pitoncms/session 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

pitoncms/session

Composer 安装命令:

composer require pitoncms/session

包简介

Manage HTTP session state without native PHP sessions

README 文档

README

This class maintains session state across page views. A hashed, salted session key is set in a cookie which is the key to the session record in a MySQL table. The session key is regenerated every 5 minutes or as set in the configuation array. No information, other than the key, is stored client side. All user session information is kept server side in your database.

When the session starts the session handler looks for a session record matching the cookie key, and if found then runs optional checks to validate the session. If any of the checks fail, or if the session has timed out, the session is destoyed and a new session is started.

Session data can be set and retrieved at any time as either a key-value pair, or an array of key-value pairs. Flash data is also supported, which only persists until the next request.

Installation

You can use Composer to install the session handler or just download the files to your project.

Using Composer

Either require the project in composer,

composer require pitoncms/session

or modify your composer.json project file to require this package and run an update or install.

"require": {
  "pitoncms/session": "^3.0.0"
}

This will download the files and register the class with the composer autoloader.

Or Just the Files, Please

If you do not use Composer, download this project and unzip. The only file you need is src/SessionHandler.php. Place that file in your project and be sure to include it in your startup script.

Create the Table

You will need to create the session table in your MySQL database using the SessionTable.sql script. You can change the table name in the script if desired, but you will need to provide the table name as a configuration item for tableName.

Usage

To use the session handler create a new instance of Piton\Session\SessionHandler passing in a PDO database connection, a configuration array, and an optional logger that implements the Psr\Log\LoggerInterface.

PDO Connection

Define a new PDO connection and pass it in as the first argument of the constructor.

$dsn = 'mysql:host=' . HOST . ';dbname=' . DBNAME;
$dbh = new PDO($dsn, USERNAME, PASSWORD, DB_OPTIONS);

Define Configuruation

Define a configuration array and only include the options you wish to change. The only required configuration option is your application's encryption key. Use a long, random string and do not share it.

Options

Option Default Description
cookieName 'sessionCookie' Your session cookie name.
domain '' Your primary domain name. If not provided the browser will set
tableName 'session' Name of the MySQL table that stores your sessions.
secondsUntilExpiration 7200 How long before the session expires in seconds.
renewalTime 300 How long before the session key is regenerated in seconds.
expireOnClose false Whether or not to destroy the session when the browser closes, true or false.
checkIpAddress false Whether or not to match the IP address to the stored session, true or false.
checkUserAgent false Whether or not to match the User Agent to the stored session, true or false.
secureCookie false Whether or not to set cookie when on an HTTPS connection, true or false.
salt none Your custom encryption key. Any long (16+ characters) string of characters.
autoRunSession true Whether to run the session automatically, or only needed.
$config['salt'] = 'akjfao8ygoa8hba9707lakusdof87'; // Use your own salt, not this one!
$config['secondsUntilExpiration'] = 1800; // 30 minutes. Can also use 60*60*24 to specify 1 day

// Other configuration options ...

Creating a Session

Create a new session as part of your application flow.

$Session = new Piton\Session\SessionHandler($dbh, $config, $logger);

The session runs immediately if autoRunSession is set to true (which is the default) and checks for a valid session, regenerates the session key if necessary, and loads any existing session data for immediate retrieval. Create the session object once, or simply add it to your Dependency Injection Container as a singleton.

When the session runs, it queries the database. If you need to make the session class available but do not need to immediately run the session you can set autoRunSession to false in the configuration. Then when you are ready to run a session call the run() method.

$Session->run();

Save Session Data

Once the session is running, you can add or update session data by passing in key-value pairs or an array of key-value pairs using the setData() method. The value can be any type as long as it is serializable to JSON.

// Save simple key-value pair
$Session->setData('lupine', 'wolf');

// Save array of key-value pairs
$sessionData = array(
  'feline' => 'cat',
  'canine' => 'dog',
  'lastModified' => 1422592486
);
$Session->setData($sessionData);

Supplying the same key will overwrite any prior value saved in session.

Get Session Data

To get session data pass in the item key to getData(). The method returns null if no key was found. To get all session data simply do not provide an argument.

// Get one session item
$value = $Session->getData('keyName');

// Get all session items
$values = $Session->getData();

Save Flash Data

Flash data will only stay until the next request, after which it is removed automatically.

You can add flash data by passing in a string, a key-value pair, or an array of key-value pairs using the setFlashData() method. The value can be any type as long as it is serializable to JSON.

// Save simple key-value pair
$Session->setFlashData('Something went wrong!');
$Session->setFlashData('alert', 'Something went very wrong!');

Get Flash Data

To get flash data pass in the item key to getFlashData(). The method returns null if no key was found. To get all flash data simply do not provide an argument. Flash data is automatically removed on the next request, so there's no need to explicitly unset flash data.

// Get one flash item
$value = $Session->getFlashData('alert');

// Get all flash items
$values = $Session->getFlashData();

Unset Session Data

You can delete a session item by passing in the item key to unsetData(), or delete all session data by not providing an argument.

// Delete one session item
$Session->unsetData('keyName');

// Delete all session data
$Session->unsetData();

Delete a Session

Any session that does not pass validation will be destoyed automatically. But, if you want to delete the current session call the destroy() method.

$Session->destroy();

WARNING

Use this session class at your own risk. Read the code, and understand what it does if you intend on using this for for anything secure. We make no warranty if something goes wonky.

pitoncms/session 适用场景与选型建议

pitoncms/session 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 326 次下载、GitHub Stars 达 1, 最近一次更新时间为 2018 年 12 月 21 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「session」 「sessions」 「piton」 「pitoncms」 「session state」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 pitoncms/session 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 pitoncms/session 我们能提供哪些服务?
定制开发 / 二次开发

基于 pitoncms/session 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 326
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 12
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 2
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: AGPL-3.0-or-later
  • 更新时间: 2018-12-21