SessionHandler.php
Same filename and directory in other branches
Namespace
Drupal\Core\SessionFile
-
core/
lib/ Drupal/ Core/ Session/ SessionHandler.php
View source
<?php
namespace Drupal\Core\Session;
use Drupal\Component\Datetime\TimeInterface;
use Drupal\Component\Utility\Crypt;
use Drupal\Core\Database\Connection;
use Drupal\Core\DependencyInjection\DependencySerializationTrait;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy;
/**
* Default session handler.
*/
class SessionHandler extends AbstractProxy implements \SessionHandlerInterface {
use DependencySerializationTrait;
/**
* The request stack.
*
* @var \Symfony\Component\HttpFoundation\RequestStack
*/
protected $requestStack;
/**
* The database connection.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* Constructs a new SessionHandler instance.
*
* @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
* The request stack.
* @param \Drupal\Core\Database\Connection $connection
* The database connection.
* @param \Drupal\Component\Datetime\TimeInterface|null $time
* The time service.
*/
public function __construct(RequestStack $request_stack, Connection $connection, ?TimeInterface $time = NULL) {
$this->requestStack = $request_stack;
$this->connection = $connection;
if (!$time) {
@trigger_error('Calling ' . __METHOD__ . '() without the $time argument is deprecated in drupal:10.3.0 and it will be required in drupal:11.0.0. See https://www.drupal.org/node/3387233', E_USER_DEPRECATED);
$this->time = \Drupal::service(TimeInterface::class);
}
}
/**
* {@inheritdoc}
*/
public function open(string $save_path, string $name) : bool {
return TRUE;
}
/**
* {@inheritdoc}
*/
public function read(string $sid) : string|false {
$data = '';
if (!empty($sid)) {
// Read the session data from the database.
$query = $this->connection
->queryRange('SELECT [session] FROM {sessions} WHERE [sid] = :sid', 0, 1, [
':sid' => Crypt::hashBase64($sid),
]);
$data = (string) $query->fetchField();
}
return $data;
}
/**
* {@inheritdoc}
*/
public function write(string $sid, string $value) : bool {
$request = $this->requestStack
->getCurrentRequest();
$fields = [
'uid' => $request->getSession()
->get('uid', 0),
'hostname' => $request->getClientIP(),
'session' => $value,
'timestamp' => $this->time
->getRequestTime(),
];
$this->connection
->merge('sessions')
->keys([
'sid' => Crypt::hashBase64($sid),
])
->fields($fields)
->execute();
return TRUE;
}
/**
* {@inheritdoc}
*/
public function close() : bool {
return TRUE;
}
/**
* {@inheritdoc}
*/
public function destroy(string $sid) : bool {
// Delete session data.
$this->connection
->delete('sessions')
->condition('sid', Crypt::hashBase64($sid))
->execute();
return TRUE;
}
/**
* {@inheritdoc}
*/
public function gc(int $lifetime) : int|false {
// Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
// value. For example, if you want user sessions to stay in your database
// for three weeks before deleting them, you need to set gc_maxlifetime
// to '1814400'. At that value, only after a user doesn't log in after
// three weeks (1814400 seconds) will their session be removed.
return $this->connection
->delete('sessions')
->condition('timestamp', $this->time
->getRequestTime() - $lifetime, '<')
->execute();
}
}
Classes
Title | Deprecated | Summary |
---|---|---|
SessionHandler | Default session handler. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.