Sessions - adampatterson/Dingo-Framework GitHub Wiki

###Overview The session library allows you to easily and securely manage sessions in your application. To load the session library manually you may do this:

load::library('session');

###Setup Dingo uses your database for storing session data. This allows Dingo to provide more advanced session features and more securely store and manage your session data.

NOTE: Because the session library uses the database to store sessions, you must load the database library before the session library is loaded.

The first thing you need to do is make a table in the database you are using for your application for session data to be stored in. This table can be named anything you want but must contain these 3 columns in this order:

  • name - The name of the session. Contains a string at max 25 chararcters long.
  • cookie - Value stored in session cookie. Contains a string at max 25 characters long.
  • value - The data stored in your session. Can be any data type and any length you choose. For example I could use the MySQL TEXT column type if I want to store large amounts of data in my sessions.
  • expire - Expiration date and time of session. Contains a 11 character long integer.

After you create your session table in your database the next step is to configure Dingo. open up application/config/development/config.php and look for the part of the file that looks like this:

/* Sessions */
config::set('session',array(
'table'=>'sessions',
'cookie'=>array('path'=>'/','expire'=>'+1 months')
));;

Set the table key in the $session array to the name of the table you are going to use to store sessions. Set the cookie key with the desired default path and expiration settings for your session cookies.

For more info on possible settings for the cookie key see the cookie class documentation.

###Set Setting a session is pretty straight forward:

session::set('user','Evan');

This will create a session with the name user and value Evan using the default session cookie settings.

Get

Returns the value of a session.

$user = session::get('user');

###Delete Removes a session.

$user = session::delete('user');

Reset

Changes the value of and resets the session cookie. This is useful in preventing session hijacking. This does NOT change your stored session data.

session::reset('user');

This will reset the cookie for the user session using the default session cookie settings.

Update

Changes the value stored in a session. Does NOT reset cookie or session. If you need to reset the session and cookie use session::set()

session::update('user','new_value');

Salt

Generates an uniqe string between 10 and 25 characters long. Used internally by the session class to securely indentify sessions.

$salt = session::salt();

Cleanup

Removes expired sessions from the database session table. Automatically run internally when the session class is constructed, so you should not need to use it.

session::cleanup();