malhuda/CodeIgniter4
1
0
Fork 0
mirror of https://github.com/codeigniter4/CodeIgniter4.git synced 2025-02-20 11:44:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
CodeIgniter4/libraries/sessions.html
Jim Parry 7b0adb778d
Docbot synching
2019-02-01 11:17:37 -08:00

1054 lines
63 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Session Library &mdash; CodeIgniter4 4.0.0-alpha.5 documentation</title>
<link rel="shortcut icon" href="../_static/ci-icon.ico"/>
<link rel="stylesheet" href="../_static/css/citheme.css" type="text/css" />
<link rel="top" title="CodeIgniter4 4.0.0-alpha.5 documentation" href="../index.html"/>
<link rel="up" title="Library Reference" href="index.html"/>
<link rel="next" title="Throttler" href="throttler.html"/>
<link rel="prev" title="Security Class" href="security.html"/>
<script src="../_static/js/modernizr.min.js"></script>
</head>
<body class="wy-body-for-nav" role="document">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search">
<a href="../index.html" class="icon icon-home"> CodeIgniter4
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
<ul>
<li class="toctree-l1"><a class="reference internal" href="../intro/index.html">Welcome to CodeIgniter4</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../installation/index.html">Installation</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../tutorial/index.html">Tutorial</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../concepts/index.html">CodeIgniter4 Overview</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../general/index.html">General Topics</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../incoming/index.html">Controllers and Routing</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../outgoing/index.html">Building Responses</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../database/index.html">Working With Databases</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../models/index.html">Modeling Data</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../dbmgmt/index.html">Managing Databases</a></li>
</ul>
<ul class="current">
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Library Reference</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="caching.html">Caching Driver</a></li>
<li class="toctree-l2"><a class="reference internal" href="curlrequest.html">CURLRequest Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="files.html">Working with Files</a></li>
<li class="toctree-l2"><a class="reference internal" href="honeypot.html">Honeypot Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="images.html">Image Manipulation Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="pagination.html">Pagination</a></li>
<li class="toctree-l2"><a class="reference internal" href="security.html">Security Class</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">Session Library</a></li>
<li class="toctree-l2"><a class="reference internal" href="throttler.html">Throttler</a></li>
<li class="toctree-l2"><a class="reference internal" href="time.html">Dates and Times</a></li>
<li class="toctree-l2"><a class="reference internal" href="typography.html">Typography</a></li>
<li class="toctree-l2"><a class="reference internal" href="uploaded_files.html">Working with Uploaded Files</a></li>
<li class="toctree-l2"><a class="reference internal" href="uri.html">Working with URIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="user_agent.html">User Agent Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="validation.html">Validation</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../helpers/index.html">Helpers</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../testing/index.html">Testing</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../cli/index.html">Command Line Usage</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../extending/index.html">Extending CodeIgniter</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../license.html">The MIT License (MIT)</a></li>
<li class="toctree-l1"><a class="reference internal" href="../changelogs/index.html">Change Logs</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" role="navigation" aria-label="top navigation">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">CodeIgniter4</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html">Docs</a> &raquo;</li>
<li><a href="index.html">Library Reference</a> &raquo;</li>
<li>Session Library</li>
<li class="wy-breadcrumbs-aside">
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<div class="section" id="session-library">
<h1>Session Library<a class="headerlink" href="#session-library" title="Permalink to this headline"></a></h1>
<p>The Session class permits you maintain a user&#8217;s &#8220;state&#8221; and track their
activity while they browse your site.</p>
<p>CodeIgniter comes with a few session storage drivers, that you can see
in the last section of the table of contents:</p>
<div class="contents local topic" id="contents">
<ul class="simple">
<li><a class="reference internal" href="#using-the-session-class" id="id2">Using the Session Class</a><ul>
<li><a class="reference internal" href="#initializing-a-session" id="id3">Initializing a Session</a></li>
<li><a class="reference internal" href="#how-do-sessions-work" id="id4">How do Sessions work?</a></li>
<li><a class="reference internal" href="#what-is-session-data" id="id5">What is Session Data?</a></li>
<li><a class="reference internal" href="#retrieving-session-data" id="id6">Retrieving Session Data</a></li>
<li><a class="reference internal" href="#adding-session-data" id="id7">Adding Session Data</a></li>
<li><a class="reference internal" href="#pushing-new-value-to-session-data" id="id8">Pushing new value to session data</a></li>
<li><a class="reference internal" href="#removing-session-data" id="id9">Removing Session Data</a></li>
<li><a class="reference internal" href="#flashdata" id="id10">Flashdata</a></li>
<li><a class="reference internal" href="#tempdata" id="id11">Tempdata</a></li>
<li><a class="reference internal" href="#destroying-a-session" id="id12">Destroying a Session</a></li>
<li><a class="reference internal" href="#accessing-session-metadata" id="id13">Accessing session metadata</a></li>
</ul>
</li>
<li><a class="reference internal" href="#session-preferences" id="id14">Session Preferences</a></li>
<li><a class="reference internal" href="#session-drivers" id="id15">Session Drivers</a><ul>
<li><a class="reference internal" href="#filehandler-driver-the-default" id="id16">FileHandler Driver (the default)</a></li>
<li><a class="reference internal" href="#databasehandler-driver" id="id17">DatabaseHandler Driver</a></li>
<li><a class="reference internal" href="#redishandler-driver" id="id18">RedisHandler Driver</a></li>
<li><a class="reference internal" href="#memcachedhandler-driver" id="id19">MemcachedHandler Driver</a></li>
</ul>
</li>
</ul>
</div>
<div class="custom-index container"></div><div class="section" id="using-the-session-class">
<h2><a class="toc-backref" href="#id2">Using the Session Class</a><a class="headerlink" href="#using-the-session-class" title="Permalink to this headline"></a></h2>
<div class="section" id="initializing-a-session">
<h3><a class="toc-backref" href="#id3">Initializing a Session</a><a class="headerlink" href="#initializing-a-session" title="Permalink to this headline"></a></h3>
<p>Sessions will typically run globally with each page load, so the Session
class should be magically initialized.</p>
<p>To access and initialize the session:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span> <span class="o">=</span> <span class="nx">\Config\Services</span><span class="o">::</span><span class="na">session</span><span class="p">(</span><span class="nv">$config</span><span class="p">);</span>
</pre></div>
</div>
<p>The <code class="docutils literal"><span class="pre">$config</span></code> parameter is optional - your application configuration.
