Class Session
This class is a wrapper for the native PHP session functions. It provides several defaults for the most common session configuration via external handlers and helps with using session in cli without any warnings.
Sessions can be created from the defaults using Session::create()
or you can get an instance of a new session by just instantiating this class and passing the complete options you want to use.
When specific options are omitted, this class will take its defaults from the configuration values from the session.*
directives in php.ini. This class will also alter such directives when configuration values are provided.
Properties summary
-
$_engine
protectedThe Session handler instance used as an engine for persisting the session data.SessionHandlerInterface
-
$_isCLI
protectedWhether this session is running under a CLI environmentboolean
-
$_lifetime
protectedThe time in seconds the session will be valid forinteger
-
$_started
protectedIndicates whether the sessions has already startedboolean
Method Summary
- __construct() publicConstructor.
- Get one of the prebaked default session configurations.
- _hasSession() protectedReturns whether a session exists
- _overwrite() protectedUsed to write new data to _SESSION, since PHP doesn't like us setting the _SESSION var itself.
- _timedOut() protected
Returns true if the session is no longer valid because the last time it was accessed was after the configured timeout.
- check() publicReturns true if given variable name is set in session.
- clear() publicClears the session.
- close() publicWrite data and close the session
- consume() publicReads and deletes a variable from session.
-
Returns a new instance of a session after building a configuration bundle for it. This function allows an options array which will be used for configuring the session and the handler to be used. The most important key in the configuration array is
defaults
, which indicates the set of configurations to inherit from, the possible defaults are: - delete() publicRemoves a variable from session.
- destroy() publicHelper method to destroy invalid sessions.
- engine() public
Sets the session handler instance to use for this session. If a string is passed for the first argument, it will be treated as the class name and the second argument will be passed as the first argument in the constructor.
- id() public
Returns the session id. Calling this method will not auto start the session. You might have to manually assert a started session.
- options() public
Calls ini_set for each of the keys in
$options
and set them to the respective value in the passed array. - read() publicReturns given session variable, or all of them, if no parameters given.
- renew() publicRestarts this session.
- setEngine() protectedSet the engine property and update the session handler in PHP.
- start() publicStarts the Session.
- started() publicDetermine if Session has already been started.
- write() publicWrites value to given session variable name.
Method Detail
__construct()source public
__construct( array $config = [] )
Constructor.
Configuration:
- timeout: The time in minutes the session should be valid for.
- cookiePath: The url path for which session cookie is set. Maps to the
session.cookie_path
php.ini config. Defaults to base path of app. - ini: A list of php.ini directives to change before the session start.
- handler: An array containing at least the
class
key. To be used as the session engine for persisting data. The rest of the keys in the array will be passed as the configuration array for the engine. You can set theclass
key to an already instantiated session handler object.
Parameters
- array
$config
optional [] - The Configuration to apply to this session object
_defaultConfig()source protected static
_defaultConfig( string $name )
Get one of the prebaked default session configurations.
Parameters
- string
$name
- Config name.
Returns
boolean|array_overwrite()source protected
_overwrite( array $old , array $new )
Used to write new data to _SESSION, since PHP doesn't like us setting the _SESSION var itself.
Parameters
- array
$old
- Set of old variables => values
- array
$new
- New set of variable => value
_timedOut()source protected
_timedOut( )
Returns true if the session is no longer valid because the last time it was accessed was after the configured timeout.
Returns
booleancheck()source public
check( string|null $name = null )
Returns true if given variable name is set in session.
Parameters
- string|null
$name
optional null - Variable name to check for
Returns
booleanTrue if variable is there
clear()source public
clear( boolean $renew = false )
Clears the session.
Optionally it also clears the session id and renews the session.
Parameters
- boolean
$renew
optional false - If session should be renewed, as well. Defaults to false.
close()source public
close( )
Write data and close the session
Returns
booleanTrue if session was started
consume()source public
consume( string $name )
Reads and deletes a variable from session.
