PHP Class Prado\Web\THttpSession

THttpSession provides session-level data management and the related configurations. To start the session, call {@link open}; to complete and send out session data, call {@link close}; to destroy the session, call {@link destroy}. If AutoStart is true, then the session will be started once the session module is loaded and initialized. To access data stored in session, use THttpSession like an associative array. For example,


  $session=new THttpSession;
  $session->open();
  $value1=$session['name1'];  // get session variable 'name1'
  $value2=$session['name2'];  // get session variable 'name2'
  foreach($session as $name=>$value) // traverse all session variables
  $session['name3']=$value3;  // set session variable 'name3'

The following configurations are available for session: {@link setAutoStart AutoStart}, {@link setCookieMode CookieMode}, {@link setSavePath SavePath}, {@link setUseCustomStorage UseCustomStorage}, {@link setGCProbability GCProbability}, {@link setTimeout Timeout}. See the corresponding setter and getter documentation for more information. Note, these properties must be set before the session is started. THttpSession can be inherited with customized session storage method. Override {@link _open}, {@link _close}, {@link _read}, {@link _write}, {@link _destroy} and {@link _gc} and set {@link setUseCustomStorage UseCustomStorage} to true. Then, the session data will be stored using the above methods. By default, THttpSession is registered with {@link TApplication} as the request module. It can be accessed via {@link TApplication::getSession()}. THttpSession may be configured in application configuration file as follows,

where {@link getSessionName SessionName}, {@link getSavePath SavePath}, {@link getCookieMode CookieMode}, {@link getUseCustomStorage UseCustomStorage}, {@link getAutoStart AutoStart}, {@link getGCProbability GCProbability}, {@link getUseTransparentSessionID UseTransparentSessionID} and {@link getTimeout TimeOut} are configurable properties of THttpSession. To avoid the possibility of identity theft through some variants of XSS attacks, THttpSessionshould always be configured to enforce HttpOnly setting on session cookie. The HttpOnly setting is disabled by default. To enable it, configure the THttpSession module as follows,

Since: 3.0

Author: Qiang Xue ([email protected])

Inheritance: extends Prado\TApplicationComponent, implements IteratorAggregate, implements ArrayAccess, implements Countable, implements Prado\IModule

Exibir arquivo Open project: pradosoft/prado Class Usage Examples

Public Methods

Method	Description
_close ( ) : boolean	Session close handler.
_destroy ( $id ) : boolean	Session destroy handler.
_gc ( $maxLifetime ) : boolean	Session GC (garbage collection) handler.
_open ( $savePath, $sessionName ) : boolean	Session open handler.
_read ( $id ) : string	Session read handler.
_write ( $id, $data ) : boolean	Session write handler.
add ( $key, $value )	Adds a session variable.
clear ( )	Removes all session variables
close ( )	Ends the current session and store session data.
contains ( $key ) : boolean
count ( ) : integer	Returns the number of items in the session.
destroy ( )	Destroys all data registered to a session.
getAutoStart ( ) : boolean
getCookie ( ) : THttpCookie
getCookieMode ( ) : THttpSessionCookieMode
getCount ( ) : integer
getGCProbability ( ) : integer
getID ( ) : string
getIsStarted ( ) : boolean
getIterator ( ) : TSessionIterator	Returns an iterator for traversing the session variables.
getKeys ( ) : array
getSavePath ( ) : string
getSessionID ( ) : string
getSessionName ( ) : string
getTimeout ( ) : integer
getUseCustomStorage ( ) : boolean
getUseTransparentSessionID ( ) : boolean
init ( $config )	Initializes the module.
itemAt ( $key ) : mixed	Returns the session variable value with the session variable name.
offsetExists ( $offset ) : boolean	This method is required by the interface \ArrayAccess.
offsetGet ( $offset ) : mixed	This method is required by the interface \ArrayAccess.
offsetSet ( $offset, $item )	This method is required by the interface \ArrayAccess.
offsetUnset ( $offset )	This method is required by the interface \ArrayAccess.
open ( )	Starts the session if it has not started yet.
regenerate ( boolean $deleteOld = false ) : string	Update the current session id with a newly generated one
remove ( $key ) : mixed	Removes a session variable.
setAutoStart ( $value )
setCookieMode ( $value )
setGCProbability ( $value )
setID ( $value )
setSavePath ( $value )
setSessionID ( $value )
setSessionName ( $value )
setTimeout ( $value )
setUseCustomStorage ( $value )
setUseTransparentSessionID ( $value )
toArray ( ) : array

Method Details

_close() public method

This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.

public _close ( ) : boolean
return	boolean	whether session is closed successfully

_destroy() public method

This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.

public _destroy ( $id ) : boolean
return	boolean	whether session is destroyed successfully

