CookieStore
class CookieStore extends BaseStore (View source)
A session store which stores the session data in an encrypted & signed cookie.
This way the server doesn't need to open a database connection or have a shared filesystem for reading the session from - the client passes through the session with every request.
This approach does have some limitations - cookies can only be quite small (4K total, but we limit to 1K) and can only be set before the server starts sending a response.
So we clear the cookie on Session startup (which should always be before the headers get sent), but just fail on Session write if we can't use cookies, assuming there's something watching for that & providing a fallback
Traits
Provides extensions to this object to integrate it with standard config API methods.
Config options
| max_length | int | Maximum length of a cookie value in characters |
Properties
| protected | string | $key | Session secret key |
from BaseStore |
| protected | HybridSessionStore_Crypto | $crypto | Encryption service |
|
| protected | string | $cookie | Name of cookie |
|
| protected | string | $currentCookieData | Known unmodified value of this cookie. If the cookie backend has been read into the application, then the backend is unable to verify the modification state of this value internally within the system, so this will be left null unless written back. |
Methods
Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).
Gets the uninherited value for the given config option
Get the cryptography store for the specified session
Details
static Config_ForClass
config()
Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).
mixed
stat(string $name)
deprecated
deprecated
Get inherited config value
mixed
uninherited(string $name)
Gets the uninherited value for the given config option
$this
set_stat(string $name, mixed $value)
deprecated
deprecated
Update the config value for a given property
setKey(string $key)
Assign a new session secret key
protected string
getKey()
Get the session secret key
protected int
getLifetime()
Get lifetime in number of seconds
protected int
getNow()
Gets the current unix timestamp
open($save_path, $name)
No description
close()
No description
protected HybridSessionStore_Crypto
getCrypto(string $session_id)
Get the cryptography store for the specified session
read($session_id)
No description
protected bool
canWrite()
Determine if the session could be verifably written to cookie storage
write($session_id, $session_data)
No description
destroy($session_id)
No description
gc($maxlifetime)
No description