixed |
the removed value, null if no such session variable. |
setAutoStart()
public méthode
setCookieMode()
public méthode
setGCProbability()
public méthode
setSavePath()
public méthode
setSessionID()
public méthode
setSessionName()
public méthode
setTimeout()
public méthode
setUseCustomStorage()
public méthode
setUseTransparentSessionID()
public méthode