Session
Implements \IteratorAggregateClass for managing HTTP sessions
Provides access to session-state values as well as session-level settings and lifetime management methods. Based on the standard PHP session handling mechanism it provides more advanced features such as expire timeouts.
| since |
1.0 |
|---|
Methods
__construct
Constructor
__construct(string $store = 'none', array $options = array())
| since |
1.0 |
|---|
Arguments
- $store
stringThe type of storage for the session.- $options
arrayOptional parameters
__get
Magic method to get read-only access to properties.
__get(string $name) : mixed
| since |
1.0 |
|---|---|
| deprecated |
2.0 Use get methods for non-deprecated properties |
Arguments
- $name
stringName of property to retrieve
Response
mixedThe value of the property
_createToken
Create a token-string
_createToken(integer $length = 32) : string
| since |
1.0 |
|---|---|
| deprecated |
2.0 Use createToken instead |
Arguments
- $length
integerLength of string {@deprecated As of 2.0 the session token will be a fixed length}
Response
stringGenerated token
_setCookieParams
Set session cookie parameters
_setCookieParams() : void
| since |
1.0 |
|---|---|
| deprecated |
2.0 |
_setCounter
Set counter of session usage
_setCounter() : boolean
| since |
1.0 |
|---|---|
| deprecated |
2.0 Use setCounter instead |
Response
booleanTrue on success
_setOptions
Set additional session options
_setOptions(array $options) : boolean
| since |
1.0 |
|---|---|
| deprecated |
2.0 Use setOptions instead |
Arguments
- $options
arrayList of parameter
Response
booleanTrue on success
_setTimers
Set the session timers
_setTimers() : boolean
| since |
1.0 |
|---|---|
| deprecated |
2.0 Use setTimers instead |
Response
booleanTrue on success
_start
Start a session.
_start() : boolean
Creates a session (or resumes the current one based on the state of the session)
| since |
1.0 |
|---|---|
| deprecated |
2.0 |
Response
booleantrue on success
_validate
Do some checks for security reason
_validate(boolean $restart = false) : boolean
- timeout check (expire)
- ip-fixiation
- browser-fixiation
If one check failed, session data has to be cleaned.
| link | |
|---|---|
| since |
1.0 |
| deprecated |
2.0 Use validate instead |
Arguments
- $restart
booleanReactivate session
Response
booleanTrue on success
clear
Unset data from the session store
clear(string $name, string $namespace = 'default') : mixed
| since |
1.0 |
|---|
Arguments
- $name
stringName of variable- $namespace
stringNamespace to use, default to 'default' {@deprecated 2.0 Namespace support will be removed.}
Response
mixedThe value from session or NULL if not set
close
Writes session data and ends session
close() : void
Session data is usually stored after your script terminated without the need to call JSession::close(), but as session data is locked to prevent concurrent writes only one script may operate on a session at any time. When using framesets together with sessions you will experience the frames loading one by one due to this locking. You can reduce the time needed to load all the frames by ending the session as soon as all changes to session variables are done.
| see | \Joomla\Session\session_write_close() |
|---|---|
| since |
1.0 |
createToken
Create a token-string
createToken(integer $length = 32) : string
| since |
1.3.1 |
|---|
Arguments
- $length
integerLength of string {@deprecated As of 2.0 the session token will be a fixed length}
Response
stringGenerated token
destroy
Frees all session variables and destroys all data registered to a session
destroy() : boolean
This method resets the $_SESSION variable and destroys all of the data associated with the current session in its storage (file or DB). It forces new session to be started after this method is called. It does not unset the session cookie.
| see | \Joomla\Session\session_destroy() \Joomla\Session\session_unset() |
|---|---|
| since |
1.0 |
Response
booleanTrue on success
fork
Create a new session and copy variables from the old one
fork() : boolean
| since |
1.0 |
|---|
Response
boolean$result true on success
get
Get data from the session store
get(string $name, mixed $default = null, string $namespace = 'default') : mixed
| since |
1.0 |
|---|
Arguments
- $name
stringName of a variable- $default
mixedDefault value of a variable if not set- $namespace
stringNamespace to use, default to 'default' {@deprecated 2.0 Namespace support will be removed.}
Response
mixedValue of a variable
getExpire
Get expiration time in minutes
getExpire() : integer
| since |
1.0 |
|---|
Response
integerThe session expiration time in minutes
getId
Get session id
getId() : string
| since |
1.0 |
|---|
Response
stringThe session name
getInstance
Returns the global Session object, only creating it if it doesn't already exist.
getInstance(string $handler, array $options = array()) : \Joomla\Session\Session
| since |
1.0 |
|---|---|
| deprecated |
2.0 A singleton object store will no longer be supported |
Arguments
- $handler
stringThe type of session handler.- $options
arrayAn array of configuration options (for new sessions only).