If not provided, the services register will instantiate your default
one.</p>
<p>Once loaded, the Sessions library object will be available using:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span>
</pre></div>
</div>
<p>Alternatively, you can use the helper function that will use the default
configuration options. This version is a little friendlier to read,
but does not take any configuration options.</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span> <span class="o">=</span> <span class="nx">session</span><span class="p">();</span>
</pre></div>
</div>
</div>
<div class="section" id="how-do-sessions-work">
<h3><a class="toc-backref" href="#id4">How do Sessions work?</a><a class="headerlink" href="#how-do-sessions-work" title="Permalink to this headline"></a></h3>
<p>When a page is loaded, the session class will check to see if a valid
session cookie is sent by the user&#8217;s browser. If a sessions cookie does
<strong>not</strong> exist (or if it doesn&#8217;t match one stored on the server or has
expired) a new session will be created and saved.</p>
<p>If a valid session does exist, its information will be updated. With each
update, the session ID may be regenerated if configured to do so.</p>
<p>It&#8217;s important for you to understand that once initialized, the Session
class runs automatically. There is nothing you need to do to cause the
above behavior to happen. You can, as you&#8217;ll see below, work with session
data, but the process of reading, writing, and updating a session is
automatic.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Under CLI, the Session library will automatically halt itself,
as this is a concept based entirely on the HTTP protocol.</p>
</div>
<div class="section" id="a-note-about-concurrency">
<h4>A note about concurrency<a class="headerlink" href="#a-note-about-concurrency" title="Permalink to this headline"></a></h4>
<p>Unless you&#8217;re developing a website with heavy AJAX usage, you can skip this
section. If you are, however, and if you&#8217;re experiencing performance
issues, then this note is exactly what you&#8217;re looking for.</p>
<p>Sessions in previous versions of CodeIgniter didn&#8217;t implement locking,
which meant that two HTTP requests using the same session could run exactly
at the same time. To use a more appropriate technical term - requests were
non-blocking.</p>
<p>However, non-blocking requests in the context of sessions also means
unsafe, because modifications to session data (or session ID regeneration)
in one request can interfere with the execution of a second, concurrent
request. This detail was at the root of many issues and the main reason why
CodeIgniter 3.0 has a completely re-written Session library.</p>
<p>Why are we telling you this? Because it is likely that after trying to
find the reason for your performance issues, you may conclude that locking
is the issue and therefore look into how to remove the locks ...</p>
<p>DO NOT DO THAT! Removing locks would be <strong>wrong</strong> and it will cause you
more problems!</p>
<p>Locking is not the issue, it is a solution. Your issue is that you still
have the session open, while you&#8217;ve already processed it and therefore no
longer need it. So, what you need is to close the session for the
current request after you no longer need it.</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">destroy</span><span class="p">();</span>
</pre></div>
</div>
</div>
</div>
<div class="section" id="what-is-session-data">
<h3><a class="toc-backref" href="#id5">What is Session Data?</a><a class="headerlink" href="#what-is-session-data" title="Permalink to this headline"></a></h3>
<p>Session data is simply an array associated with a particular session ID
(cookie).</p>
<p>If you&#8217;ve used sessions in PHP before, you should be familiar with PHP&#8217;s
<a class="reference external" href="http://php.net/manual/en/reserved.variables.session.php">$_SESSION superglobal</a>
(if not, please read the content on that link).</p>
<p>CodeIgniter gives access to its session data through the same means, as it
uses the session handlers&#8217; mechanism provided by PHP. Using session data is
as simple as manipulating (read, set and unset values) the <code class="docutils literal"><span class="pre">$_SESSION</span></code>
array.</p>
<p>In addition, CodeIgniter also provides 2 special types of session data
that are further explained below: flashdata and tempdata.</p>
</div>
<div class="section" id="retrieving-session-data">
<h3><a class="toc-backref" href="#id6">Retrieving Session Data</a><a class="headerlink" href="#retrieving-session-data" title="Permalink to this headline"></a></h3>
<p>Any piece of information from the session array is available through the
<code class="docutils literal"><span class="pre">$_SESSION</span></code> superglobal:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;item&#39;</span><span class="p">]</span>
</pre></div>
</div>
<p>Or through the conventional accessor method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">get</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>Or through the magic getter:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">item</span>
</pre></div>
</div>
<p>Or even through the session helper method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nx">session</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>Where <code class="docutils literal"><span class="pre">item</span></code> is the array key corresponding to the item you wish to fetch.
