Package | system.web |
---|---|
Inheritance | class CHttpSession » CApplicationComponent » CComponent |
Implements | IApplicationComponent, IteratorAggregate, Traversable, ArrayAccess, Countable |
Subclasses | CCacheHttpSession, CDbHttpSession |
Since | 1.0 |
Source Code | framework/web/CHttpSession.php |
$session=new CHttpSession; $session->open(); $value1=$session['name1']; // get session variable 'name1' $value2=$session['name2']; // get session variable 'name2' foreach($session as $name=>$value) // traverse all session variables $session['name3']=$value3; // set session variable 'name3'
Property | Type | Description | Defined By |
---|---|---|---|
autoStart | boolean | whether the session should be automatically started when the session application component is initialized, defaults to true. | CHttpSession |
behaviors | array | the behaviors that should be attached to this component. | CApplicationComponent |
cookieMode | string | how to use cookie to store session ID. | CHttpSession |
cookieParams | array | the session cookie parameters. | CHttpSession |
count | integer | Returns the number of items in the session. | CHttpSession |
gCProbability | float | the probability (percentage) that the gc (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance. | CHttpSession |
isInitialized | boolean | Checks if this application component has been initialized. | CApplicationComponent |
isStarted | boolean | whether the session has started | CHttpSession |
iterator | CHttpSessionIterator | Returns an iterator for traversing the session variables. | CHttpSession |
keys | array | the list of session variable names | CHttpSession |
savePath | string | the current session save path, defaults to {@link http://php. | CHttpSession |
sessionID | string | the current session ID | CHttpSession |
sessionName | string | the current session name | CHttpSession |
timeout | integer | the number of seconds after which data will be seen as 'garbage' and cleaned up, defaults to 1440 seconds. | CHttpSession |
useCustomStorage | boolean | Returns a value indicating whether to use custom session storage. | CHttpSession |
useTransparentSessionID | boolean | whether transparent sid support is enabled or not, defaults to false. | CHttpSession |
Method | Description | Defined By |
---|---|---|
__call() | Calls the named method which is not a class method. | CComponent |
__get() | Returns a property value, an event handler list or a behavior based on its name. | CComponent |
__isset() | Checks if a property value is null. | CComponent |
__set() | Sets value of a component property. | CComponent |
__unset() | Sets a component property to be null. | CComponent |
add() | Adds a session variable. | CHttpSession |
asa() | Returns the named behavior object. | CComponent |
attachBehavior() | Attaches a behavior to this component. | CComponent |
attachBehaviors() | Attaches a list of behaviors to the component. | CComponent |
attachEventHandler() | Attaches an event handler to an event. | CComponent |
canGetProperty() | Determines whether a property can be read. | CComponent |
canSetProperty() | Determines whether a property can be set. | CComponent |
clear() | Removes all session variables | CHttpSession |
close() | Ends the current session and store session data. | CHttpSession |
closeSession() | Session close handler. | CHttpSession |
contains() | CHttpSession | |
count() | Returns the number of items in the session. | CHttpSession |
destroy() | Frees all session variables and destroys all data registered to a session. | CHttpSession |
destroySession() | Session destroy handler. | CHttpSession |
detachBehavior() | Detaches a behavior from the component. | CComponent |
detachBehaviors() | Detaches all behaviors from the component. | CComponent |
detachEventHandler() | Detaches an existing event handler. | CComponent |
disableBehavior() | Disables an attached behavior. | CComponent |
disableBehaviors() | Disables all behaviors attached to this component. | CComponent |
enableBehavior() | Enables an attached behavior. | CComponent |
enableBehaviors() | Enables all behaviors attached to this component. | CComponent |
evaluateExpression() | Evaluates a PHP expression or callback under the context of this component. | CComponent |
gcSession() | Session GC (garbage collection) handler. | CHttpSession |
get() | Returns the session variable value with the session variable name. | CHttpSession |
getCookieMode() | Returns how to use cookie to store session ID. Defaults to 'Allow'. | CHttpSession |
getCookieParams() | Returns the session cookie parameters. | CHttpSession |
getCount() | Returns the number of items in the session. | CHttpSession |
getEventHandlers() | Returns the list of attached event handlers for an event. | CComponent |
getGCProbability() | Returns the probability (percentage) that the gc (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance. | CHttpSession |
getIsInitialized() | Checks if this application component has been initialized. | CApplicationComponent |