Parameters
- string
$name
- The key to read and remove (or a path as sent to Hash.extract).
Returns
mixedThe value of the session variable, null if session not available, session not started, or provided name not found in the session.
create()source public static
create( array $sessionConfig = [] )
Returns a new instance of a session after building a configuration bundle for it. This function allows an options array which will be used for configuring the session and the handler to be used. The most important key in the configuration array is defaults
, which indicates the set of configurations to inherit from, the possible defaults are:
- php: just use session as configured in php.ini
- cache: Use the CakePHP caching system as an storage for the session, you will need to pass the
config
key with the name of an already configured Cache engine. - database: Use the CakePHP ORM to persist and manage sessions. By default this requires a table in your database named
sessions
or amodel
key in the configuration to indicate which Table object to use. - cake: Use files for storing the sessions, but let CakePHP manage them and decide where to store them.
The full list of options follows:
- defaults: either 'php', 'database', 'cache' or 'cake' as explained above.
- handler: An array containing the handler configuration
- ini: A list of php.ini directives to set before the session starts.
- timeout: The time in minutes the session should stay active
Parameters
- array
$sessionConfig
optional [] - Session config.
Returns
Cake\Http\Session
See
\Cake\Http\Session::__construct()delete()source public
delete( string $name )
Removes a variable from session.
Parameters
- string
$name
- Session variable to remove
engine()source public
engine( string|SessionHandlerInterface|null $class = null , array $options = [] )
Sets the session handler instance to use for this session. If a string is passed for the first argument, it will be treated as the class name and the second argument will be passed as the first argument in the constructor.
If an instance of a SessionHandlerInterface is provided as the first argument, the handler will be set to it.
If no arguments are passed it will return the currently configured handler instance or null if none exists.
Parameters
- string|SessionHandlerInterface|null
$class
optional null - The session handler to use
- array
$options
optional [] - the options to pass to the SessionHandler constructor
Returns
SessionHandlerInterface|nullThrows
InvalidArgumentExceptionid()source public
id( string|null $id = null )
Returns the session id. Calling this method will not auto start the session. You might have to manually assert a started session.
Passing an id into it, you can also replace the session id if the session has not already been started. Note that depending on the session handler, not all characters are allowed within the session id. For example, the file session handler only allows characters in the range a-z A-Z 0-9 , (comma) and - (minus).
Parameters
- string|null
$id
optional null - Id to replace the current session id
Returns
stringSession id
options()source public
options( array $options )
Calls ini_set for each of the keys in $options
and set them to the respective value in the passed array.
Example:
$session->options(['session.use_cookies' => 1]);
Parameters
- array
$options
- Ini options to set.
Throws
RuntimeExceptionif any directive could not be set
read()source public
read( string|null $name = null )
Returns given session variable, or all of them, if no parameters given.
Parameters
- string|null
$name
optional null - The name of the session variable (or a path as sent to Hash.extract)
Returns
string|array|nullThe value of the session variable, null if session not available, session not started, or provided name not found in the session.
setEngine()source protected
setEngine( SessionHandlerInterface $handler )
Set the engine property and update the session handler in PHP.
Parameters
- SessionHandlerInterface
$handler
- The handler to set
Returns
SessionHandlerInterfacestart()source public
start( )
Starts the Session.
Returns
booleanTrue if session was started
Throws
RuntimeExceptionif the session was already started
started()source public
started( )
Determine if Session has already been started.
Returns
booleanTrue if session has been started.
write()source public
write( string|array $name , mixed $value = null )
Writes value to given session variable name.
Parameters
- string|array
$name
- Name of variable
- mixed
$value
optional null - Value to write
Properties detail
$_enginesource
protected SessionHandlerInterface
The Session handler instance used as an engine for persisting the session data.
© 2005–present The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
https://api.cakephp.org/3.7/class-Cake.Http.Session.html