For example, to assign a previously stored &#8216;name&#8217; item to the <code class="docutils literal"><span class="pre">$name</span></code>
variable, you will do this:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$name</span> <span class="o">=</span> <span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;name&#39;</span><span class="p">];</span>
<span class="c1">// or:</span>
<span class="nv">$name</span> <span class="o">=</span> <span class="nv">$session</span><span class="o">-&gt;</span><span class="na">name</span>
<span class="c1">// or:</span>
<span class="nv">$name</span> <span class="o">=</span> <span class="nv">$session</span><span class="o">-&gt;</span><span class="na">get</span><span class="p">(</span><span class="s1">&#39;name&#39;</span><span class="p">);</span>
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">The <code class="docutils literal"><span class="pre">get()</span></code> method returns NULL if the item you are trying
to access does not exist.</p>
</div>
<p>If you want to retrieve all of the existing userdata, you can simply
omit the item key (magic getter only works for single property values):</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$_SESSION</span>
<span class="c1">// or:</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">get</span><span class="p">();</span>
</pre></div>
</div>
</div>
<div class="section" id="adding-session-data">
<h3><a class="toc-backref" href="#id7">Adding Session Data</a><a class="headerlink" href="#adding-session-data" title="Permalink to this headline"></a></h3>
<p>Let&#8217;s say a particular user logs into your site. Once authenticated, you
could add their username and e-mail address to the session, making that
data globally available to you without having to run a database query when
you need it.</p>
<p>You can simply assign data to the <code class="docutils literal"><span class="pre">$_SESSION</span></code> array, as with any other
variable. Or as a property of <code class="docutils literal"><span class="pre">$session</span></code>.</p>
<p>The former userdata method is deprecated,
but you can pass an array containing your new session data to the
<code class="docutils literal"><span class="pre">set()</span></code> method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">set</span><span class="p">(</span><span class="nv">$array</span><span class="p">);</span>
</pre></div>
</div>
<p>Where <code class="docutils literal"><span class="pre">$array</span></code> is an associative array containing your new data. Here&#8217;s
an example:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$newdata</span> <span class="o">=</span> <span class="p">[</span>
<span class="s1">&#39;username&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;johndoe&#39;</span><span class="p">,</span>
<span class="s1">&#39;email&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;johndoe@some-site.com&#39;</span><span class="p">,</span>
<span class="s1">&#39;logged_in&#39;</span> <span class="o">=&gt;</span> <span class="k">TRUE</span>
<span class="p">];</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">set</span><span class="p">(</span><span class="nv">$newdata</span><span class="p">);</span>
</pre></div>
</div>
<p>If you want to add session data one value at a time, <code class="docutils literal"><span class="pre">set()</span></code> also
supports this syntax:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">set</span><span class="p">(</span><span class="s1">&#39;some_name&#39;</span><span class="p">,</span> <span class="s1">&#39;some_value&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>If you want to verify that a session value exists, simply check with
<code class="docutils literal"><span class="pre">isset()</span></code>:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="c1">// returns FALSE if the &#39;some_name&#39; item doesn&#39;t exist or is NULL,</span>
<span class="c1">// TRUE otherwise:</span>
<span class="nb">isset</span><span class="p">(</span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;some_name&#39;</span><span class="p">])</span>
</pre></div>
</div>
<p>Or you can call <code class="docutils literal"><span class="pre">has()</span></code>:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">has</span><span class="p">(</span><span class="s1">&#39;some_name&#39;</span><span class="p">);</span>
</pre></div>
</div>
</div>
<div class="section" id="pushing-new-value-to-session-data">
<h3><a class="toc-backref" href="#id8">Pushing new value to session data</a><a class="headerlink" href="#pushing-new-value-to-session-data" title="Permalink to this headline"></a></h3>
<p>The push method is used to push a new value onto a session value that is an array.
For instance, if the &#8216;hobbies&#8217; key contains an array of hobbies, you can add a new value onto the array like so:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">push</span><span class="p">(</span><span class="s1">&#39;hobbies&#39;</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;sport&#39;</span><span class="o">=&gt;</span><span class="s1">&#39;tennis&#39;</span><span class="p">]);</span>
</pre></div>
</div>
</div>
<div class="section" id="removing-session-data">
<h3><a class="toc-backref" href="#id9">Removing Session Data</a><a class="headerlink" href="#removing-session-data" title="Permalink to this headline"></a></h3>
<p>Just as with any other variable, unsetting a value in <code class="docutils literal"><span class="pre">$_SESSION</span></code> can be
done through <code class="docutils literal"><span class="pre">unset()</span></code>:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nb">unset</span><span class="p">(</span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;some_name&#39;</span><span class="p">]);</span>
<span class="c1">// or multiple values:</span>
<span class="nb">unset</span><span class="p">(</span>
<span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;some_name&#39;</span><span class="p">],</span>
<span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;another_name&#39;</span><span class="p">]</span>
<span class="p">);</span>
</pre></div>
</div>
<p>Also, just as <code class="docutils literal"><span class="pre">set()</span></code> can be used to add information to a
session, <code class="docutils literal"><span class="pre">remove()</span></code> can be used to remove it, by passing the
session key. For example, if you wanted to remove &#8216;some_name&#8217; from your
session data array:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">remove</span><span class="p">(</span><span class="s1">&#39;some_name&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>This method also accepts an array of item keys to unset:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$array_items</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;username&#39;</span><span class="p">,</span> <span class="s1">&#39;email&#39;</span><span class="p">];</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">remove</span><span class="p">(</span><span class="nv">$array_items</span><span class="p">);</span>
</pre></div>
</div>
</div>
<div class="section" id="flashdata">
<h3><a class="toc-backref" href="#id10">Flashdata</a><a class="headerlink" href="#flashdata" title="Permalink to this headline"></a></h3>
<p>CodeIgniter supports &#8220;flashdata&#8221;, or session data that will only be
available for the next request, and is then automatically cleared.</p>
<p>This can be very useful, especially for one-time informational, error or
status messages (for example: &#8220;Record 2 deleted&#8221;).</p>
<p>It should be noted that flashdata variables are regular session variables,
managed inside the CodeIgniter session handler.</p>
<p>To mark an existing item as &#8220;flashdata&#8221;:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsFlashdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>If you want to mark multiple items as flashdata, simply pass the keys as an
array:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsFlashdata</span><span class="p">([</span><span class="s1">&#39;item&#39;</span><span class="p">,</span> <span class="s1">&#39;item2&#39;</span><span class="p">]);</span>
</pre></div>
</div>
<p>To add flashdata:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;item&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="s1">&#39;value&#39;</span><span class="p">;</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsFlashdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>Or alternatively, using the <code class="docutils literal"><span class="pre">setFlashdata()</span></code> method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">setFlashdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">,</span> <span class="s1">&#39;value&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>You can also pass an array to <code class="docutils literal"><span class="pre">setFlashdata()</span></code>, in the same manner as
<code class="docutils literal"><span class="pre">set()</span></code>.</p>
<p>Reading flashdata variables is the same as reading regular session data
through <code class="docutils literal"><span class="pre">$_SESSION</span></code>:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;item&#39;</span><span class="p">]</span>
</pre></div>
</div>
<div class="admonition important">
<p class="first admonition-title">Important</p>
<p class="last">The <code class="docutils literal"><span class="pre">get()</span></code> method WILL return flashdata items when
retrieving a single item by key. It will not return flashdata when
grabbing all userdata from the session, however.</p>
</div>
<p>However, if you want to be sure that you&#8217;re reading &#8220;flashdata&#8221; (and not
any other kind), you can also use the <code class="docutils literal"><span class="pre">getFlashdata()</span></code> method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">getFlashdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>Or to get an array with all flashdata, simply omit the key parameter:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">getFlashdata</span><span class="p">();</span>
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">The <code class="docutils literal"><span class="pre">getFlashdata()</span></code> method returns NULL if the item cannot be
found.</p>
</div>
<p>If you find that you need to preserve a flashdata variable through an
additional request, you can do so using the <code class="docutils literal"><span class="pre">keepFlashdata()</span></code> method.
