1. class
  2. SilverStripe
  3. \
  4. Control
  5. \
  6. SessionHandler
  7. \
  8. DatabaseSessionHandler

DatabaseSessionHandler

class DatabaseSessionHandler extends AbstractSessionHandler (View source)

Session save handler that stores session data in the database.

Traits

Configurable

Provides extensions to this object to integrate it with standard config API methods.

Config options

table_name string

Properties

Methods

protected
int
getLifetime()

Get the session lifetime in seconds.

from  AbstractSessionHandler
protected
void
checkSessionID(string $id)

Check the PHP session ID i.e. PHPSESSID is valid against the default PHP session ID format.

from  AbstractSessionHandler
public static 
Config_ForClass
config()

Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).

from  Configurable
public
mixed
uninherited(string $name)

Gets the uninherited value for the given config option

from  Configurable
public
bool
open(string $path, string $name)

No description

public
bool
close()

No description

public
bool
destroy(string $id)

No description

public
int|false
gc(int $max_lifetime)

No description

public
string|false
read(string $id)

No description

public
bool
write(string $id, string $data)

No description

public
bool
validateId(string $id)

No description

public
bool
updateTimestamp(string $id, string $data)

No description

public
void
requireTable()

Add the database table. This is called by an extension when building the db.

Details

in AbstractSessionHandler at line 17
protected int getLifetime()

Get the session lifetime in seconds.

Returns the cookie lifetime if it's non-zero, otherwise returns the garbage collection lifetime.

Return Value

int

in AbstractSessionHandler at line 34
protected void checkSessionID(string $id)

Check the PHP session ID i.e. PHPSESSID is valid against the default PHP session ID format.

This is a security measure to prevent people from injecting invalid session IDs in the request.

This only needs to be called on read() We do not need to call this on write(), destroy(), updateTimestamp(), or validateId() as those methods are only called for session IDs that have already been accepted by PHP.

Parameters

string $id

Return Value

void

in Configurable at line 18
static Config_ForClass config()

Get a configuration accessor for this class. Short hand for Config::inst()->get($this->class, .....).

Return Value

Config_ForClass

in Configurable at line 29
mixed uninherited(string $name)

Gets the uninherited value for the given config option

Parameters

string $name

Return Value

mixed

at line 28
bool open(string $path, string $name)

No description

Parameters

string $path
string $name

Return Value

bool

at line 34
bool close()

No description

Return Value

bool

at line 44
bool destroy(string $id)

No description

Parameters

string $id

Return Value

bool

at line 64
int|false gc(int $max_lifetime)

No description

Parameters

int $max_lifetime

Return Value

int|false

at line 82
string|false read(string $id)

No description

Parameters

string $id

Return Value

string|false

at line 102
bool write(string $id, string $data)

No description

Parameters

string $id
string $data

Return Value

bool

at line 128
bool validateId(string $id)

No description

Parameters

string $id

Return Value

bool

at line 141
bool updateTimestamp(string $id, string $data)

No description

Parameters

string $id
string $data

Return Value

bool

at line 156
void requireTable()

Add the database table. This is called by an extension when building the db.

Note that we don't just use a DataObject because:

  1. We don't want things like versioning, fluent, etc to ever be able to affect sessions
  2. We don't want developers to be affecting db operations via hooks (interact with sessions with the Session class)
  3. We don't want sessions to be used in any other ways that DataObjects are often
  4. We only want to build the table if this is the configured save handler

Return Value

void