blueshoes php application framework and cms            core_net
[ class tree: core_net ] [ index: core_net ] [ all elements ]

Class: Bs_Session

Source Location: /core/net/http/session/Bs_Session.class.php

Class Overview

Bs_Object
   |
   --Bs_Session

!!! deprecated, use Bs_SimpleSession instead !!!


Author(s):

Version:

  • 4.3.$Revision: 1.3 $ $Date: 2003/10/29 17:48:42 $

Copyright:

  • blueshoes.org

Variables

Methods


Child classes:

Bs_SessionFile
!!! deprecated, use Bs_SimpleSession instead !!!

Inherited Variables

Inherited Methods

Class: Bs_Object

Bs_Object::Bs_Object()
Bs_Object::getErrors()
Basic error handling: Get *all* errors as string array from the global Bs_Error-error stack.
Bs_Object::getLastError()
Basic error handling: Get last error string from the global Bs_Error-error stack.
Bs_Object::getLastErrors()
Basic error handling: Get last errors string array from the global Bs_Error-error stack sinc last call of getLastErrors().
Bs_Object::persist()
Persists this object by serializing it and saving it to a file with unique name.
Bs_Object::setError()
Basic error handling: Push an error string on the global Bs_Error-error stack.
Bs_Object::toHtml()
Dumps the content of this object to a string using PHP's var_dump().
Bs_Object::toString()
Dumps the content of this object to a string using PHP's var_dump().
Bs_Object::unpersist()
Fetches an object that was persisted with persist()

Class Details

[line 74]
!!! deprecated, use Bs_SimpleSession instead !!!

Abstract Session Class.

NOTE: This class may become deprecated. Use instead.

The good thing about php's session handling is you don't have to save the session yourself using saveNow() or something. it's done automatically after the output stream is closed. The bad thing, however, is your vars must be in the global scope. This includes the var $PHPSESSID. So if you code OO, you may not be satisfied with this.

You don't have to get paranoid with using write() all over the place not to loose any data (in case the script terminates somewhere). There is a workaround: bs_registerShutdownMethod() Immediatly after you create a new session object, do: register_shutdown_function("\$yourSessionObject->write"); the only thing you should take care of is that no-one kills your object. unfortunately it cannot be done in the constructor using: register_shutdown_function("\$this->write"); this syntax (using $this) doesn't work.

you should never create 2 session objects for the same user. this will cause problems because one would overwrite the session cookie of the other, or if they share the same sid, one will overwrite the data of the other. they can't go together. use one.

the short form 'sid' means 'session id'. its datatype is string and only uses a-z A-Z 0-9, no äöü etc.

a note for ppl using php's session handling: please don't make use of the ini setting 'session.referer_check'. from the manual: contains the substring you want to check each HTTP Referer for. If the Referer was sent by the client and the substring was not found, the embedded session id will be marked as invalid. Defaults to the empty string. now you're clever and add 'yourdomain.com'. someone is on your site, opens another webbrowser, clicks on a link to 'anotherdomain.com', which has a link back to yourdomain.com. now what? right, session is lost, new one is created. and we don't want that, right? also the referer can be cheated, and some privaty protectors do that.

dependencies: Bs_Misc




Tags:

pattern:  singleton: (pseudostatic)
deprecated:  use Bs_SimpleSession instead
access:  public
version:  4.3.$Revision: 1.3 $ $Date: 2003/10/29 17:48:42 $
copyright:  blueshoes.org
author:  Andrej Arn <at blueshoes dot org>


[ Top ]


Class Variables

$sidName =  'bs_session'

[line 93]

the name (key) of the sid that gets sent as cookie or querystring param to the browser. note that if you change this for an existing site, this can cause lost of existing sessions.

default is 'bs_session'.




Tags:

access:  public

Type:   string


[ Top ]

$_gc =

[line 114]

the % chance to start the gc() in start().



Tags:

see:  $APP['sess']['gc']

Type:   int


[ Top ]

$_ttl =

[line 122]

the time-to-live of the session in minutes.

counter starts on the last session access.




Tags:

see:  $APP['sess']['maxStandbyTime']

Type:   int


[ Top ]



Class Methods


constructor Bs_Session [line 145]

Bs_Session Bs_Session( int $gc, int $ttl)

Constructor.



Tags:

access:  public


Parameters:

int   $gc   the garbage collector, see $_gc
int   $ttl   the time-to-live in minutes, see $_ttl

[ Top ]

method destroy [line 271]

void destroy( )

kills the session and removes all stored data.



Tags:

todo:  kill the file


Overridden in child classes as:

Bs_SessionFile::destroy()
kills the session and removes all stored data.

[ Top ]

method gc [line 380]

void gc( )

Garbage collection you need to overwrite this method.



Overridden in child classes as:

Bs_SessionFile::gc()
Garbage collection

[ Top ]

method getSid [line 305]

string getSid( )

returns the session id



Tags:

return:  the currently used sid.
throws:  NULL if no sid in use.


[ Top ]

method getVar [line 371]

mixed &getVar( string $key)

returns the value of a registered var.

examples: to get the data by value, do $val = getVar('someVar'); to get the data by reference, do $ref = &getVar('someVar'); but please, be careful with getting values by reference. even the value in the session object can be a reference! see register().




Tags:

access:  public


Parameters:

string   $key  

[ Top ]

method init [line 176]

bool init( int $techType)

inits this object. tells if we have such a session or if it needs to be created.

it follows these steps (also depending on $techType): 1) see if $this->_sid is already set. 2) if not available, try to read the sid from the form (post). 3) if not available, try to read the sid from the querystring (get). 4) if not available, try to read the sid from the cookie. 5) if one of 1-4 succeeded, we have to do checkIntegrity(). 6) if 5) succeeded, we have to do read(). 7) if 5) not done or failed, we have to do start() for a new session.

if we already have it and it's ok to use, we are going to load it.




Tags:

return:  TRUE if we can re-use an old session, FALSE if a new session needs to be created.
access:  public


Parameters:

int   $techType   (see $this->_techType)

[ Top ]

method isRegistered [line 351]

bool isRegistered( string $key)

tells if a var is registered.



Tags:

access:  public


Parameters:

string   $key  

[ Top ]

method register [line 329]

void register( string $key, string $value)

add a var to the session.

hint: pass the $value by reference if you want that.




Tags:

access:  public


Parameters:

string   $key  
string   $value   *$value (read only)

[ Top ]

method setSid [line 315]

void setSid( string $sid)

sets the session id



Parameters:

string   $sid  

[ Top ]

method start [line 247]

void start( [string $type = 'cookie'])

starts a new session. sends the cookie to the browser.



Tags:

access:  public


Parameters:

string   $type   (one of 'cookie' (default) or 'query')

[ Top ]

method unRegister [line 340]

void unRegister( string $key)

remove a var from the session



Tags:

access:  public


Parameters:

string   $key  

[ Top ]


Documentation generated on Mon, 29 Dec 2003 21:12:34 +0100 by phpDocumentor 1.2.3