You can either pass a single item or an array of flashdata items to keep.</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">keepFlashdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">keepFlashdata</span><span class="p">([</span><span class="s1">&#39;item1&#39;</span><span class="p">,</span> <span class="s1">&#39;item2&#39;</span><span class="p">,</span> <span class="s1">&#39;item3&#39;</span><span class="p">]);</span>
</pre></div>
</div>
</div>
<div class="section" id="tempdata">
<h3><a class="toc-backref" href="#id11">Tempdata</a><a class="headerlink" href="#tempdata" title="Permalink to this headline"></a></h3>
<p>CodeIgniter also supports &#8220;tempdata&#8221;, or session data with a specific
expiration time. After the value expires, or the session expires or is
deleted, the value is automatically removed.</p>
<p>Similarly to flashdata, tempdata variables are managed internally by the
CodeIgniter session handler.</p>
<p>To mark an existing item as &#8220;tempdata&#8221;, simply pass its key and expiry time
(in seconds!) to the <code class="docutils literal"><span class="pre">mark_as_temp()</span></code> method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="c1">// &#39;item&#39; will be erased after 300 seconds</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsTempdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">,</span> <span class="mi">300</span><span class="p">);</span>
</pre></div>
</div>
<p>You can mark multiple items as tempdata in two ways, depending on whether
you want them all to have the same expiry time or not:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="c1">// Both &#39;item&#39; and &#39;item2&#39; will expire after 300 seconds</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsTempdata</span><span class="p">([</span><span class="s1">&#39;item&#39;</span><span class="p">,</span> <span class="s1">&#39;item2&#39;</span><span class="p">],</span> <span class="mi">300</span><span class="p">);</span>
<span class="c1">// &#39;item&#39; will be erased after 300 seconds, while &#39;item2&#39;</span>
<span class="c1">// will do so after only 240 seconds</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsTempdata</span><span class="p">([</span>
<span class="s1">&#39;item&#39;</span> <span class="o">=&gt;</span> <span class="mi">300</span><span class="p">,</span>
<span class="s1">&#39;item2&#39;</span> <span class="o">=&gt;</span> <span class="mi">240</span>
<span class="p">]);</span>
</pre></div>
</div>
<p>To add tempdata:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;item&#39;</span><span class="p">]</span> <span class="o">=</span> <span class="s1">&#39;value&#39;</span><span class="p">;</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">markAsTempdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">,</span> <span class="mi">300</span><span class="p">);</span> <span class="c1">// Expire in 5 minutes</span>
</pre></div>
</div>
<p>Or alternatively, using the <code class="docutils literal"><span class="pre">setTempdata()</span></code> method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">setTempdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">,</span> <span class="s1">&#39;value&#39;</span><span class="p">,</span> <span class="mi">300</span><span class="p">);</span>
</pre></div>
</div>
<p>You can also pass an array to <code class="docutils literal"><span class="pre">set_tempdata()</span></code>:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$tempdata</span> <span class="o">=</span> <span class="p">[</span><span class="s1">&#39;newuser&#39;</span> <span class="o">=&gt;</span> <span class="k">TRUE</span><span class="p">,</span> <span class="s1">&#39;message&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;Thanks for joining!&#39;</span><span class="p">];</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">setTempdata</span><span class="p">(</span><span class="nv">$tempdata</span><span class="p">,</span> <span class="k">NULL</span><span class="p">,</span> <span class="nv">$expire</span><span class="p">);</span>
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">If the expiration is omitted or set to 0, the default
time-to-live value of 300 seconds (or 5 minutes) will be used.</p>
</div>
<p>To read a tempdata variable, again you can just access it through the
<code class="docutils literal"><span class="pre">$_SESSION</span></code> superglobal array:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;item&#39;</span><span class="p">]</span>
</pre></div>
</div>
<div class="admonition important">
<p class="first admonition-title">Important</p>
<p class="last">The <code class="docutils literal"><span class="pre">get()</span></code> method WILL return tempdata items when
retrieving a single item by key. It will not return tempdata when
grabbing all userdata from the session, however.</p>
</div>
<p>Or if you want to be sure that you&#8217;re reading &#8220;tempdata&#8221; (and not any
other kind), you can also use the <code class="docutils literal"><span class="pre">getTempdata()</span></code> method:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">getTempdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>And of course, if you want to retrieve all existing tempdata:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">getTempdata</span><span class="p">();</span>
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">The <code class="docutils literal"><span class="pre">getTempdata()</span></code> method returns NULL if the item cannot be
found.</p>
</div>
<p>If you need to remove a tempdata value before it expires, you can directly
unset it from the <code class="docutils literal"><span class="pre">$_SESSION</span></code> array:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nb">unset</span><span class="p">(</span><span class="nv">$_SESSION</span><span class="p">[</span><span class="s1">&#39;item&#39;</span><span class="p">]);</span>
</pre></div>
</div>
<p>However, this won&#8217;t remove the marker that makes this specific item to be
tempdata (it will be invalidated on the next HTTP request), so if you
