asdfdotdev / session
The asdf_ session class endeavors to make it easier to use basic best practices in PHP sessions.
Requires (Dev)
README
This class endeavors to make it easy to use better sessions in PHP scripts.
- Easily set, increment, append, hash, and drop session values
- Custom session naming
- Simple session fingerprint check
- Regenerate session id at random intervals
- Change session id length & bits per character*
- HTTPOnly session cookie
- Decoy PHPSESSID cookie
- Force session strict mode*
- Force session use only cookies*
- Force HTTPS only session cookies*
- Supports PHP 7.2+
* Requires ini_set()
method be enabled.
Compatibility
Session class is developed for and tested with recent PHP Version:
- PHP 7.2, 7.3, 7.4, 8.0, 8.1
Installation
composer require asdfdotdev/session
Use
A number of usage examples are included in _examples/
. Check out the examples README for further details.
Tests
Information regarding the included tests is available in the tests the README.
Build history can be browsed at GitHub.
Standards
This class follows PSR-12 code standards.
Debugging
By default basic checks are performed when creating a session:
- Session Lifespan: Prevents min lifespan from being greater than max lifespan.
- System Timezone: Confirms default timezone is configured for PHP, if not UTC is set.
Additional optional debugging can be enabled in session settings:
- PHP Version: Confirms the version available is 7.2.0 or newer
- Session Directory: Confirms write access to PHP session directory
- Session Domain: Confirms session domain setting matches the request domain
Contributing
Feedback, bug reports, feature requests, and pull requests are welcome!
If you'd like to contribute please reference our code of conduct and contributing guides.