Support Joomla!

Packages

Package: Joomla-Framework

License

Content on this site is copyright © 2005 - 2008 Open Source Matters Inc and can be used in accordance with the Joomla! Electronic Documentation License. Some parts of this website may be subject to other licenses.

Class JSession

Description
Description | Variables (details) | Methods (details)

Class for managing HTTP sessions

Provides access to session-state values as well as session-level settings and lifetime management methods. Based on the standart PHP session handling mechanism it provides for you more advanced features such as expire timeouts.

  • since: 1.5

Located in /joomla/session/session.php (line 33) 

Class JObject   (Subpackage Base)

Class JSession   (Subpackage Session)
Variable Summary
Description | Variables (details) | Methods (details)
Variable string $_expire
Variable array $_security
Variable string $_state
Variable object A $_store
Method Summary
Description | Variables (details) | Methods (details)
Static method static void destroy ()
Static method static mixed &get (string $name, [mixed $default = null], [string $namespace = 'default'])
Static method static void hasToken (string $tCheck, [boolean $forceExpire = true])
Constructor JSession __construct ([ $store = 'none'], [array $options = array()], string $storage)
Method mixed clear (string $name, [string $namespace = 'default'])
Method void close ()
Abstract method boolean fork ()
Method integer getExpire ()
Method string getId ()
Method JSession &getInstance ( $handler,  $options)
Method string getName ()
Method string getState ()
Method array getStores ()
Method string getToken ([boolean $forceNew = false])
Method boolean has (string $name, [string $namespace = 'default'])
Method boolean isNew ()
Method boolean restart ()
Method mixed set (string $name, mixed $value, [string $namespace = 'default'])
Method string _createToken ([int $length = 32])
Method boolean _setCounter ()
Method boolean _setOptions ( &$options, array $options)
Method boolean _setTimers ()
Method boolean _validate ([boolean $restart = false])
Variables
Description | Variables (details) | Methods (details)
string $_expire = 15 (line 50)

Maximum age of unused session

  • var: minutes
  • access: protected
array $_security = array( 'fix_browser' ) (line 70)

security policy

Default values:

  • fix_browser
  • fix_adress

  • var: list of checks that will be done.
  • access: protected
string $_state = 'active' (line 42)

internal state

object A $_store = null (line 58)

The session store object

  • var: JSessionStorage object
  • access: protected

Inherited Variables

Inherited from JObject

Variable JObject::$_errors
Methods
Description | Variables (details) Methods (details)
Constructor __construct (line 79)

Constructor

  • access: protected
JSession __construct ([ $store = 'none'], [array $options = array()], string $storage)
  • string $storage
  • array $options: optional parameters
  • $store
Redefinition of:
JObject::__construct()
Class constructor, overridden in descendant classes.
clear (line 378)

Unset data from the session store

  • return: the value from session or NULL if not set
  • access: public
mixed clear (string $name, [string $namespace = 'default'])
  • string $name: Name of variable
  • string $namespace: Namespace to use, default to 'default'
close (line 544)

Writes session data and ends session

Session data is usually stored after your script terminated without the need to call JSession::close(),but as session data is locked to prevent concurrent writes only one script may operate on a session at any time. When using framesets together with sessions you will experience the frames loading one by one due to this locking. You can reduce the time needed to load all the frames by ending the session as soon as all changes to session variables are done.

void close ()
destroy (line 434)

Frees all session variables and destroys all data registered to a session

This method resets the $_SESSION variable and destroys all of the data associated with the current session in its storage (file or DB). It forces new session to be started after this method is called. It does not unset the session cookie.

void destroy ()
fork (line 493)

Create a new session and copy variables from the old one

  • return: true on success
  • access: public
  • abstract:
boolean fork ()
get (line 305)

Get data from the session store

  • return: Value of a variable
  • access: public
mixed &get (string $name, [mixed $default = null], [string $namespace = 'default'])
  • string $name: Name of a variable
  • mixed $default: Default value of a variable if not set
  • string $namespace: Namespace to use, default to 'default'
Redefinition of:
JObject::get()
Returns a property of the object or the default value if the property is not set.
getExpire (line 165)

Get expiration time in minutes

  • return: The session expiration time in minutes
  • access: public
integer getExpire ()
getId (line 241)

Get session id

  • return: The session name
  • access: public
string getId ()
getInstance (line 138)

Returns a reference to the global Session object, only creating it if it doesn't already exist.

This method must be invoked as: 

  $session = &JSession::getInstance();

  • return: The Session object.
  • since: 1.5
  • access: public
JSession &getInstance ( $handler,  $options)
  • $handler
  • $options
getName (line 226)

Get session name

  • return: The session name
  • access: public
string getName ()
getState (line 155)

Get current state of session

  • return: The session state
  • access: public
string getState ()
getStores (line 256)

Get the session handlers

  • return: An array of available session handlers
  • access: public
array getStores ()
getToken (line 180)

Get a session token, if a token isn't set yet one will be generated.

Tokens are used to secure forms from spamming attacks. Once a token has been generated the system will check the post request to see if it is present, if not it will invalidate the session.

  • return: The session token
  • access: public
string getToken ([boolean $forceNew = false])
  • boolean $forceNew: If true, force a new token to be created
has (line 358)

Check wheter data exists in the session store

  • return: true if the variable exists
  • access: public
boolean has (string $name, [string $namespace = 'default'])
  • string $name: Name of variable
  • string $namespace: Namespace to use, default to 'default'
hasToken (line 202)

Method to determine if a token exists in the session. If not the session will be set to expired

  • since: 1.5
void hasToken (string $tCheck, [boolean $forceExpire = true])
  • string $tCheck: Hashed token to be verified
  • boolean $forceExpire: If true, expires the session
isNew (line 286)

Check whether this session is currently created

  • return: true on success
  • access: public
boolean isNew ()
restart (line 462)

restart an expired or locked session

boolean restart ()
set (line 330)

Set data into the session store

  • return: Old value of a variable
  • access: public
mixed set (string $name, mixed $value, [string $namespace = 'default'])
  • string $name: Name of a variable
  • mixed $value: Value of a variable
  • string $namespace: Namespace to use, default to 'default'
Redefinition of:
JObject::set()
Modifies a property of the object, creating it if it does not already exist.
_createToken (line 573)

Create a token-string

  • return: generated token
  • access: protected
string _createToken ([int $length = 32])
  • int $length: lenght of string
_setCounter (line 592)

Set counter of session usage

  • return: true on success
  • access: protected
boolean _setCounter ()
_setOptions (line 631)

set additional session options

  • return: true on success
  • access: protected
boolean _setOptions ( &$options, array $options)
  • array $options: list of parameter
  • &$options
_setTimers (line 607)

Set the session timers

  • return: true on success
  • access: protected
boolean _setTimers ()
_validate (line 673)

Do some checks for security reason

  • timeout check (expire)
  • ip-fixiation
  • browser-fixiation
If one check failed, session data has to be cleaned.

boolean _validate ([boolean $restart = false])
  • boolean $restart: reactivate session

Inherited Methods

Inherited From JObject

JObject::JObject()
JObject::__construct()
JObject::get()
JObject::getError()
JObject::getErrors()
JObject::getProperties()
JObject::getPublicProperties()
JObject::set()
JObject::setError()
JObject::setProperties()
JObject::toString()
Documentation generated on Mon, 22 Sep 2008 12:13:11 +0100 by phpDocumentor 1.3.1