getIsStarted() | Checks whether the session has started | CHttpSession |
getIterator() | Returns an iterator for traversing the session variables. | CHttpSession |
getKeys() | Returns the list of session variable names | CHttpSession |
getSavePath() | Returns the current session save path, defaults to http://php.net/session.save_path. | CHttpSession |
getSessionID() | Returns the current session ID | CHttpSession |
getSessionName() | Returns the current session name | CHttpSession |
getTimeout() | Returns the number of seconds after which data will be seen as 'garbage' and cleaned up, defaults to 1440 seconds. | CHttpSession |
getUseCustomStorage() | Returns a value indicating whether to use custom session storage. | CHttpSession |
getUseTransparentSessionID() | Returns whether transparent sid support is enabled or not, defaults to false. | CHttpSession |
hasEvent() | Determines whether an event is defined. | CComponent |
hasEventHandler() | Checks whether the named event has attached handlers. | CComponent |
hasProperty() | Determines whether a property is defined. | CComponent |
init() | Initializes the application component. | CHttpSession |
itemAt() | Returns the session variable value with the session variable name. | CHttpSession |
offsetExists() | This method is required by the interface ArrayAccess. | CHttpSession |
offsetGet() | This method is required by the interface ArrayAccess. | CHttpSession |
offsetSet() | This method is required by the interface ArrayAccess. | CHttpSession |
offsetUnset() | This method is required by the interface ArrayAccess. | CHttpSession |
open() | Starts the session if it has not started yet. | CHttpSession |
openSession() | Session open handler. | CHttpSession |
raiseEvent() | Raises an event. | CComponent |
readSession() | Session read handler. | CHttpSession |
regenerateID() | Updates the current session id with a newly generated one . | CHttpSession |
remove() | Removes a session variable. | CHttpSession |
setCacheLimiter() | Set cache limiter | CHttpSession |
setCookieMode() | Sets how to use cookie to store session ID. Valid values include 'none', 'allow' and 'only'. | CHttpSession |
setCookieParams() | Sets the session cookie parameters. | CHttpSession |
setGCProbability() | Sets the probability (percentage) that the gc (garbage collection) process is started on every session initialization. | CHttpSession |
setSavePath() | Sets the current session save path | CHttpSession |
setSessionID() | Sets the session ID for the current session | CHttpSession |
setSessionName() | Sets the session name for the current session, must be an alphanumeric string, defaults to PHPSESSID | CHttpSession |
setTimeout() | Sets the number of seconds after which data will be seen as 'garbage' and cleaned up | CHttpSession |
setUseTransparentSessionID() | Sets whether transparent sid support is enabled or not. | CHttpSession |
toArray() | CHttpSession | |
writeSession() | Session write handler. | CHttpSession |
Method | Description | Defined By |
---|---|---|
freeze() | If session is started we cannot edit session ini settings. | CHttpSession |
unfreeze() | Start session and restore data from temporary variable | CHttpSession |
whether the session should be automatically started when the session application component is initialized, defaults to true.
how to use cookie to store session ID. Defaults to 'Allow'.
the session cookie parameters.
Returns the number of items in the session.
the probability (percentage) that the gc (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance.
whether the session has started
Returns an iterator for traversing the session variables. This method is required by the interface IteratorAggregate.
the list of session variable names
the current session save path, defaults to http://php.net/session.save_path.
the current session ID
the current session name
the number of seconds after which data will be seen as 'garbage' and cleaned up, defaults to 1440 seconds.
Returns a value indicating whether to use custom session storage. This method should be overridden to return true if custom session storage handler should be used. If returning true, make sure the methods openSession, closeSession, readSession, writeSession, destroySession, and gcSession are overridden in child class, because they will be used as the callback handlers. The default implementation always return false.
whether transparent sid support is enabled or not, defaults to false.
public void add(mixed $key, mixed $value)
| ||
$key | mixed | session variable name |
$value | mixed | session variable value |
public function add($key,$value)
{
$_SESSION[$key]=$value;
}
Adds a session variable. Note, if the specified name already exists, the old value will be removed first.
public void clear()
|
public function clear()
{
foreach(array_keys($_SESSION) as $key)
unset($_SESSION[$key]);
}
Removes all session variables
public void close()
|
public function close()
{
if(session_id()!=='')
@session_write_close();
}
Ends the current session and store session data.
