Session

Implements \IteratorAggregate

Class for managing HTTP sessions

Provides access to session-state values as well as session-level settings and lifetime management methods. Based on the standard PHP session handling mechanism it provides more advanced features such as expire timeouts.

since

1.7.0

Methods

__construct

Constructor

__construct(string $store = 'none', array $options = array(), \JSessionHandlerInterface $handlerInterface = null) 
since

1.7.0

Arguments

$store

stringThe type of storage for the session.

$options

arrayOptional parameters

$handlerInterface

\JSessionHandlerInterfaceThe session handler

__get

Magic method to get read-only access to properties.

__get(string $name) : mixed
since

3.0.1

Arguments

$name

stringName of property to retrieve

Response

mixedThe value of the property

_createToken

Create a token-string

_createToken(integer $length = 32) : string
since

1.7.0

Arguments

$length

integerLength of string

Response

stringGenerated token

_setCounter

Set counter of session usage

_setCounter() : boolean
since

1.7.0

Response

booleanTrue on success

_setOptions

Set additional session options

_setOptions(array $options) : boolean
since

1.7.0

Arguments

$options

arrayList of parameter

Response

booleanTrue on success

_setTimers

Set the session timers

_setTimers() : boolean
since

1.7.0

Response

booleanTrue on success

_start

Start a session.

_start() : boolean

Creates a session (or resumes the current one based on the state of the session)

since

1.7.0

Response

booleantrue on success

_validate

Do some checks for security reason

_validate(boolean $restart = false) : boolean
  • timeout check (expire)
  • ip-fixiation
  • browser-fixiation

If one check failed, session data has to be cleaned.

link

http://shiflett.org/articles/the-truth-about-sessions

since

1.7.0

Arguments

$restart

booleanReactivate session

Response

booleanTrue on success

checkToken

Checks for a form token in the request.

checkToken(string $method = 'post') : boolean
static

Use in conjunction with \JHtml::_('form.token') or Session::getFormToken.

since

3.0.0

Arguments

$method

stringThe request method in which to look for the token key.

Response

booleanTrue if found and valid, false otherwise.

clear

Unset data from the session store

clear(string $name, string $namespace = 'default') : mixed
since

1.7.0

Arguments

$name

stringName of variable

$namespace

stringNamespace to use, default to 'default'

Response

mixedThe value from session or NULL if not set

close

Writes session data and ends session

close() : void

Session data is usually stored after your script terminated without the need to call Session::close(), but as session data is locked to prevent concurrent writes only one script may operate on a session at any time. When using framesets together with sessions you will experience the frames loading one by one due to this locking. You can reduce the time needed to load all the frames by ending the session as soon as all changes to session variables are done.

since

1.7.0

destroy

Frees all session variables and destroys all data registered to a session

destroy() : boolean

This method resets the data pointer and destroys all of the data associated with the current session in its storage. It forces a new session to be started after this method is called. It does not unset the session cookie.

see \Joomla\CMS\Session\session_destroy() \Joomla\CMS\Session\session_unset()
since

1.7.0

Response

booleanTrue on success

fork

Create a new session and copy variables from the old one

fork() : boolean
since

1.7.0

Response

boolean$result true on success

gc

Delete expired session data

gc() : boolean
since

3.8.6

Response

booleanTrue on success, false otherwise.

get

Get data from the session store

get(string $name, mixed $default = null, string $namespace = 'default') : mixed
since

1.7.0

Arguments

$name

stringName of a variable

$default

mixedDefault value of a variable if not set

$namespace

stringNamespace to use, default to 'default'

Response

mixedValue of a variable

getData

Returns a clone of the internal data pointer

getData() : \Joomla\Registry\Registry

getExpire

Get expiration time in seconds

getExpire() : integer
since

1.7.0

Response

integerThe session expiration time in seconds

getFormToken

Method to determine a hash for anti-spoofing variable names

getFormToken(boolean $forceNew = false) : string
static
since

1.7.0

Arguments

$forceNew

booleanIf true, force a new token to be created

Response

stringHashed var name

getId

Get session id

getId() : string
since

1.7.0

Response

stringThe session id

getInstance

Returns the global Session object, only creating it if it doesn't already exist.

getInstance(string $store, array $options, \JSessionHandlerInterface $handlerInterface = null) : \Joomla\CMS\Session\Session
static
since

1.7.0

Arguments

$store

stringThe type of storage for the session.