_gc() public method

This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.

public _gc ( $maxLifetime ) : boolean
return	boolean	whether session is GCed successfully

_open() public method

This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.

public _open ( $savePath, $sessionName ) : boolean
return	boolean	whether session is opened successfully

_read() public method

This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.

public _read ( $id ) : string
return	string	the session data

_write() public method

This method should be overridden if {@link setUseCustomStorage UseCustomStorage} is set true.

public _write ( $id, $data ) : boolean
return	boolean	whether session write is successful

add() public method

Note, if the specified name already exists, the old value will be removed first.

public add ( $key, $value )

clear() public method

Removes all session variables

public clear ( )

close() public method

Ends the current session and store session data.

public close ( )

contains() public method

public contains ( $key ) : boolean
return	boolean	whether there is the named session variable

count() public method

This method is required by \Countable interface.

public count ( ) : integer
return	integer	number of items in the session.

destroy() public method

Destroys all data registered to a session.

public destroy ( )

getAutoStart() public method

public getAutoStart ( ) : boolean
return	boolean	whether the session should be automatically started when the session module is initialized, defaults to false.

getCookie() public method

public getCookie ( ) : THttpCookie
return	THttpCookie	cookie that will be used to store session ID

getCookieMode() public method

public getCookieMode ( ) : THttpSessionCookieMode
return	THttpSessionCookieMode	how to use cookie to store session ID. Defaults to THttpSessionCookieMode::Allow.

getCount() public method

public getCount ( ) : integer
return	integer	the number of session variables

getGCProbability() public method

public getGCProbability ( ) : integer
return	integer	the probability (percentage) that the gc (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance.

getID() public method

public getID ( ) : string
return	string	id of this module

getIsStarted() public method

public getIsStarted ( ) : boolean
return	boolean	whether the session has started

getIterator() public method

This method is required by the interface \IteratorAggregate.

public getIterator ( ) : TSessionIterator
return	TSessionIterator	an iterator for traversing the session variables.

getKeys() public method

public getKeys ( ) : array
return	array	the list of session variable names

getSavePath() public method

public getSavePath ( ) : string
return	string	the current session save path, defaults to '/tmp'.

getSessionID() public method

public getSessionID ( ) : string
return	string	the current session ID

getSessionName() public method

public getSessionName ( ) : string
return	string	the current session name

getTimeout() public method

public getTimeout ( ) : integer
return	integer	the number of seconds after which data will be seen as 'garbage' and cleaned up, defaults to 1440 seconds.

getUseCustomStorage() public method

public getUseCustomStorage ( ) : boolean
return	boolean	whether to use user-specified handlers to store session data. Defaults to false.

getUseTransparentSessionID() public method

public getUseTransparentSessionID ( ) : boolean
return	boolean	whether transparent sid support is enabled or not, defaults to false.

init() public method

This method is required by IModule. If AutoStart is true, the session will be started.

public init ( $config )

itemAt() public method

This method is exactly the same as {@link offsetGet}.

public itemAt ( $key ) : mixed
return	mixed	the session variable value, null if no such variable exists

offsetExists() public method

This method is required by the interface \ArrayAccess.

public offsetExists ( $offset ) : boolean
return	boolean

offsetGet() public method

This method is required by the interface \ArrayAccess.

public offsetGet ( $offset ) : mixed
return	mixed	the element at the offset, null if no element is found at the offset

offsetSet() public method

This method is required by the interface \ArrayAccess.

public offsetSet ( $offset, $item )

offsetUnset() public method

This method is required by the interface \ArrayAccess.

public offsetUnset ( $offset )

open() public method

Starts the session if it has not started yet.

public open ( )

regenerate() public method

Update the current session id with a newly generated one

See link: http://php.net/manual/en/function.session-regenerate-id.php

public regenerate ( boolean $deleteOld = false ) : string
$deleteOld	boolean	Whether to delete the old associated session or not.
return	string	old session id

remove() public method

Removes a session variable.

public remove ( $key ) : mixed
return	mixed	the removed value, null if no such session variable.

setAutoStart() public method

public setAutoStart ( $value )

setCookieMode() public method

public setCookieMode ( $value )

setGCProbability() public method

public setGCProbability ( $value )

setID() public method

public setID ( $value )

setSavePath() public method

public setSavePath ( $value )

setSessionID() public method

public setSessionID ( $value )

setSessionName() public method

public setSessionName ( $value )

setTimeout() public method

public setTimeout ( $value )

setUseCustomStorage() public method

public setUseCustomStorage ( $value )

setUseTransparentSessionID() public method

public setUseTransparentSessionID ( $value )

toArray() public method

public toArray ( ) : array
return	array	the list of all session variables in array