Session Usage - Classes - FuelPHP Documentation

Session Class

The session class allows you to maintain state for your application in the stateless environment of the web. It allows you to store variables on the server using a variety of storage solutions, and recall these variables on the next page request.

The static methods documented on this page use the session driver configured in the configuration via the driver setting. When you have set the auto_initialize setting to true, a session will be initialized when the Session class is loaded. If it is set to false, you will have to use one of the methods below, or start a session instance manually, to initialize the session.

If your application needs session support, either "always_load" your session class, or make sure your (base) controllers will load it. If you do load it, but you choose not to auto_initialize the session, and you don't use any of the session methods, the session will not be refreshed! This can cause unexpected behaviour of your application due to an expired session.

Garbage Collection

There session drivers have a built-in garbage collection mechanism to remove stale entries. Storage backends that have built-in support for data expiration, such as APC, Memcached or Redis, will use that feature, and will auto expire stale cache entries.

Storage backends that don't, for example the database or file system drivers, use the gc_probability setting to determine if garbage collection is needed. If so, they will run it in a shutdown event, after the page has been send to the user. Downside of this method is that if this takes some time, the page will not finished to be "loading..." until GC is completed.

When using sessions, make ABSOLUTELY sure that the timezone configured in your app/config/config.php and/or your php.ini file matches the timezone set on your server. Since cookie expiry timestamps are in GMT, expiry time calculation goes horribly wrong when you have a timezone mismatch, ranging from not expiring properly to session cookies not set at all because they arrive at the browser already expired.

instance($instance = null)

The instance method returns the default session instance, or a specific instance, identified by name.

Static Yes

Parameters

Param	Default	Description
`$instance`	`null`	Cookiename (as defined in config/session.php) that identifies the required session instance.

Returns mixed - session object, or false in case the requested instance does not exist.

Example

// get the default session instance (identified by the 'driver' configuration setting).
$session = Session::instance();

// get a specific session instance
$session = Session::instance('myappcookie');

set($variable, $value = null)

The set method allows you to set a session variable.

Static Yes

Parameters

Param	Type	Default	Description
`$variable`	string\|array	required	Name of the session variable to set or associative array of values.
`$value`	mixed	`null`	The session variables value. This can be any data type, but pay attention when storing objects in the session, as session data is serialized, and there are restrictions to serializing an object.

Returns FuelCoreSession_Driver - is chainable

Example

// store the userid in the session
Session::set('userid', $userid);

// you can also store more complex values
Session::set('array', array('varA', 'varB', 'varC' => array('val1', 'val2'));

// you can also use an array to set multiple values at the same time
Session::set(array(
    'userid' => $userid,
    'has_cookies' => function()
    {
        return (bool) \Cookie::get('has_them', false);
    }
));

// You can also chain on calls to set values
Session::set('userid', $userid)->set('foo', 'bar');

get($variable = null, $default = null)

The get method allows you to retrieve stored variables from the session.

Static Yes

Parameters

Param	Default	Description
`$variable`	`null`	Name of the session variable to get. If not specified, all session variables are returned.
`$default`	`null`	Default value to return in case the requested variable does not exist. If no default is given, the method will return `null`.

Returns mixed - Dependent on the type of the stored $variable. The method returns null if the requested variable does not exist.

Example

// get the stored userid from the session
$userid = Session::get('userid');
if ( $userid === false )
{
    echo "no user is logged in";
}

// you can retrieve the entire array stored
$arr = Session::get('array');

// or get a specific key from the array
$arr = Session::get('array.varC');

// get all session variables
$vars = Session::get();

delete($variable)

The delete method allows you to delete a stored session variable.

Static Yes

Parameters

Param	Default	Description
`$variable`	required	Name of the session variable to delete.

Returns FuelCoreSession_Driver - is chainable

Example

// delete the stored userid from the session
Session::delete('userid');

// you can also delete a specific key from the array
Session::delete('array.varC');

set_flash($variable, $value = null)

The set_flash method allows you to set a session flash variable. Flash variables have a limited lifespan. Depending on the configuration, they will be deleted after the next page request, or after they are retrieved.

