PHP Classes

ATK4 Session: Store and retrieve PHP session data in a database

Recommend this page to a friend!
  Info   Documentation   View files Files   Install with Composer Install with Composer   Download Download   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
Not yet rated by the usersTotal: 96 This week: 1All time: 9,858 This week: 36Up
Version License PHP version Categories
atk4-session 1.0.0MIT/X Consortium ...5PHP 5, User Management
Description 

Author

This package can be used to store and retrieve PHP session data in a database.

It provides a replacement for the PHP default session handler, so session data for each user that accesses a application handled by scripts that use PHP sessions.

The package can connect to a given database server, create the necessary database table to store session data, as well override some PHP session configuration options like the time to expire sessions and remove expired sessions.

Picture of Francesco Danti
  Performance   Level  
Name: Francesco Danti <contact>
Classes: 7 packages by
Country: Italy Italy
Age: 46
All time rank: 3463136 in Italy Italy
Week rank: 44 Up2 in Italy Italy Up
Innovation award
Innovation award
Nominee: 2x

Documentation

atk4-session

Codacy Badge

Session handler for atk4\data\Persistence (@see https://github.com/atk4/data)

initialize without atk4\ui


// autoload
include '../vendor/autoload.php';

// create pesistence
$db = \atk4\data\Persistence::connect('mysql://root:password@localhost/atk4');

// init session handler
new \atk4\ATK4DBSession\SessionHandler($p);

initialize with atk4\ui in App::init method

$this->add(new AppSessionHandler());

Create session table using atk4\schema

(new \atk4\schema\Migration\MySQL(new \atk4\ATK4DBSession\SessionModel($p)))->migrate();

OR

Create session table with SQL query

CREATE TABLE `session` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `session_id` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
  `data` text COLLATE utf8_unicode_ci,
  `created_on` timestamp NULL DEFAULT NULL,
  `updated_on` timestamp NULL DEFAULT NULL,
  PRIMARY KEY (`id`),
  KEY `session_id` (`session_id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci

Constructor of SessionHandler

/
 * SessionHandler constructor.
 *
 * @param \atk4\data\Persistence    $p                      atk4 data persistence 
 * @param int                       $gc_maxlifetime         seconds until session expire
 * @param float                     $gc_probability         probability of gc for expired sessions 
 * @param array                     $php_session_options    options for session_start
 */
public function __construct($p, $gc_maxlifetime = null, $gc_probability = null, $php_session_options = [])

$gc_maxlifetime

max session lifetime before eligible to gc, default value is set to 60 * 60 secods = 1 hour

$gc_probability

percentage of probability of gc expired sessions, default is set to 1/1000 request. You have to consider few things for tweaking this value, because it must be sized to your project

if you use InnoDB deletes are slow and if set it low too many calls will have a little delay, if you set too high few calls will have a huge delay.

Considering disable it setting this value to false and use an alternative method like cronJob with frequency /2 * that calls code like example : demos/cronjob.php

Why i need to replace the default PHP Session Handler with this?

Because of file locking ( here a good article about the argument link)

Every call that use sessions read a file and set a lock on it until release or output, to prevent race conditions.

It's clearly a shame to have file locking on things that are usually static, like nowadays sessions.

Using an alternative you'll have for sure race conditions, BUT what race condition can be if you, usually, have only an ID in $_SESSION and that is nearly immutable from login to logout.

SessionHandler will substitute SessionHandler class in PHP and will store session data in database using atk4\data instead of using files.

In atk4\ui where async calls are massively used, this problem is much more evident.

You can add it without breaking your project, it already works, but is still in development and need a strong review for security issue.


  Files folder image Files (20)  
File Role Description
Files folder imagedemos (2 files)
Files folder imagesrc (3 files)
Files folder imagetests (3 files, 1 directory)
Accessible without login Plain text file .codeclimate.yml Data Auxiliary data
Accessible without login Plain text file .php_cs.dist Example Example script
Accessible without login Plain text file .styleci.yml Data Auxiliary data
Accessible without login Plain text file .travis.yml Data Auxiliary data
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file phpunit.xml Data Auxiliary data
Accessible without login Plain text file README.md Doc. Documentation
Accessible without login Plain text file renovate.json Data Auxiliary data

  Files folder image Files (20)  /  demos  
File Role Description
  Accessible without login Plain text file cronjob.php Example Example script
  Accessible without login Plain text file test.php Example Example script

  Files folder image Files (20)  /  src  
File Role Description
  Plain text file AppSessionHandler.php Class Class source
  Plain text file SessionHandler.php Class Class source
  Plain text file SessionModel.php Class Class source

  Files folder image Files (20)  /  tests  
File Role Description
Files folder imageSessionTraits (3 files)
  Plain text file SessionHandlerCallTracer.php Class Class source
  Plain text file SessionHandlerTest.php Class Class source
  Accessible without login Plain text file webserver.php Example Example script

  Files folder image Files (20)  /  tests  /  SessionTraits  
File Role Description
  Plain text file traitBackgroundProcess.php Class Class source
  Plain text file traitNeededFiles.php Class Class source
  Plain text file traitPhpServerProcess.php Class Class source

The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page.
Install with Composer Install with Composer
 Version Control Unique User Downloads Download Rankings  
 100%
Total:96
This week:1
All time:9,858
This week:36Up