intend to reuse that same key in the same request, you&#8217;d want to use
<code class="docutils literal"><span class="pre">removeTempdata()</span></code>:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">removeTempdata</span><span class="p">(</span><span class="s1">&#39;item&#39;</span><span class="p">);</span>
</pre></div>
</div>
</div>
<div class="section" id="destroying-a-session">
<h3><a class="toc-backref" href="#id12">Destroying a Session</a><a class="headerlink" href="#destroying-a-session" title="Permalink to this headline"></a></h3>
<p>To clear the current session (for example, during a logout), you may
simply use either PHP&#8217;s <a class="reference external" href="http://php.net/session_destroy">session_destroy()</a>
function, or the <code class="docutils literal"><span class="pre">sess_destroy()</span></code> method. Both will work in exactly the
same way:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nb">session_destroy</span><span class="p">();</span>
<span class="c1">// or</span>
<span class="nv">$session</span><span class="o">-&gt;</span><span class="na">destroy</span><span class="p">();</span>
</pre></div>
</div>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">This must be the last session-related operation that you do
during the same request. All session data (including flashdata and
tempdata) will be destroyed permanently and functions will be
unusable during the same request after you destroy the session.</p>
</div>
<p>You may also use the <code class="docutils literal"><span class="pre">stop()</span></code> method to completely kill the session
by removing the old session_id, destroying all data, and destroying
the cookie that contained the session id:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nv">$session</span><span class="o">-&gt;</span><span class="na">stop</span><span class="p">();</span>
</pre></div>
</div>
</div>
<div class="section" id="accessing-session-metadata">
<h3><a class="toc-backref" href="#id13">Accessing session metadata</a><a class="headerlink" href="#accessing-session-metadata" title="Permalink to this headline"></a></h3>
<p>In previous CodeIgniter versions, the session data array included 4 items
by default: &#8216;session_id&#8217;, &#8216;ip_address&#8217;, &#8216;user_agent&#8217;, &#8216;last_activity&#8217;.</p>
<p>This was due to the specifics of how sessions worked, but is now no longer
necessary with our new implementation. However, it may happen that your
application relied on these values, so here are alternative methods of
accessing them:</p>
<blockquote>
<div><ul class="simple">
<li>session_id: <code class="docutils literal"><span class="pre">session_id()</span></code></li>
<li>ip_address: <code class="docutils literal"><span class="pre">$_SERVER['REMOTE_ADDR']</span></code></li>
<li>user_agent: <code class="docutils literal"><span class="pre">$this-&gt;input-&gt;user_agent()</span></code> (unused by sessions)</li>
<li>last_activity: Depends on the storage, no straightforward way. Sorry!</li>
</ul>
</div></blockquote>
</div>
</div>
<div class="section" id="session-preferences">
<h2><a class="toc-backref" href="#id14">Session Preferences</a><a class="headerlink" href="#session-preferences" title="Permalink to this headline"></a></h2>
<p>CodeIgniter will usually make everything work out of the box. However,
Sessions are a very sensitive component of any application, so some
careful configuration must be done. Please take your time to consider
all of the options and their effects.</p>
<p>You&#8217;ll find the following Session related preferences in your
<strong>app/Config/App.php</strong> file:</p>
<table border="1" class="docutils">
<colgroup>
<col width="14%" />
<col width="20%" />
<col width="22%" />
<col width="44%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Preference</th>
<th class="head">Default</th>
<th class="head">Options</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><strong>sessionDriver</strong></td>
<td>CodeIgniterSessionHandlersFileHandler</td>
<td>CodeIgniterSessionHandlersFileHandler
CodeIgniterSessionHandlersDatabaseHandler
CodeIgniterSessionHandlersMemcachedHandler
CodeIgniterSessionHandlersRedisHandler</td>
<td>The session storage driver to use.</td>
</tr>
<tr class="row-odd"><td><strong>sessionCookieName</strong></td>
<td>ci_session</td>
<td>[A-Za-z_-] characters only</td>
<td>The name used for the session cookie.</td>
</tr>
<tr class="row-even"><td><strong>sessionExpiration</strong></td>
<td>7200 (2 hours)</td>
<td>Time in seconds (integer)</td>
<td>The number of seconds you would like the session to last.
If you would like a non-expiring session (until browser is closed) set the value to zero: 0</td>
</tr>
<tr class="row-odd"><td><strong>sessionSavePath</strong></td>
<td>NULL</td>
<td>None</td>
<td>Specifies the storage location, depends on the driver being used.</td>
</tr>
<tr class="row-even"><td><strong>sessionMatchIP</strong></td>
<td>FALSE</td>
<td>TRUE/FALSE (boolean)</td>
<td>Whether to validate the user&#8217;s IP address when reading the session cookie.
Note that some ISPs dynamically changes the IP, so if you want a non-expiring session you
will likely set this to FALSE.</td>
</tr>
<tr class="row-odd"><td><strong>sessionTimeToUpdate</strong></td>
<td>300</td>
<td>Time in seconds (integer)</td>
<td>This option controls how often the session class will regenerate itself and create a new
session ID. Setting it to 0 will disable session ID regeneration.</td>
</tr>
<tr class="row-even"><td><strong>sessionRegenerateDestroy</strong></td>
<td>FALSE</td>
<td>TRUE/FALSE (boolean)</td>
<td>Whether to destroy session data associated with the old session ID when auto-regenerating
the session ID. When set to FALSE, the data will be later deleted by the garbage collector.</td>
</tr>
</tbody>
</table>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">As a last resort, the Session library will try to fetch PHP&#8217;s
session related INI settings, as well as legacy CI settings such as
&#8216;sess_expire_on_close&#8217; when any of the above is not configured.
