-
Notifications
You must be signed in to change notification settings - Fork 7.6k
OB Session
Category:Libraries::Session Category:Session An attempt to provide the best of all possible session worlds. By Oscar Bajner.
This replacement class for Code Igniter session library borrows from ideas presented in Native_session and DB_session.
It attempts to retain all the benefits of the original CI implementation, adding the best features from other libs and adds several enhancements. Author : Oscar Bajner. Based on : Existing CI Session Class. License : See CodeIgniter license. Requirements : CodeIgniter 1.5.0 or higher.
[h3]Updates[/h3] The session class has been updated: 01 May 2007. (Bugfix) Please download the latest version and update Session.php. Changes:
- Fixed a bug which was causing "index not found" warnings when using the database storage option is enabled.
The session class has been updated: 15 April 2007. Please download the latest version and update your config file sess_ entries. Changes:
- Added ability to send a server header before cookie is sent
- Added ability to set a HttpOnly cookie, for PHP version 5.2.x Only!
- Added ability to pass string or array data to set_flashdata()
- Added ability to configure garbage collect probability.
[h3] Benefits over CI_Session and DB_Session[/h3]
- Session User Data can be stored either client-side in the cookie OR server-side in a database table.
- Highly configurable:
- Easily configure non-persistent sessions, session timeouts and session auto regeneration. (A non-persistent session ends on browser exit.)
- Incorporates "Flash data" as implemented in Native_Session and DB_Session.
- Provides function for manual session id regeneration.
[h3] Usage [/h3]
- the same as the original CI session library - just load the library from your /application/libraries directory : $this->load->library('session');
- access the session data via : $this->session->userdata() and $this->session->set_userdata() methods.
- Allows regenerating the session id manually by calling session->regenerate_id()
[h3] Configuration [/h3] The original config entry for CI session is amended as follows:
| Session Variables
|--------------------------------------------------------------------------
|
| 'session_cookie_name' = the name you want for the cookie
| 'encrypt_sess_cookie' = TRUE/FALSE (boolean). Whether to encrypt the cookie
| 'session_expiration' = the number of SECONDS you want the session to last.
| by default sessions last 7200 seconds (two hours).
| Set to zero (0) for a session which expires on browser exit.
|---------------------------------
| Additional config items:
| 'sess_storage' = Store USER DATA in 'cookie' or 'database'
| Some session data is always stored in the cookie, prefixed with "session_"
| Viz: "session_id", "session_start", "session_last_activity", "session_ip_address", "session_user_agent".
| 'sess_timeout' = session time-to-live, in seconds, set to zero for no timeout.
| 'sess_destroy_on_timeout' = TRUE/FALSE (boolean)
| The default is FALSE, the session_id is regenerated and existing session data is saved.
| 'sess_update_interval' = Period in SECONDS between session updates.
|
| 'sess_gc_probability' = Percentage probability of garbage collection, default = 10, 100 = always, 0 = never.
| 'sess_send_hdr' = Full server header to send, default = '', no header is sent. (only one header allowed)
| A typical usage would be to send a P3P compact policy as a header for MSIE 6/7.
| P3P example1 : 'sess_send_hdr' = 'P3P: CP="CAO PSA OUR"';
| P3P example2 : 'sess_send_hdr' = 'P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"';
| Other example1 : 'sess_send_hdr' = 'Cache-Control: private';
| 'sess_http_only' = FALSE; // NB!! Only set this to TRUE if your server runs PHP 5.2 or higher!
| An HttpOnly cookie protects against XSS, the cookie cannot be accessed via javascript, supported by IE6_SP1, IE7.
| Setting TRUE on PHP < 5.2 will make your cookies crumble!
|
*/
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_table_name'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = TRUE;
// [OB] additional config items:
$config['sess_storage'] = 'cookie';
$config['sess_timeout'] = 0;
$config['sess_destroy_on_timeout'] = FALSE;
$config['sess_update_interval'] = 300;
$config['sess_gc_probability'] = 10;
$config['sess_http_only'] = FALSE;
$config['sess_send_hdr'] = '';
[h3]Modifications of original CI implementation [/h3] The session variable "last_visit" is removed and replaced with "session_start"
Be aware that some session data is always present in the session cookie.
- session_id
- session_start
- session_last_activity
- session_ip
- session_user_agent
Please enable cookie encryption if you do not want this info to be visible.
[h3]Discussion, Documentation and download[/h3] Please note: My host does not allow a direct download link. You will only be able to download the zip file "obsession.zip" from the home page given below.
- For general usage, please see the CI session documentation [url=http://www.codeigniter.com/user_guide/libraries/sessions.html]user_guide[/url]
- To view documentation online, or to download, please go to [url=http://bleakview.orgfree.com/obsession/]OB Session[/url]
- To discuss, post questions or bug reports please see thread [url=http://codeigniter.com/forums/viewthread/49253/]Discussion thread[/url]