README

This class endeavors to make it easy to use better sessions in PHP scripts.

• Easily set, increment, append, hash, and drop session values
• Custom session naming
• Simple session fingerprint check
• Regenerate session id at random intervals
• Change session id length & bits per character*
• HTTPOnly session cookie
• Decoy PHPSESSID cookie
• Force session strict mode*
• Force session use only cookies*
• Force HTTPS only session cookies*
• Supports PHP 7.2+

^{* Requires ini_set() method be enabled.}

Compatibility

Session class is developed for and tested with recent PHP Version:

• PHP 7.2, 7.3, 7.4, 8.0, 8.1

Installation

composer require asdfdotdev/session

Use

A number of usage examples are included in _examples/. Check out the examples README for further details.

Tests

Information regarding the included tests is available in the tests the README.

Build history can be browsed at GitHub.

Standards

This class follows PSR-12 code standards.

Debugging

By default basic checks are performed when creating a session:

• Session Lifespan: Prevents min lifespan from being greater than max lifespan.
• System Timezone: Confirms default timezone is configured for PHP, if not UTC is set.

Additional optional debugging can be enabled in session settings:

• PHP Version: Confirms the version available is 7.2.0 or newer
• Session Directory: Confirms write access to PHP session directory
• Session Domain: Confirms session domain setting matches the request domain

Contributing

Feedback, bug reports, feature requests, and pull requests are welcome!

If you'd like to contribute please reference our code of conduct and contributing guides.