However, you should never rely on this behavior as it can cause
unexpected results or be changed in the future. Please configure
everything properly.</p>
</div>
<p>In addition to the values above, the cookie and native drivers apply the
following configuration values shared by the <a class="reference internal" href="../incoming/incomingrequest.html"><span class="doc">IncomingRequest</span></a> and
<a class="reference internal" href="security.html"><span class="doc">Security</span></a> classes:</p>
<table border="1" class="docutils">
<colgroup>
<col width="17%" />
<col width="14%" />
<col width="69%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Preference</th>
<th class="head">Default</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><strong>cookieDomain</strong></td>
<td>&#8216;&#8217;</td>
<td>The domain for which the session is applicable</td>
</tr>
<tr class="row-odd"><td><strong>cookiePath</strong></td>
<td>/</td>
<td>The path to which the session is applicable</td>
</tr>
<tr class="row-even"><td><strong>cookieSecure</strong></td>
<td>FALSE</td>
<td>Whether to create the session cookie only on encrypted (HTTPS) connections</td>
</tr>
</tbody>
</table>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">The &#8216;cookieHTTPOnly&#8217; setting doesn&#8217;t have an effect on sessions.
Instead the HttpOnly parameter is always enabled, for security
reasons. Additionally, the &#8216;cookiePrefix&#8217; setting is completely
ignored.</p>
</div>
</div>
<div class="section" id="session-drivers">
<h2><a class="toc-backref" href="#id15">Session Drivers</a><a class="headerlink" href="#session-drivers" title="Permalink to this headline"></a></h2>
<p>As already mentioned, the Session library comes with 4 handlers, or storage
engines, that you can use:</p>
<blockquote>
<div><ul class="simple">
<li>CodeIgniterSessionHandlersFileHandler</li>
<li>CodeIgniterSessionHandlersDatabaseHandler</li>
<li>CodeIgniterSessionHandlersMemcachedHandler</li>
<li>CodeIgniterSessionHandlersRedisHandler</li>
</ul>
</div></blockquote>
<p>By default, the <code class="docutils literal"><span class="pre">FileHandler</span></code> Driver will be used when a session is initialized,
because it is the most safe choice and is expected to work everywhere
(virtually every environment has a file system).</p>
<p>However, any other driver may be selected via the <code class="docutils literal"><span class="pre">public</span> <span class="pre">$sessionDriver</span></code>
line in your <strong>app/Config/App.php</strong> file, if you chose to do so.
Have it in mind though, every driver has different caveats, so be sure to
get yourself familiar with them (below) before you make that choice.</p>
<div class="section" id="filehandler-driver-the-default">
<h3><a class="toc-backref" href="#id16">FileHandler Driver (the default)</a><a class="headerlink" href="#filehandler-driver-the-default" title="Permalink to this headline"></a></h3>
<p>The &#8216;FileHandler&#8217; driver uses your file system for storing session data.</p>
<p>It can safely be said that it works exactly like PHP&#8217;s own default session
implementation, but in case this is an important detail for you, have it
mind that it is in fact not the same code and it has some limitations
(and advantages).</p>
<p>To be more specific, it doesn&#8217;t support PHP&#8217;s <a class="reference external" href="http://php.net/manual/en/session.configuration.php#ini.session.save-path">directory level and mode
formats used in session.save_path</a>,
and it has most of the options hard-coded for safety. Instead, only
absolute paths are supported for <code class="docutils literal"><span class="pre">public</span> <span class="pre">$sessionSavePath</span></code>.</p>
<p>Another important thing that you should know, is to make sure that you
don&#8217;t use a publicly-readable or shared directory for storing your session
files. Make sure that <em>only you</em> have access to see the contents of your
chosen <em>sessionSavePath</em> directory. Otherwise, anybody who can do that, can
also steal any of the current sessions (also known as &#8220;session fixation&#8221;
attack).</p>
<p>On UNIX-like operating systems, this is usually achieved by setting the
0700 mode permissions on that directory via the <cite>chmod</cite> command, which
allows only the directory&#8217;s owner to perform read and write operations on
it. But be careful because the system user <em>running</em> the script is usually
not your own, but something like &#8216;www-data&#8217; instead, so only setting those
permissions will probable break your application.</p>
<p>Instead, you should do something like this, depending on your environment</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nb">mkdir</span> <span class="o">/&lt;</span><span class="nx">path</span> <span class="nx">to</span> <span class="nx">your</span> <span class="nx">application</span> <span class="nx">directory</span><span class="o">&gt;/</span><span class="nx">Writable</span><span class="o">/</span><span class="nx">sessions</span><span class="o">/</span>
<span class="nb">chmod</span> <span class="mo">0700</span> <span class="o">/&lt;</span><span class="nx">path</span> <span class="nx">to</span> <span class="nx">your</span> <span class="nx">application</span> <span class="nx">directory</span><span class="o">&gt;/</span><span class="nx">Writable</span><span class="o">/</span><span class="nx">sessions</span><span class="o">/</span>
<span class="nb">chown</span> <span class="nx">www</span><span class="o">-</span><span class="nx">data</span> <span class="o">/&lt;</span><span class="nx">path</span> <span class="nx">to</span> <span class="nx">your</span> <span class="nx">application</span> <span class="nx">directory</span><span class="o">&gt;/</span><span class="nx">Writable</span><span class="o">/</span><span class="nx">sessions</span><span class="o">/</span>
</pre></div>
</div>
<div class="section" id="bonus-tip">
<h4>Bonus Tip<a class="headerlink" href="#bonus-tip" title="Permalink to this headline"></a></h4>
<p>Some of you will probably opt to choose another session driver because
file storage is usually slower. This is only half true.</p>
<p>A very basic test will probably trick you into believing that an SQL
database is faster, but in 99% of the cases, this is only true while you
only have a few current sessions. As the sessions count and server loads
increase - which is the time when it matters - the file system will
consistently outperform almost all relational database setups.</p>
<p>In addition, if performance is your only concern, you may want to look
into using <a class="reference external" href="http://eddmann.com/posts/storing-php-sessions-file-caches-in-memory-using-tmpfs/">tmpfs</a>,
(warning: external resource), which can make your sessions blazing fast.</p>
</div>
</div>
<div class="section" id="databasehandler-driver">
<h3><a class="toc-backref" href="#id17">DatabaseHandler Driver</a><a class="headerlink" href="#databasehandler-driver" title="Permalink to this headline"></a></h3>
<p>The &#8216;DatabaseHandler&#8217; driver uses a relational database such as MySQL or
PostgreSQL to store sessions. This is a popular choice among many users,
because it allows the developer easy access to the session data within
an application - it is just another table in your database.</p>
<p>However, there are some conditions that must be met:</p>
<blockquote>
<div><ul class="simple">
<li>You can NOT use a persistent connection.</li>
<li>You can NOT use a connection with the <em>cacheOn</em> setting enabled.</li>
</ul>
</div></blockquote>
<p>In order to use the &#8216;DatabaseHandler&#8217; session driver, you must also create this
table that we already mentioned and then set it as your
<code class="docutils literal"><span class="pre">$sessionSavePath</span></code> value.