$options

arrayAn array of configuration options.

$handlerInterface

\JSessionHandlerInterfaceThe session handler

Response

\Joomla\CMS\Session\SessionThe Session object.

getIterator

Retrieve an external iterator.

getIterator() : \ArrayIterator
since

3.0.1

Response

\ArrayIterator

getName

Get session name

getName() : string
since

1.7.0

Response

stringThe session name

getState

Get current state of session

getState() : string
since

1.7.0

Response

stringThe session state

getStores

Get the session handlers

getStores() : array
static
since

1.7.0

Response

arrayAn array of available session handlers

getToken

Get a session token, if a token isn't set yet one will be generated.

getToken(boolean $forceNew = false) : string

Tokens are used to secure forms from spamming attacks. Once a token has been generated the system will check the post request to see if it is present, if not it will invalidate the session.

since

1.7.0

Arguments

$forceNew

booleanIf true, force a new token to be created

Response

stringThe session token

has

Check whether data exists in the session store

has(string $name, string $namespace = 'default') : boolean
since

1.7.0

Arguments

$name

stringName of variable

$namespace

stringNamespace to use, default to 'default'

Response

booleanTrue if the variable exists

hasToken

Method to determine if a token exists in the session. If not the session will be set to expired

hasToken(string $tCheck, boolean $forceExpire = true) : boolean
since

1.7.0

Arguments

$tCheck

stringHashed token to be verified

$forceExpire

booleanIf true, expires the session

Response

boolean

initialise

Check whether this session is currently created

initialise(\Joomla\CMS\Input\Input $input, \JEventDispatcher $dispatcher = null) : void
since

3.0.1

Arguments

$input

\Joomla\CMS\Input\InputInput object for the session to use.

$dispatcher

\JEventDispatcherDispatcher object for the session to use.

isActive

Shorthand to check if the session is active

isActive() : boolean
since

3.0.1

Response

boolean

isNew

Check whether this session is currently created

isNew() : boolean
since

1.7.0

Response

booleanTrue on success.

restart

Restart an expired or locked session.

restart() : boolean
see \Joomla\CMS\Session\Session::destroy()
since

1.7.0

Response

booleanTrue on success

set

Set data into the session store.

set(string $name, mixed $value = null, string $namespace = 'default') : mixed
since

1.7.0

Arguments

$name

stringName of a variable.

$value

mixedValue of a variable.

$namespace

stringNamespace to use, default to 'default'.

Response

mixedOld value of a variable.

setHandler

Set the session handler

setHandler(\JSessionHandlerInterface $handler) : void

Arguments

$handler

\JSessionHandlerInterfaceThe session handler

start

Start a session.

start() : void
since

3.0.1

Properties

_state

Internal state.

One of 'inactive'|'active'|'expired'|'destroyed'|'error'

see \Joomla\CMS\Session\Session::getState()
since

1.7.0

Type(s)

string

_expire

Maximum age of unused session in seconds

since

1.7.0

Type(s)

string

_store

The session store object.

since

1.7.0

Type(s)

\JSessionStorage

_security

Security policy.

List of checks that will be done.

Default values:

  • fix_browser
  • fix_adress
since

1.7.0

Type(s)

array

instance

Session instances container.

static
since

1.7.3

Type(s)

\Joomla\CMS\Session\Session

storeName

The type of storage for the session.

since

3.0.1

Type(s)

string

_input

Holds the \JInput object

since

3.0.1

Type(s)

\JInput

_dispatcher

Holds the event dispatcher object

since

3.0.1

Type(s)

\JEventDispatcher

_handler

Holds the event dispatcher object

since

3.5

Type(s)

\JSessionHandlerInterface

data

Internal data store for the session data