Response
\Joomla\Session\SessionThe Session object.
getIterator
Retrieve an external iterator.
getIterator() : \ArrayIterator
| since |
1.0 |
|---|
Response
\ArrayIteratorReturn an ArrayIterator of $_SESSION.
getName
Get session name
getName() : string
| since |
1.0 |
|---|
Response
stringThe session name
getState
Get current state of session
getState() : string
| since |
1.0 |
|---|
Response
stringThe session state
getStores
Get the session handlers
getStores() : array
| since |
1.0 |
|---|---|
| deprecated |
2.0 The Storage class chain will be removed |
Response
arrayAn array of available session handlers
getToken
Get a session token, if a token isn't set yet one will be generated.
getToken(boolean $forceNew = false) : string
Tokens are used to secure forms from spamming attacks. Once a token has been generated the system will check the post request to see if it is present, if not it will invalidate the session.
| since |
1.0 |
|---|
Arguments
- $forceNew
booleanIf true, force a new token to be created
Response
stringThe session token
has
Check whether data exists in the session store
has(string $name, string $namespace = 'default') : boolean
| since |
1.0 |
|---|
Arguments
- $name
stringName of variable- $namespace
stringNamespace to use, default to 'default' {@deprecated 2.0 Namespace support will be removed.}
Response
booleanTrue if the variable exists
hasToken
Method to determine if a token exists in the session. If not the session will be set to expired
hasToken(string $tCheck, boolean $forceExpire = true) : boolean
| since |
1.0 |
|---|
Arguments
- $tCheck
stringHashed token to be verified- $forceExpire
booleanIf true, expires the session
Response
boolean
initialise
Check whether this session is currently created
initialise(\Joomla\Input\Input $input, \Joomla\Event\DispatcherInterface $dispatcher = null) : void
| since |
1.0 |
|---|---|
| deprecated |
2.0 In 2.0 the DispatcherInterface should be injected via the object constructor |
Arguments
- $input
\Joomla\Input\InputInput object for the session to use.- $dispatcher
\Joomla\Event\DispatcherInterfaceDispatcher object for the session to use.
isActive
Shorthand to check if the session is active
isActive() : boolean
| since |
1.0 |
|---|
Response
boolean
isNew
Check whether this session is currently created
isNew() : boolean
| since |
1.0 |
|---|
Response
booleanTrue on success.
restart
Restart an expired or locked session.
restart() : boolean
| see | \Joomla\Session\destroy |
|---|---|
| since |
1.0 |
Response
booleanTrue on success
set
Set data into the session store.
set(string $name, mixed $value = null, string $namespace = 'default') : mixed
| since |
1.0 |
|---|
Arguments
- $name
stringName of a variable.- $value
mixedValue of a variable.- $namespace
stringNamespace to use, default to 'default' {@deprecated 2.0 Namespace support will be removed.}
Response
mixedOld value of a variable.
setCounter
Set counter of session usage
setCounter() : boolean
| since |
1.3.0 |
|---|
Response
booleanTrue on success
setExpire
Set the session expiration
setExpire(integer $expire) : $this
| since |
1.3.0 |
|---|
Arguments
- $expire
integerMaximum age of unused session in minutes
Response
$this
setOptions
Set additional session options
setOptions(array $options) : boolean
| since |
1.3.0 |
|---|
Arguments
- $options
arrayList of parameter
Response
booleanTrue on success
setState
Set the session state
setState(string $state) : $this
| since |
1.3.0 |
|---|
Arguments
- $state
stringInternal state
Response
$this
setTimers
Set the session timers
setTimers() : boolean
| since |
1.3.0 |
|---|
Response
booleanTrue on success
start
Start a session.
start() : void
| since |
1.0 |
|---|
validate
Do some checks for security reason
validate(boolean $restart = false) : boolean
- timeout check (expire)
- ip-fixiation
- browser-fixiation
If one check failed, session data has to be cleaned.
| link | |
|---|---|
| since |
1.3.0 |
Arguments
- $restart
booleanReactivate session
Response
booleanTrue on success
Properties
state
Internal state.
One of 'inactive'|'active'|'expired'|'destroyed'|'error'
| see | \Joomla\Session\Session::getState() |
|---|---|
| since |
1.0 |
Type(s)
string
expire
Maximum age of unused session in minutes
| since |
1.0 |
|---|
Type(s)
string
security
Security policy.
List of checks that will be done.
Default values:
- fix_browser
- fix_adress
| since |
1.0 |
|---|
Type(s)
array
force_ssl
Force cookies to be SSL only Default false
| since |
1.0 |
|---|
Type(s)
boolean
cookie_domain
The domain to use when setting cookies.
| since |
1.0 |
|---|---|
| deprecated |
2.0 |
Type(s)
mixed
cookie_path
The path to use when setting cookies.
| since |
1.0 |
|---|---|
| deprecated |
2.0 |
Type(s)
mixed
cookie_httponly
The configuration of the HttpOnly cookie.
| since |
1.5.0 |
|---|---|
| deprecated |
2.0 |
Type(s)
mixed
cookie_samesite
The configuration of the SameSite cookie.
| since |
1.5.0 |
|---|---|
| deprecated |
2.0 |
Type(s)
mixed
instance
Session instances container.
storeName
The type of storage for the session.
| since |
1.0 |
|---|---|
| deprecated |
2.0 |
Type(s)
string