For example, if you would like to use &#8216;ci_sessions&#8217; as your table name,
you would do this:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="k">public</span> <span class="nv">$sessionDriver</span> <span class="o">=</span> <span class="s1">&#39;CodeIgniter\Session\Handlers\DatabaseHandler&#39;</span><span class="p">;</span>
<span class="k">public</span> <span class="nv">$sessionSavePath</span> <span class="o">=</span> <span class="s1">&#39;ci_sessions&#39;</span><span class="p">;</span>
</pre></div>
</div>
<p>And then of course, create the database table ...</p>
<p>For MySQL:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nx">CREATE</span> <span class="nx">TABLE</span> <span class="k">IF</span> <span class="k">NOT</span> <span class="nx">EXISTS</span> <span class="sb">`ci_sessions`</span> <span class="p">(</span>
<span class="sb">`id`</span> <span class="nx">varchar</span><span class="p">(</span><span class="mi">128</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="sb">`ip_address`</span> <span class="nx">varchar</span><span class="p">(</span><span class="mi">45</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="sb">`timestamp`</span> <span class="nx">int</span><span class="p">(</span><span class="mi">10</span><span class="p">)</span> <span class="nx">unsigned</span> <span class="k">DEFAULT</span> <span class="mi">0</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="sb">`data`</span> <span class="nx">blob</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="nx">KEY</span> <span class="sb">`ci_sessions_timestamp`</span> <span class="p">(</span><span class="sb">`timestamp`</span><span class="p">)</span>
<span class="p">);</span>
</pre></div>
</div>
<p>For PostgreSQL:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="nx">CREATE</span> <span class="nx">TABLE</span> <span class="s2">&quot;ci_sessions&quot;</span> <span class="p">(</span>
<span class="s2">&quot;id&quot;</span> <span class="nx">varchar</span><span class="p">(</span><span class="mi">128</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="s2">&quot;ip_address&quot;</span> <span class="nx">varchar</span><span class="p">(</span><span class="mi">45</span><span class="p">)</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="s2">&quot;timestamp&quot;</span> <span class="nx">bigint</span> <span class="k">DEFAULT</span> <span class="mi">0</span> <span class="k">NOT</span> <span class="k">NULL</span><span class="p">,</span>
<span class="s2">&quot;data&quot;</span> <span class="nx">text</span> <span class="k">DEFAULT</span> <span class="s1">&#39;&#39;</span> <span class="k">NOT</span> <span class="k">NULL</span>
<span class="p">);</span>
<span class="nx">CREATE</span> <span class="nx">INDEX</span> <span class="s2">&quot;ci_sessions_timestamp&quot;</span> <span class="nx">ON</span> <span class="s2">&quot;ci_sessions&quot;</span> <span class="p">(</span><span class="s2">&quot;timestamp&quot;</span><span class="p">);</span>
</pre></div>
</div>
<p>You will also need to add a PRIMARY KEY <strong>depending on your &#8216;sessionMatchIP&#8217;
setting</strong>. The examples below work both on MySQL and PostgreSQL:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="c1">// When sessionMatchIP = TRUE</span>
<span class="nx">ALTER</span> <span class="nx">TABLE</span> <span class="nx">ci_sessions</span> <span class="nx">ADD</span> <span class="nx">PRIMARY</span> <span class="nx">KEY</span> <span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">ip_address</span><span class="p">);</span>
<span class="c1">// When sessionMatchIP = FALSE</span>
<span class="nx">ALTER</span> <span class="nx">TABLE</span> <span class="nx">ci_sessions</span> <span class="nx">ADD</span> <span class="nx">PRIMARY</span> <span class="nx">KEY</span> <span class="p">(</span><span class="nx">id</span><span class="p">);</span>
<span class="c1">// To drop a previously created primary key (use when changing the setting)</span>
<span class="nx">ALTER</span> <span class="nx">TABLE</span> <span class="nx">ci_sessions</span> <span class="nx">DROP</span> <span class="nx">PRIMARY</span> <span class="nx">KEY</span><span class="p">;</span>
</pre></div>
</div>
<p>You can choose the Database group to use by adding a new line to the
<strong>applicationConfigApp.php</strong> file with the name of the group to use:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="k">public</span> <span class="nv">$sessionDBGroup</span> <span class="o">=</span> <span class="s1">&#39;groupName&#39;</span><span class="p">;</span>
</pre></div>
</div>
<p>If you&#8217;d rather not do all of this by hand, you can use the <code class="docutils literal"><span class="pre">session:migration</span></code> command
from the cli to generate a migration file for you:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="o">&gt;</span> <span class="nx">php</span> <span class="nx">spark</span> <span class="nx">session</span><span class="o">:</span><span class="nx">migration</span>
<span class="o">&gt;</span> <span class="nx">php</span> <span class="nx">spark</span> <span class="nx">migrate</span>
</pre></div>
</div>
<p>This command will take the <strong>sessionSavePath</strong> and <strong>sessionMatchIP</strong> settings into account
when it generates the code.</p>
<div class="admonition important">
<p class="first admonition-title">Important</p>
<p class="last">Only MySQL and PostgreSQL databases are officially
supported, due to lack of advisory locking mechanisms on other
platforms. Using sessions without locks can cause all sorts of
problems, especially with heavy usage of AJAX, and we will not
support such cases. Use <code class="docutils literal"><span class="pre">session_write_close()</span></code> after you&#8217;ve
done processing session data if you&#8217;re having performance
issues.</p>
</div>
</div>
<div class="section" id="redishandler-driver">
<h3><a class="toc-backref" href="#id18">RedisHandler Driver</a><a class="headerlink" href="#redishandler-driver" title="Permalink to this headline"></a></h3>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Since Redis doesn&#8217;t have a locking mechanism exposed, locks for
this driver are emulated by a separate value that is kept for up
to 300 seconds.</p>
</div>
<p>Redis is a storage engine typically used for caching and popular because
of its high performance, which is also probably your reason to use the
&#8216;RedisHandler&#8217; session driver.</p>
<p>The downside is that it is not as ubiquitous as relational databases and
requires the <a class="reference external" href="https://github.com/phpredis/phpredis">phpredis</a> PHP
extension to be installed on your system, and that one doesn&#8217;t come
bundled with PHP.
