crazy-max / cws-session
PHP class to manipulate sessions. Data are securely encrypted and sessions are stored in database.
Requires
- php: >=5.3.0
- ext-pdo: *
- crazy-max/cws-crypto: ~1.8
- crazy-max/cws-debug: ~1.11
README
⚠️ Abandoned project
This project is not maintained anymore and is abandoned. Feel free to fork and make your own changes if needed.
Thanks to everyone for their valuable feedback and contributions.
CwsSession
PHP class to manipulate sessions. Data are securely encrypted and sessions are stored in database.
Installation
composer require crazy-max/cws-session
And download the code:
composer install # or update
Getting started
Add a new table in your database with the following structure.
You can change the name of the table (sessions) but not the columns.
CREATE TABLE IF NOT EXISTS `sessions` ( `id` varchar(128) NOT NULL, `id_user` int(10) unsigned NOT NULL DEFAULT '0', `expire` int(10) unsigned NOT NULL DEFAULT '0', `data` text NOT NULL, `skey` varchar(128) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
id - the session id.
id_user - the user id from your application. If you want to use it, use getParamUserId/setParamUserId methods.
expire - the session cache expire.
data - the session data.
skey - unique key for data encryption.
See tests/test.php
file sample to help you.
Disconnect all users
If you want to disconnect all the users from your PHP application, execute this query :
TRUNCATE TABLE `sessions`;
Count visitors and users connected
If you want to count visitors and users connected on your PHP application, execute this query :
SELECT (SELECT COUNT(*) FROM `sessions` WHERE `id_user` > 0 LIMIT 1) AS nb_connected, (SELECT COUNT(*) FROM `sessions` WHERE `id_user` = 0 LIMIT 1) AS nb_visitors;
You have to use the setParamUserId
method when the user is logged in.
Example
Methods
process - Start the process.
start - To call everytime you want to start a new session instead of session_start().
regenerate - Regenerates the session and delete the old one. It also generates a new encryption key in the database. To use each time a user connects to your application successfully.
update - Update specific session vars (user agent, IP address, fingerprint).
isActive - Check if the session is active or not.
getLifetime - The session life time.
setLifetime - Set the session life time (in seconds).
getCookieDomain - The domain of the session cookie.
setCookieDomain - Set the domain of the session cookie (eg: .foo.com).
getSessionName - The session name.
setSessionName - Set the session name. (default PHPSESSID).
isFpEnable - The fingerprint enable status.
setFpEnable - Enable/disable fingerprint.
getFpMode - The fingerprint mode.
setFpModeBasic - Set the fingerprint mode basic. (default)
setFpModeShield - Set the fingerprint mode shield.
getDbExt - The database PHP extension used to store sessions.
setDbExtMysql - Set the database PHP extension used to store sessions to mysql.
setDbExtMysqli - Set the database PHP extension used to store sessions to mysqli.
setDbExtPdo - Set the database PHP extension used to store sessions to pdo. (default)
getDbPdoDriver - The PDO driver to use. (if db extension is Pdo)
setDbPdoDriverFirebird - Set the PDO driver to firebird.
setDbPdoDriverMysql - Set the PDO driver to mysql. (default)
setDbPdoDriverOci - Set the PDO driver to oci.
setDbPdoDriverPgsql - Set the PDO driver to pgsql.
setDbPdoDriverSqlite - Set the PDO driver to sqlite.
setDbPdoDriverSqlite2 - Set the PDO driver to sqlite2.
setDbPdoDriverSqlsrv - Set the PDO driver to sqlsrv.
getDbHost - The database host name or IP address.
setDbHost - Set the database host name or IP address.
getDbPort - The database port.
setDbPort - Set the database port. Leave empty if your are not sure.
setDbUsername - Set the database username.
setDbPassword - Set the database password.
getDbName - The database name.
setDbName - Set the database name.
getDbCharset - The database charset.
setDbCharset - Set the database charset. Leave empty if your are not sure.
getDbTableName - The database table name to store sessions.
setDbTableName - Set the database table name to store sessions (default 'sessions').
getParamFp - The fingerprint SESSION value.
getParamUserId - The user id SESSION value.
getParamUa - The user agent SESSION value.
getParamIp - The ip address SESSION value.
getParam - A SESSION value by key. Use this method instead $_SESSION var.
setParamUserId - Set id_user SESSION value. A user id from your application.
setParam - Set a SESSION key/value. Use this method instead $_SESSION var.
getError - The last error.
How can I help ?
All kinds of contributions are welcome 🙌! The most basic way to show your support is to star 🌟 the project, or to raise issues 💬 You can also support this project by becoming a sponsor on GitHub 👏 or by making a Paypal donation to ensure this journey continues indefinitely! 🚀
Thanks again for your support, it is much appreciated! 🙏
License
MIT. See LICENSE
for more details.