public boolean closeSession()
| ||
{return} | boolean | whether session is closed successfully |
public function closeSession()
{
return true;
}
Session close handler. This method should be overridden if useCustomStorage is set true. Do not call this method directly.
public boolean contains(mixed $key)
| ||
$key | mixed | session variable name |
{return} | boolean | whether there is the named session variable |
public function contains($key)
{
return isset($_SESSION[$key]);
}
public integer count()
| ||
{return} | integer | number of items in the session. |
public function count()
{
return $this->getCount();
}
Returns the number of items in the session. This method is required by Countable interface.
public void destroy()
|
public function destroy()
{
if(session_id()!=='')
{
@session_unset();
@session_destroy();
}
}
Frees all session variables and destroys all data registered to a session.
public boolean destroySession(string $id)
| ||
$id | string | session ID |
{return} | boolean | whether session is destroyed successfully |
public function destroySession($id)
{
return true;
}
Session destroy handler. This method should be overridden if useCustomStorage is set true. Do not call this method directly.
protected void freeze()
|
protected function freeze()
{
if (isset($_SESSION) && $this->getIsStarted())
{
$this->_frozenData = $_SESSION;
$this->close();
}
}
If session is started we cannot edit session ini settings. This function save session data to temporary variable and stop session.
public boolean gcSession(integer $maxLifetime)
| ||
$maxLifetime | integer | the number of seconds after which data will be seen as 'garbage' and cleaned up. |
{return} | boolean | whether session is GCed successfully |
public function gcSession($maxLifetime)
{
return true;
}
Session GC (garbage collection) handler. This method should be overridden if useCustomStorage is set true. Do not call this method directly.
public mixed get(mixed $key, mixed $defaultValue=NULL)
| ||
$key | mixed | the session variable name |
$defaultValue | mixed | the default value to be returned when the session variable does not exist. |
{return} | mixed | the session variable value, or $defaultValue if the session variable does not exist. |
public function get($key,$defaultValue=null)
{
return isset($_SESSION[$key]) ? $_SESSION[$key] : $defaultValue;
}
Returns the session variable value with the session variable name. This method is very similar to itemAt and offsetGet, except that it will return $defaultValue if the session variable does not exist.
public string getCookieMode()
| ||
{return} | string | how to use cookie to store session ID. Defaults to 'Allow'. |
public function getCookieMode()
{
if(ini_get('session.use_cookies')==='0')
return 'none';
elseif(ini_get('session.use_only_cookies')==='0')
return 'allow';
else
return 'only';
}
public array getCookieParams()
| ||
{return} | array | the session cookie parameters. |
public function getCookieParams()
{
return session_get_cookie_params();
}
public integer getCount()
| ||
{return} | integer | the number of session variables |
public function getCount()
{
return count($_SESSION);
}
Returns the number of items in the session.
public float getGCProbability()
| ||
{return} | float | the probability (percentage) that the gc (garbage collection) process is started on every session initialization, defaults to 1 meaning 1% chance. |
public function getGCProbability()
{
return (float)(ini_get('session.gc_probability')/ini_get('session.gc_divisor')*100);
}
public boolean getIsStarted()
| ||
{return} | boolean | whether the session has started |
public function getIsStarted()
{
if(function_exists('session_status'))
return session_status()===PHP_SESSION_ACTIVE;
return session_id()!=='';
}
public CHttpSessionIterator getIterator()
| ||
{return} | CHttpSessionIterator | an iterator for traversing the session variables. |
public function getIterator()
{
return new CHttpSessionIterator;
}
Returns an iterator for traversing the session variables. This method is required by the interface IteratorAggregate.
public array getKeys()
| ||
{return} | array | the list of session variable names |
public function getKeys()
{
return array_keys($_SESSION);
}
public string getSavePath()
| ||
{return} | string | the current session save path, defaults to http://php.net/session.save_path. |
public function getSavePath()
{
return session_save_path();
}
public string getSessionID()
| ||
{return} | string | the current session ID |
public function getSessionID()
{
return session_id();
}
public string getSessionName()
| ||
{return} | string | the current session name |
public function getSessionName()
{
return session_name();
}
public integer getTimeout()
| ||
{return} | integer | the number of seconds after which data will be seen as 'garbage' and cleaned up, defaults to 1440 seconds. |
public function getTimeout()
{
return (int)ini_get('session.gc_maxlifetime');
}
public boolean getUseCustomStorage()
| ||
{return} | boolean | whether to use custom storage. |
public function getUseCustomStorage()
{
return false;
}
Returns a value indicating whether to use custom session storage. This method should be overridden to return true if custom session storage handler should be used. If returning true, make sure the methods openSession, closeSession, readSession, writeSession, destroySession, and gcSession are overridden in child class, because they will be used as the callback handlers. The default implementation always return false.
public boolean getUseTransparentSessionID()
| ||
{return} | boolean | whether transparent sid support is enabled or not, defaults to false. |
public function getUseTransparentSessionID()
{
return ini_get('session.use_trans_sid')==1;
}
public void init()
|
public function init()
{
parent::init();
if($this->autoStart)
$this->open();
register_shutdown_function(array($this,'close'));
}
Initializes the application component. This method is required by IApplicationComponent and is invoked by application.
public mixed itemAt(mixed $key)
| ||
$key | mixed | the session variable name |
{return} | mixed | the session variable value, null if no such variable exists |
public function itemAt($key)
{
return isset($_SESSION[$key]) ? $_SESSION[$key] : null;
}
Returns the session variable value with the session variable name. This method is exactly the same as offsetGet.
public boolean offsetExists(mixed $offset)
| ||
$offset | mixed | the offset to check on |
{return} | boolean |
public function offsetExists($offset)
{
return isset($_SESSION[$offset]);
}
This method is required by the interface ArrayAccess.
public mixed offsetGet(integer $offset)
| ||
$offset | integer | the offset to retrieve element. |
{return} | mixed | the element at the offset, null if no element is found at the offset |
public function offsetGet($offset)
{
return isset($_SESSION[$offset]) ? $_SESSION[$offset] : null;
}
This method is required by the interface ArrayAccess.
public void offsetSet(integer $offset, mixed $item)
| ||
$offset | integer | the offset to set element |
$item | mixed | the element value |
public function offsetSet($offset,$item)
{
$_SESSION[$offset]=$item;
}
This method is required by the interface ArrayAccess.
public void offsetUnset(mixed $offset)
| ||
$offset | mixed | the offset to unset element |
public function offsetUnset($offset)
{
unset($_SESSION[$offset]);
}
This method is required by the interface ArrayAccess.
public void open()
|
public function open()
{
if($this->getUseCustomStorage())
@session_set_save_handler(array($this,'openSession'),array($this,'closeSession'),array($this,'readSession'),array($this,'writeSession'),array($this,'destroySession'),array($this,'gcSession'));
@session_start();
if(YII_DEBUG && session_id()=='')
{
$message=Yii::t('yii','Failed to start session.');
if(function_exists('error_get_last'))
{
$error=error_get_last();
if(isset($error['message']))
$message=$error['message'];
}
Yii::log($message, CLogger::LEVEL_WARNING, 'system.web.CHttpSession');
}
}
Starts the session if it has not started yet.
public boolean openSession(string $savePath, string $sessionName)
| ||
$savePath | string | session save path |
$sessionName | string | session name |
{return} | boolean | whether session is opened successfully |
public function openSession($savePath,$sessionName)
{
return true;
}
Session open handler. This method should be overridden if useCustomStorage is set true. Do not call this method directly.
public string readSession(string $id)
| ||
$id | string | session ID |
{return} | string | the session data |
public function readSession($id)
{
return '';
}
Session read handler. This method should be overridden if useCustomStorage is set true. Do not call this method directly.
public void regenerateID(boolean $deleteOldSession=false)
| ||
$deleteOldSession | boolean | Whether to delete the old associated session file or not. |
public function regenerateID($deleteOldSession=false)
{
if($this->getIsStarted())
session_regenerate_id($deleteOldSession);
}
Updates the current session id with a newly generated one . Please refer to http://php.net/session_regenerate_id for more details.
public mixed remove(mixed $key)
| ||
$key | mixed | the name of the session variable to be removed |
{return} | mixed | the removed value, null if no such session variable. |
public function remove($key)
{
if(isset($_SESSION[$key]))
{
$value=$_SESSION[$key];
unset($_SESSION[$key]);
return $value;
}
else
return null;
}
Removes a session variable.
public void setCacheLimiter(string $cacheLimiter)
| ||
$cacheLimiter | string |
public function setCacheLimiter($cacheLimiter)
{
$this->freeze();
session_cache_limiter($cacheLimiter);
$this->unfreeze();
}
Set cache limiter
public void setCookieMode(string $value)
| ||
$value | string | how to use cookie to store session ID. Valid values include 'none', 'allow' and 'only'. |
public function setCookieMode($value)
{
if($value==='none')
{
$this->freeze();
ini_set('session.use_cookies','0');
ini_set('session.use_only_cookies','0');
$this->unfreeze();
}
elseif($value==='allow')
{
$this->freeze();
ini_set('session.use_cookies','1');
ini_set('session.use_only_cookies','0');
$this->unfreeze();
}
elseif($value==='only')
{
$this->freeze();
ini_set('session.use_cookies','1');
ini_set('session.use_only_cookies','1');
$this->unfreeze();
}
else
throw new CException(Yii::t('yii','CHttpSession.cookieMode can only be "none", "allow" or "only".'));
}
public void setCookieParams(array $value)
| ||
$value | array | cookie parameters, valid keys include: lifetime, path, domain, secure, httponly, samesite. Note that httponly and samesite is all lowercase. |
public function setCookieParams($value)
{
$data=session_get_cookie_params();
extract($data);
extract($value);
$this->freeze();
if(isset($httponly) && isset($samesite))
{
if(version_compare(PHP_VERSION,'7.3.0','>='))
session_set_cookie_params(array('lifetime'=>$lifetime,'path'=>$path,'domain'=>$domain,'secure'=>$secure,'httponly'=>$httponly,'samesite'=>$samesite));
else
{
// Work around for setting sameSite cookie prior PHP 7.3
// https://stackoverflow.com/questions/39750906/php-setcookie-samesite-strict/46971326#46971326
$path .= '; samesite=' . $samesite;
session_set_cookie_params($lifetime,$path,$domain,$secure,$httponly);
}
}
else if(isset($httponly))
session_set_cookie_params($lifetime,$path,$domain,$secure,$httponly);
else
session_set_cookie_params($lifetime,$path,$domain,$secure);
$this->unfreeze();
}
Sets the session cookie parameters. The effect of this method only lasts for the duration of the script. Call this method before the session starts.
public void setGCProbability(float $value)
| ||
$value | float | the probability (percentage) that the gc (garbage collection) process is started on every session initialization. |
public function setGCProbability($value)
{
if($value>=0 && $value<=100)
{
$this->freeze();
// percent * 21474837 / 2147483647 ≈ percent * 0.01
ini_set('session.gc_probability',floor($value*21474836.47));
ini_set('session.gc_divisor',2147483647);
$this->unfreeze();
}
else
throw new CException(Yii::t('yii','CHttpSession.gcProbability "{value}" is invalid. It must be a float between 0 and 100.',
array('{value}'=>$value)));
}
public void setSavePath(string $value)
| ||
$value | string | the current session save path |
public function setSavePath($value)
{
if(is_dir($value))
session_save_path($value);
else
throw new CException(Yii::t('yii','CHttpSession.savePath "{path}" is not a valid directory.',
array('{path}'=>$value)));
}
public void setSessionID(string $value)
| ||
$value | string | the session ID for the current session |
public function setSessionID($value)
{
session_id($value);
}
public void setSessionName(string $value)
| ||
$value | string | the session name for the current session, must be an alphanumeric string, defaults to PHPSESSID |
public function setSessionName($value)
{
session_name($value);
}
public void setTimeout(integer $value)
| ||
$value | integer | the number of seconds after which data will be seen as 'garbage' and cleaned up |
public function setTimeout($value)
{
$this->freeze();
ini_set('session.gc_maxlifetime',$value);
$this->unfreeze();
}
public void setUseTransparentSessionID(boolean $value)
| ||
$value | boolean | whether transparent sid support is enabled or not. |
public function setUseTransparentSessionID($value)
{
$this->freeze();
ini_set('session.use_trans_sid',$value?'1':'0');
$this->unfreeze();
}
public array toArray()
| ||
{return} | array | the list of all session variables in array |
public function toArray()
{
return $_SESSION;
}
protected void unfreeze()
|
protected function unfreeze()
{
if ($this->_frozenData !== null)
{
@session_start();
$_SESSION = $this->_frozenData;
$this->_frozenData = null;
}
}
Start session and restore data from temporary variable
public boolean writeSession(string $id, string $data)
| ||
$id | string | session ID |
$data | string | session data |
{return} | boolean | whether session write is successful |
public function writeSession($id,$data)
{
return true;
}
Session write handler. This method should be overridden if useCustomStorage is set true. Do not call this method directly.
Signup or Login in order to comment.