Static Yes

Parameters

Param	Default	Description
`$variable`	required	Name of the session flash variable to set.
`$value`	`null`	The session flash variables value. This can be any data type, but pay attention when storing objects in the session, as session data is serialized, and there are restrictions to serializing an object.

Returns FuelCoreSession_Driver - is chainable

Example

// tell the next page request which step to process
Session::set_flash('step', 2);

// you can also store more complex values
Session::set_flash('array', array('varA', 'varB', 'varC' => array('val1', 'val2')));

This method supports limited 'dot-notation' to save an element in a multidimensional array. Only the top-level is versioned, the entire multidimensional array will expire at the same time.

get_flash($variable, $default = null, $expire = false)

The get_flash method allows you to get a session flash variable. Flash variables have a limited lifespan. Depending on the configuration, they will be deleted after the next page request, or after they are retrieved.

Static Yes

Parameters

Param	Default	Description
`$variable`	required	Name of the session variable to get.
`$default`	`null`	Default value to return in case the requested variable does not exist. If no default is given, the method will return `null`.
`$expire`	`false`	if `true`, the session variable expires immediately, even if it is set in the same request.

Returns mixed - Dependent on the type of the stored $variable. The method returns null if the requested variable does not exist.

Example

// find out which step to process
$step = Session::get_flash('step');

This method supports 'dot-notation' to retrieve an element from a multidimensional array.

keep_flash($variable)

The keep_flash method resets a flash variable stored in the session to an 'unrequested' state. This allows you to get a flash variable, and still pass it on to the next page request.

Static Yes

Parameters

Param	Default	Description
`$variable`	required	Name of the flash variable to keep.

Returns FuelCoreSession_Driver - is chainable

Example

// keep the step value for one more page request
Session::keep_flash('step');

delete_flash($variable)

The delete_flash method allows you to delete a stored flash variable.

Static Yes

Parameters

Param	Default	Description
`$variable`	required	Name of the flash variable to delete.

Returns FuelCoreSession_Driver - is chainable

Example

// delete the step from the session
Session::delete_flash('userid');

create()

The create method allows you to create a new session. If a session is already present, it will be destroyed when the new one is created.

Static	Yes
Parameters	None
Returns	FuelCoreSession_Driver - is chainable
Example	`// create a new session Session::create();`

destroy()

The destroy method allows you to destroy an existing session.

Static	Yes
Parameters	None
Returns	FuelCoreSession_Driver - is chainable
Example	`// destroy a session Session::destroy();`

read()

The read method allows you to manually read a session. The session is automatically read when the session class is initialized, so under normal circumstances there is no need to use this method.

Static	Yes
Parameters	None
Returns	FuelCoreSession_Driver - is chainable
Example	`// read the session Session::read();`

write()

The write method allows you to manually write the session. Under normal circumstances, the session is automatically written when the script ends.

Static	Yes
Parameters	None
Returns	FuelCoreSession_Driver - is chainable
Example	`// write the session Session::write();`

rotate()

The rotate method allows you to manually rotate the session id. Under normal circumstances, the session id is automatically rotated periodically, as defined in the configuration. You might want to manually rotate it as an extra security measure, for example when you change the rights of the logged-in user.

Static	Yes
Parameters	None
Returns	FuelCoreSession_Driver - is chainable
Example	`// rotate the session Session::rotate();`

key()

The key method allows you retrieve elements of the session key, which uniquely identifies the session.

Static Yes

Parameters

Param	Default	Description
`$name`	optional	Name of the key element. By default, it is set to 'session_id'. Other elements that may be available are 'ip_hash', 'created', 'updated' 'user_agent' and 'payload'.

Returns mixed - element value, or false if the requested element does not exist.

Example

// get the current session id
$session_id = Session::key('session_id');