Chances are, you&#8217;re only be using the RedisHandler driver only if you&#8217;re already
both familiar with Redis and using it for other purposes.</p>
<p>Just as with the &#8216;FileHandler&#8217; and &#8216;DatabaseHandler&#8217; drivers, you must also configure
the storage location for your sessions via the
<code class="docutils literal"><span class="pre">$sessionSavePath</span></code> setting.
The format here is a bit different and complicated at the same time. It is
best explained by the <em>phpredis</em> extension&#8217;s README file, so we&#8217;ll simply
link you to it:</p>
<blockquote>
<div><a class="reference external" href="https://github.com/phpredis/phpredis#php-session-handler">https://github.com/phpredis/phpredis#php-session-handler</a></div></blockquote>
<div class="admonition warning">
<p class="first admonition-title">Warning</p>
<p class="last">CodeIgniter&#8217;s Session library does NOT use the actual &#8216;redis&#8217;
<code class="docutils literal"><span class="pre">session.save_handler</span></code>. Take note <strong>only</strong> of the path format in
the link above.</p>
</div>
<p>For the most common case however, a simple <code class="docutils literal"><span class="pre">host:port</span></code> pair should be
sufficient:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="k">public</span> <span class="nv">$sessionDiver</span> <span class="o">=</span> <span class="s1">&#39;CodeIgniter\Session\Handlers\RedisHandler&#39;</span><span class="p">;</span>
<span class="k">public</span> <span class="nv">$sessionSavePath</span> <span class="o">=</span> <span class="s1">&#39;tcp://localhost:6379&#39;</span><span class="p">;</span>
</pre></div>
</div>
</div>
<div class="section" id="memcachedhandler-driver">
<h3><a class="toc-backref" href="#id19">MemcachedHandler Driver</a><a class="headerlink" href="#memcachedhandler-driver" title="Permalink to this headline"></a></h3>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Since Memcached doesn&#8217;t have a locking mechanism exposed, locks
for this driver are emulated by a separate value that is kept for
up to 300 seconds.</p>
</div>
<p>The &#8216;MemcachedHandler&#8217; driver is very similar to the &#8216;RedisHandler&#8217; one in all of its
properties, except perhaps for availability, because PHP&#8217;s <a class="reference external" href="http://php.net/memcached">Memcached</a> extension is distributed via PECL and some
Linux distributions make it available as an easy to install package.</p>
<p>Other than that, and without any intentional bias towards Redis, there&#8217;s
not much different to be said about Memcached - it is also a popular
product that is usually used for caching and famed for its speed.</p>
<p>However, it is worth noting that the only guarantee given by Memcached
is that setting value X to expire after Y seconds will result in it being
deleted after Y seconds have passed (but not necessarily that it won&#8217;t
expire earlier than that time). This happens very rarely, but should be
considered as it may result in loss of sessions.</p>
<p>The <code class="docutils literal"><span class="pre">$sessionSavePath</span></code> format is fairly straightforward here,
being just a <code class="docutils literal"><span class="pre">host:port</span></code> pair:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="k">public</span> <span class="nv">$sessionDriver</span> <span class="o">=</span> <span class="s1">&#39;CodeIgniter\Session\Handlers\MemcachedHandler&#39;</span><span class="p">;</span>
<span class="k">public</span> <span class="nv">$sessionSavePath</span> <span class="o">=</span> <span class="s1">&#39;localhost:11211&#39;</span><span class="p">;</span>
</pre></div>
</div>
<div class="section" id="id1">
<h4>Bonus Tip<a class="headerlink" href="#id1" title="Permalink to this headline"></a></h4>
<p>Multi-server configuration with an optional <em>weight</em> parameter as the
third colon-separated (<code class="docutils literal"><span class="pre">:weight</span></code>) value is also supported, but we have
to note that we haven&#8217;t tested if that is reliable.</p>
<p>If you want to experiment with this feature (on your own risk), simply
separate the multiple server paths with commas:</p>
<div class="highlight-ci"><div class="highlight"><pre><span></span><span class="c1">// localhost will be given higher priority (5) here,</span>
<span class="c1">// compared to 192.0.2.1 with a weight of 1.</span>
<span class="k">public</span> <span class="nv">$sessionSavePath</span> <span class="o">=</span> <span class="s1">&#39;localhost:11211:5,192.0.2.1:11211:1&#39;</span><span class="p">;</span>
</pre></div>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="articleComments">
</div>
</div>
<footer>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="throttler.html" class="btn btn-neutral float-right" title="Throttler" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="security.html" class="btn btn-neutral" title="Security Class" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<hr/>
<div role="contentinfo">
<p>
&copy; Copyright 2014-2019 British Columbia Institute of Technology.
Last updated on Feb 01, 2019.
</p>
</div>
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT:'../',
VERSION:'4.0.0-alpha.5',
COLLAPSE_INDEX:false,
FILE_SUFFIX:'.html',
HAS_SOURCE: false,
SOURCELINK_SUFFIX: ''
};
</script>
<script type="text/javascript" src="../_static/jquery.js"></script>
<script type="text/javascript" src="../_static/underscore.js"></script>
<script type="text/javascript" src="../_static/doctools.js"></script>
<script type="text/javascript" src="../_static/js/theme.js"></script>
<script type="text/javascript">
jQuery(function () {
SphinxRtdTheme.StickyNav.enable();
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink