class NativeSessionStorage implements SessionStorageInterface

This provides a base class for session attribute storage.

Methods

__construct(array $options = array(), SessionHandlerInterface|null $handler = null, MetadataBag $metaBag = null)

Depending on how you want the storage driver to behave you probably want to override this constructor entirely.

getSaveHandler()

Gets the save handler instance.

bool
start()

Starts the session.

string
getId()

Returns the session ID.

setId(string $id)

Sets the session ID.

mixed
getName()

Returns the session name.

setName(string $name)

Sets the session name.

bool
regenerate(bool $destroy = false, int $lifetime = null)

Regenerates id that represents this storage.

save()

Force the session to be saved and closed.

clear()

Clear all session data in memory.

registerBag(SessionBagInterface $bag)

Registers a SessionBagInterface for use.

getBag(string $name)

Gets a SessionBagInterface by name.

setMetadataBag(MetadataBag $metaBag = null)

Sets the MetadataBag.

getMetadataBag()

Gets the MetadataBag.

bool
isStarted()

Checks if the session is started.

setOptions(array $options)

Sets session.* ini variables.

setSaveHandler(SessionHandlerInterface|null $saveHandler = null)

Registers session save handler as a PHP session handler.

Details

at line line 95
__construct(array $options = array(), SessionHandlerInterface|null $handler = null, MetadataBag $metaBag = null)

Depending on how you want the storage driver to behave you probably want to override this constructor entirely.

List of options for $options array with their defaults.

Parameters

array $options Session configuration options
SessionHandlerInterface|null $handler
MetadataBag $metaBag MetadataBag

See also

http://php.net/session.configuration for options but we omit 'session.' from the beginning of the keys for convenience. ("auto_start", is not supported as it tells PHP to start a session before PHP starts to execute user-land code. Setting during runtime has no effect). cache_limiter, "" (use "0" to prevent headers from being sent entirely). cookie_domain, "" cookie_httponly, "" cookie_lifetime, "0" cookie_path, "/" cookie_secure, "" gc_divisor, "100" gc_maxlifetime, "1440" gc_probability, "1" hash_bits_per_character, "4" name, "PHPSESSID" referer_check, "" serialize_handler, "php" use_strict_mode, "0" use_cookies, "1" use_only_cookies, "1" use_trans_sid, "0" upload_progress.enabled, "1" upload_progress.cleanup, "1" upload_progress.prefix, "upload_progress_" upload_progress.name, "PHP_SESSION_UPLOAD_PROGRESS" upload_progress.freq, "1%" upload_progress.min-freq, "1" url_rewriter.tags, "a=href,area=href,frame=src,form=,fieldset=" sid_length, "32" sid_bits_per_character, "5" trans_sid_hosts, $_SERVER['HTTP_HOST'] trans_sid_tags, "a=href,area=href,frame=src,form="

at line line 112
AbstractProxy|SessionHandlerInterface getSaveHandler()

Gets the save handler instance.

at line line 120
bool start()

Starts the session.

Return Value

bool True if started

Exceptions

RuntimeException if something goes wrong starting the session

at line line 147
string getId()

Returns the session ID.

Return Value

string The session ID or empty

at line line 155
setId(string $id)

Sets the session ID.

Parameters

string $id

at line line 163
mixed getName()

Returns the session name.

Return Value

mixed The session name

at line line 171
setName(string $name)

Sets the session name.

Parameters

string $name

at line line 179
bool regenerate(bool $destroy = false, int $lifetime = null)

Regenerates id that represents this storage.

This method must invoke sessionregenerateid($destroy) unless this interface is used for a storage object designed for unit or functional testing where a real PHP session would interfere with testing.

Note regenerate+destroy should not clear the session data in memory only delete the session data from persistent storage.

Care: When regenerating the session ID no locking is involved in PHP's session design. See https://bugs.php.net/bug.php?id=61470 for a discussion. So you must make sure the regenerated session is saved BEFORE sending the headers with the new ID. Symfony's HttpKernel offers a listener for this. See Symfony\Component\HttpKernel\EventListener\SaveSessionListener. Otherwise session data could get lost again for concurrent requests with the new ID. One result could be that you get logged out after just logging in.

Parameters

bool $destroy Destroy session when regenerating?
int $lifetime Sets the cookie lifetime for the session cookie. A null value will leave the system settings unchanged, 0 sets the cookie to expire with browser session. Time is in seconds, and is not a Unix timestamp.

Return Value

bool True if session regenerated, false if error

Exceptions

RuntimeException If an error occurs while regenerating this storage

at line line 206
save()

Force the session to be saved and closed.

This method must invoke sessionwriteclose() unless this interface is used for a storage object design for unit or functional testing where a real PHP session would interfere with testing, in which case it should actually persist the session data if required.

Exceptions

RuntimeException if the session is saved without being started, or if the session is already closed

at line line 235
clear()

Clear all session data in memory.

at line line 252
registerBag(SessionBagInterface $bag)

Registers a SessionBagInterface for use.

Parameters

SessionBagInterface $bag

at line line 264
SessionBagInterface getBag(string $name)

Gets a SessionBagInterface by name.

Parameters

string $name

Return Value

SessionBagInterface

Exceptions

InvalidArgumentException If the bag does not exist

at line line 284
setMetadataBag(MetadataBag $metaBag = null)

Sets the MetadataBag.

Parameters

MetadataBag $metaBag

at line line 298
MetadataBag getMetadataBag()

Gets the MetadataBag.

Return Value

MetadataBag

at line line 306
bool isStarted()

Checks if the session is started.

Return Value

bool True if started, false otherwise

at line line 321
setOptions(array $options)

Sets session.* ini variables.

For convenience we omit 'session.' from the beginning of the keys. Explicitly ignores other ini keys.

Parameters

array $options Session ini directives array(key => value)

See also

http://php.net/session.configuration

at line line 365
setSaveHandler(SessionHandlerInterface|null $saveHandler = null)

Registers session save handler as a PHP session handler.

To use internal PHP session save handlers, override this method using iniset with session.savehandler and session.save_path e.g.

ini_set('session.save_handler', 'files');
ini_set('session.save_path', '/tmp');

or pass in a \SessionHandler instance which configures session.save_handler in the constructor, for a template see NativeFileSessionHandler or use handlers in composer package drak/native-session

Parameters

SessionHandlerInterface|null $saveHandler

Exceptions

InvalidArgumentException

See also

http://php.net/session-set-save-handler
http://php.net/sessionhandlerinterface
http://php.net/sessionhandler
http://github.com/drak/NativeSession