PHP Classes

Stackable PHP Session Handler: Store session data with multiple session handlers

Recommend this page to a friend!
  Info   View files Example   View files View files (17)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
Not enough user ratingsTotal: 281 All time: 7,603 This week: 660Up
Version License PHP version Categories
stacksess 1.0GNU Lesser Genera...5.0PHP 5, User Management
Description 

Author

This package can store session data with multiple session handlers.

It provides multiple session handlers that can be chained and provide multiple features to the way your PHP sessions are stored.

Currently it provides session handlers that can:

- Encrypt session data
- Write session data without blocking sessions
- Perform security check with session data
- Minimize session data writes

The base class also provide for debugging and logging session accesses.

Innovation Award
PHP Programming Innovation award nominee
November 2015
Number 6


Prize: One year server license IP to country, region, city, latitude, longitude, ZIP code, time zone, area code database
PHP provides means to override the default method for storing and retrieving session data, which uses local server files. This way you can build a session handler that suites better your application needs.

This package provides a solution that lets you compose the features that your application needs to store session data.

You can chain multiple session handlers that provide useful features like encryption, security, optimized session writes, etc..

Manuel Lemos
Picture of Colin McKinnon
  Performance   Level  
Name: Colin McKinnon <contact>
Classes: 5 packages by
Country: United Kingdom
Age: ???
All time rank: 144867 in United Kingdom
Week rank: 286 Up12 in United Kingdom Up
Innovation award
Innovation award
Nominee: 4x

Recommendations

What is the best PHP secure session database class?
Store and retrieve data Session Encryption

Example

<?php
require_once('utils.inc.php');
require_once(
'../handlers/stackSess.inc.php');
require_once(
'../handlers/nonBlocking.inc.php');
require_once(
'../handlers/writeSometimes.inc.php');

session_name('SESS_SN');

logger("started");
$storage=new nonBlockingHandler();
$storage->setLogger('logger');
$handler=new writeSometimes($storage);
$handler->setLogger('logger');

if (!
$handler->install()) {
    print
"set handler failed";
    exit;
}
logger("* about to call session_start()");

session_start();
if (!isset(
$_SESSION['c'])) $_SESSION['c']=0;

if ((integer)
$_SESSION['c'] && !($_SESSION['c'] % 3)) {
   
logger("* about to regenerate");
   
session_regenerate_id();
    if (
version_compare(PHP_VERSION, '5.5.1') < 0) {
       
$handler->create_sid('dummy string');
    }
}
if ((integer)
$_SESSION['c'] && !($_SESSION['c']=10)) {
   
logger("triggering gc");
   
$handler->gc(6400);
}
logger("about to finish");
session_write_close();
?>
<html>
<H1>The write Sometimes Handler + non Blocking storage</H1>
<p>
<p>This combination should give good performance characterisitcs - but see the pages
for each seperate handler for thecaveats.<br />
This handler only passes on writes to the lower layer if:
<ul>
<li>The session has changed</li>
<li>The session ID has changed</li>
<li>The session has reached 70% of its TTL</li>
</ul>
</p><p>
While the other demos change the session each time, this only increments
the counter based on a throw of the dice so you see the effect of
omitting the write. That means it has 3 distinct behaviours:
<ul>
<li>no write</li>
<li>write session</li>
<li>write session with new session id</li>
</ul>
</p><p>
The logging output of the handler is shown below:<br />
<?php
print "OK:++\$_SESSION['c']=" . $_SESSION['c'] . "<pre>$statuslog</pre>";
exit;



  Files folder image Files  
File Role Description
Files folder imageexamples (9 files)
Files folder imagehandlers (7 files)
Accessible without login HTML file index.html Doc. Introduction

  Files folder image Files  /  examples  
File Role Description
  Accessible without login Plain text file builtin.php Example Using the builtin handler (for baseline)
  Accessible without login Plain text file compatible.php Example Example using the compatible (with the builtin handler) handler
  Accessible without login Plain text file encrypting.php Example A very security session data encrypting handler
  Accessible without login Plain text file nonblock.php Example Using the nonblocking handler
  Accessible without login Plain text file null.php Example The null handler (on top of the compatible handler)
  Accessible without login Plain text file security.php Example Apply security checks to session (>=5.5.4)
  Accessible without login Plain text file sometimes.php Example The writeSometimes handler (on top of the compatible handler)
  Accessible without login Plain text file sometimesnonblock.php Example The writeSometimes handler on top the non-blocking handler
  Accessible without login Plain text file utils.inc.php Example Utilitiy functions for the example files

  Files folder image Files  /  handlers  
File Role Description
  Accessible without login Plain text file compat.inc.php Class Compatible Session Handler
  Accessible without login Plain text file encrypting.inc.php Class Encrypting Session Handler
  Accessible without login Plain text file nonBlocking.inc.php Class Using non-blocking file IO
  Accessible without login Plain text file nullsess.inc.php Class A null handler - use as a template
  Accessible without login Plain text file security.inc.php Class Add additional security checks to the session management
  Accessible without login Plain text file stackSess.inc.php Class base class
  Accessible without login Plain text file writeSometimes.inc.php Class Reduce unnecessary writes to improve performance and scalability

 Version Control Unique User Downloads Download Rankings  
 0%
Total:281
This week:0
All time:7,603
This week:660Up