Accessible Instance methods
Registers a global variable name as a session variable. The name may identify a scalar variable, an array or an object. If an object is to be made persistent, it must have two instance variables:
A string with the name of the objects class.
An array with the names of all object slots to save.
Unregisters a global variable name as a session variable. The variable is not deleted, but its value will be lost at the end of a page. It is no longer saved to the database.
Destroy the current session and put_id() the current session id.
After delete() has been executed, all session data has been removed from the database.
Also, the session object is unusable on this page. Consequently, page_close() may not be called for this session.
Session variables are still available on this page, even after the delete(), but will be lost on the following pages.
In cookie mode, it is possible to page_open() a new session after delete() has been called, if no HTML has been output so far so that the new cookie can be set. If you do this, you can also re-register some of the previous session variables and can call page_close() for the new session. This allows you to change the session on the fly and selectively carry over session data from the previous session.
Return an URL referencing the current session. If in get mode, the current session id is attached to this URL, else the URL is returned unmodified.
A shorthand for print $this->url($url);
Return an URL referencing the current page, including PHP_SELF and QUERY_STRING information. If in get mode, the session id is included.
A shorthand for print $this->self_url($url);
Prints a hidden form element containing the session name and id.
This function will print the form element unconditionally, which
is useful to propagate a session id from one web server to
another, if both share the same stable storage for session data.
This is useful to share a session id between a HTTPS and HTTP
server or between several servers in different domains.
Returns a hidden element containing the session name and id.
This function will return the form element unconditionally,
which is useful to propagate a session id from one web server to
another, if both share the same stable storage for session data.
This is useful to share a session id between a HTTPS and HTTP
server or between several servers in different domains.
Adds a hidden form element containing the session name and id,
if currently in get-mode. Else the function prints nothing.
This function can be used to generate a form element which will
propagate the session id in a POST form.
Return string to be appended to the current URL for parameters in GET query format. Intended usage is like this:
<a href="<<?
$sess->pself_url().$sess->padd_query(array("again"=>"yes"))
?>"> Reload</a> and log in?
A shorthand for print $this-> add_query($qarray).
When a FORM variable is made persistent, that form variable is
imported into PHP, then page_open() is being called and
the new variable value is overwritten from the database. The
FORM value is lost.
If you had enabled track_vars and were accessing
HTTP_GET_VARS directly, which is recommended,
this were not a problem. Some legacy scripts rely on persistent
FORM input variables, though.
These scripts may call the appropriate
reimport_x_vars() functions. These
functions will re-read the tracked variable arrays and
reinitialize the appropriate global variables after session
variables have been restored.
Use of this function is discouraged.
You shall not call this function directly. It is called back by the
start() function of Session() during initializiation.
It is documented so that you can override its implementation in
your subclass of Session if you know what you are doing.
This function creates and starts the container class used by
this instance of session.
You shall not call this function directly. It is called back by the
start() function of Session() during initializiation.
It is documented so that you can override its implementation in
your subclass of Session if you know what you are doing.
This function determines and sets the internal session name.
You shall not call this function directly. It is called back by the
start() function of Session() during initializiation.
It is documented so that you can override its implementation in
your subclass of Session if you know what you are doing.
This function determines the current method of session
propagation and determines if a new session token has to be
generated.
You shall not call this function directly. It is called back by the
start() function of Session() during initializiation.
It is documented so that you can override its implementation in
your subclass of Session if you know what you are doing.
This function determines which header lines are to be generated
by the session, including cache control headers.
Internal instance methods
get_id() is used internally to determine a session
identifier. Currently, a session identifier is a hex number
of 32 characters (128 bits) and it is generated by
md5(uniqid($this->magic)) to make it hard to guess.
get_id() may be called with an optional session id to use as
a parameter. This is useful if you want to change a session
id without breaking the session (taking over an old, left
over session).
get_id() can be overwritten by a subclass, if you want a
different system to create session ids. For example, some
applications want to use a constant session id that is not
propagated to the client to use a shared pool of persistent
variables (a guestbook for example). These applications need
locking (to be implemented soon).
put_id() is used internally to "unuse" a session it. At the
moment it deletes the client side cookie and deletes
$HTTP_COOKIE_VAR[$this->name] for that cookie. The variable
${$this->name} is not deleted.
serialize($prefix, &$str)
serialize() is used internally to append to str all PHP
code needed to reconstruct the variable named in prefix.
freeze() serializes all register()ed variables and writes
the resulting code into the database, tagged with the
current session id and the current session name.
thaw() loads a set of freeze()ed variables for the current
session id and session name out of the database and
recreates them.
The active_sessions table contains one row for
each session. That row is uniquely identified by the sid
and name values (name is the name of the session
class that has written the row). Each time that row is written,
the column changed is updated with the current time.
The gc() function deletes all rows that are older than
gc_time minutes and have a matching name
field. For speed reasons, gc() is not not called every time
an update to active_sessions is being made.
Instead it is called randomly with a probability of
gc_probability.
reimport_any_vars($arrayname)
Used to implement the three official reimport functions.
Initialization function, to be called after object
instantiation. Calls get_id() to get the current session id,
creates a database connection, then calls thaw() to load all
session variables. Randomly activates gc(). Checks allowcache
to send proper headers to control browser caching.
Copyright © 2001 The PHPlib Group
PHPlib Manual
Session
Session Instance methods
Session Examples
Session
