Part of the EllisLab Network
CodeIgniter   >   Wiki   >   OB Session
x
 
Create New Page
 View Previous Changes    ( Last updated by Oscar Bajner )

OB Session

Category:Libraries -> Session
Category:Session
An attempt to provide the best of all possible session worlds. By Oscar Bajner.

This replacement class for Code Igniter session library borrows from ideas presented in Native session and DB session.

It attempts to retain all the benefits of the original CI implementation, adding the best features from other libs and adds several enhancements.
Author : Oscar Bajner.
Based on : Existing CI Session Class.
License : See CodeIgniter license.
Requirements : CodeIgniter 1.5.0 or higher.

Updates

The session class has been updated: 01 May 2007. (Bugfix)
Please download the latest version and update Session.php.
Changes:
1. Fixed a bug which was causing “index not found” warnings when using the database storage option is enabled.


The session class has been updated: 15 April 2007.
Please download the latest version and update your config file sess_ entries.
Changes:
1. Added ability to send a server header before cookie is sent
2. Added ability to set a HttpOnly cookie, for PHP version 5.2.x Only!
3. Added ability to pass string or array data to set_flashdata()
4. Added ability to configure garbage collect probability.

Benefits over CI_Session and DB_Session

* Session User Data can be stored either client-side in the cookie OR server-side in a database table.
* Highly configurable:
* Easily configure non-persistent sessions, session timeouts and session auto regeneration. (A non-persistent session ends on browser exit.)
* Incorporates “Flash data” as implemented in Native_Session and DB_Session.
* Provides function for manual session id regeneration.

Usage

* the same as the original CI session library - just load the library from your /application/libraries directory : $this->load->library(‘session’);
* access the session data via : $this->session->userdata() and $this->session->set_userdata() methods.
* Allows regenerating the session id manually by calling session->regenerate_id()

Configuration

  The original config entry for CI session is amended as follows:

| Session Variables
|--------------------------------------------------------------------------
|
| 'session_cookie_name' = the name you want for the cookie
| 'encrypt_sess_cookie' = TRUE/FALSE (boolean).  Whether to encrypt the cookie
| 'session_expiration'  = the number of SECONDS you want the session to last.
|  by default sessions last 7200 seconds (two hours).  
|  Set to zero (0) for a session which expires on browser exit.
|---------------------------------
|  Additional config items:
|  'sess_storage'       = Store USER DATA in 'cookie' or 'database'
|  Some session data is always stored in the cookie, prefixed with "session_"
|  Viz: "session_id", "session_start", "session_last_activity", "session_ip_address", "session_user_agent".
|  'sess_timeout'       = session time-to-live, in seconds, set to zero for no timeout.
|  'sess_destroy_on_timeout' = TRUE/FALSE (boolean)
|  The default is FALSE, the session_id is regenerated and existing session data is saved.
|  'sess_update_interval'    = Period in SECONDS between session updates.
|
| 'sess_gc_probability'  = Percentage probability of garbage collection, default = 10, 100 = always, 0 = never.
| 'sess_send_hdr' = Full server header to send, default = '', no header is sent. (only one header allowed)
|  A typical usage would be to send a P3P compact policy as a header for MSIE 6/7.
|  P3P example1 : 'sess_send_hdr' = 'P3P: CP="CAO PSA OUR"';
|  P3P example2 : 'sess_send_hdr' = 'P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"';
|  Other example1 : 'sess_send_hdr' = 'Cache-Control: private';
| 'sess_http_only' = FALSE; // NB!! Only set this to TRUE if your server runs PHP 5.2 or higher!
|  An HttpOnly cookie protects against XSS, the cookie cannot be accessed via javascript, supported by IE6_SP1, IE7.
|  Setting TRUE on PHP < 5.2 will make your cookies crumble!
|
*/
$config['sess_cookie_name']         = 'ci_session';
$config['sess_expiration']        = 7200;
$config['sess_encrypt_cookie']        = FALSE;
$config['sess_table_name']        = 'ci_sessions';
$config['sess_match_ip']            = FALSE;
$config['sess_match_useragent']        = TRUE;
// [OB] additional config items:
$config['sess_storage']             = 'cookie';
$config['sess_timeout']             = 0;
$config['sess_destroy_on_timeout']  = FALSE;
$config['sess_update_interval']     = 300;
$config['sess_gc_probability']      = 10;
$config['sess_http_only']           = FALSE;
$config['sess_send_hdr']            = '';

Modifications of original CI implementation

The session variable “last_visit” is removed and replaced with “session_start”

Be aware that some session data is always present in the session cookie.
* session_id
* session_start
* session_last_activity
* session_ip
* session_user_agent

Please enable cookie encryption if you do not want this info to be visible.

Discussion, Documentation and download

Please note: My host does not allow a direct download link. You will only be able to download the zip file “obsession.zip” from the home page given below.

* For general usage, please see the CI session documentation user_guide
* To view documentation online, or to download, please go to OB Session
* To discuss, post questions or bug reports please see thread
Discussion thread

Categories:

Powered By ExpressionEngine
ExpressionEngine Wiki - Version 1.2
Script Executed in 0.3410 seconds
Active Members: Alak, Alenazi, Barber of Padua, ben_rivero, brocksteady, brodkin, chuckleberry13, Crucial, Deadly, digitalbloke, Dyllon, face1m, fRkSsK, guise29, Isern Palaus, iwei, Jesse Schutt, jlrough, kirkaracha, lane4, Mariusz_O, markwyner, mark_h, mediadd, MsCamellia2010, ommy, pspvideoconverter, regfix, Rick Ellis, roj, silenz, spider pig, spmckee, stratton, The End, theprodigy, Todor, trs21219, wolfear