PHPackages inanepain/session - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. inanepain/session ActiveLibrary inanepain/session ================= A lightweight, secure and extensible PHP session handling library. 0.0.99(5mo ago)10UnlicensePHPPHP >=8.4 Since Nov 11Pushed 1mo agoCompare [ Source](https://github.com/inanepain/session)[ Packagist](https://packagist.org/packages/inanepain/session)[ Docs](https://github.com/inanepain/session)[ RSS](/packages/inanepain-session/feed)WikiDiscussions develop Synced 1mo ago READMEChangelogDependencies (2)Versions (3)Used By (0) inanepain/session [![icon](./icon.png "inanepain/session")](./icon.png) ======================================================================= [](#inanepainsession-) Table of Contents - [![icon](./icon.png "inanepain/session") inanepain/session](#inanepainsession) - [1. Introduction](#introduction) - [1.1. Why SessionManager?](#why-sessionmanager) - [2. Install](#install) - [3. Quick Start](#quick-start) - [3.1. Basic Usage](#basic-usage) - [3.2. Namespaced Sessions](#namespaced-sessions) - [4. Configuration](#configuration) - [5. API Reference](#api-reference) - [5.1. Initialization](#initialization) - [5.2. Core Storage](#core-storage) - [5.3. Namespacing](#namespacing) - [5.4. Flash Messages](#flash-messages) - [5.5. Security & Lifecycle](#security-lifecycle) - [5.6. Remember Me](#remember-me) - [6. Examples](#examples) - [6.1. Login with Remember Me](#login-with-remember-me) - [6.2. Namespaced E-Commerce](#namespaced-e-commerce) - [7. Security Considerations](#security-considerations) [![icon](./icon.png "inanepain/session")](./icon.png) inanepain/session ----------------------------------------------------------------------- [](#-inanepainsession) A lightweight, secure and extensible PHP session handling library. 1. Introduction --------------- [](#1-introduction) SessionManager is a lightweight, secure, and extensible PHP session handling library designed for modern web applications. It provides a simple static API for managing sessions with built-in security features like HTTP-only cookies, SameSite protection, periodic ID regeneration, and inactivity timeouts. It supports namespacing to avoid key collisions and "remember me" functionality for persistent sessions across browser closes. Key features: \* Automatic secure session initialization. \* Namespaced storage to organize data (e.g., user, cart). \* Flash messages for one-time notifications. \* Configurable timeouts and regeneration intervals. \* Memory-safe handling for large sessions. \* Persistent sessions via "remember me" (30-day default). This library is dependency-free, PSR-compliant, and production-ready. ### 1.1. Why SessionManager? [](#11-why-sessionmanager) Native PHP sessions are powerful but lack secure defaults and organization. SessionManager wraps `session_*` functions with best practices, preventing common pitfalls like fixation attacks and key conflicts. 2. Install ---------- [](#2-install) composer ``` composer require inanepain/session ``` 3. Quick Start -------------- [](#3-quick-start) ### 3.1. Basic Usage [](#31-basic-usage) Require the file and initialize: ``` SessionManager::init([ 'name' => 'MYAPP_SESSID', // 'cookie_secure' => true, // HTTPS only 'cookie_samesite' => 'Strict', ]); // Set and get data SessionManager::set('user_id', 123); echo SessionManager::get('user_id'); // 123 // Flash message SessionManager::flash('success', 'Login successful!'); header('Location: /dashboard'); exit; // In dashboard.php if (SessionManager::hasFlash('success')) { echo SessionManager::getFlash('success'); } // Logout SessionManager::destroy(); ``` ### 3.2. Namespaced Sessions [](#32-namespaced-sessions) Use the base class `SessionNamespace` for modular access: ``` class UserSession extends SessionNamespace { protected const NAMESPACE = 'user'; } class CartSession extends SessionNamespace { protected const NAMESPACE = 'cart'; } // Usage UserSession::set('id', 456); CartSession::set('items', ['item1']); echo UserSession::get('id'); // 456 ``` 4. Configuration ---------------- [](#4-configuration) Pass options to `init()` to customize behaviour. Defaults are secure. OptionTypeDefaultDescriptioncookie\_lifetime int 0 Cookie expiry (0 = browser close; >0 for persistent). cookie\_path string / Cookie path. cookie\_domain string '' Cookie domain. cookie\_secure bool HTTPS detected HTTPS-only cookie. cookie\_httponly bool true Prevent JS access. cookie\_samesite string Lax CSRF protection (Lax/Strict/None). use\_strict\_mode bool true Reject uninit sessions. use\_only\_cookies bool true No URL param fallback. name string PHPSESSID Session cookie name. gc\_maxlifetime int 1440 Garbage collection (minutes). memory\_limit string null Temp boost (e.g., '2G'; dev only). max\_session\_size int 104857600 Clear if >100MB (bytes). force\_clear bool false Nuke session on init (dev). remember\_me bool false Auto-set lifetime to 30 days. Example with persistent session: ``` SessionManager::init([ 'remember_me' => true, // 30-day cookie // 'cookie_secure' => true, ]); ``` Runtime toggles: ``` SessionManager::enableRememberMe(86400 * 7); // 1 week SessionManager::disableRememberMe(); // Back to session-only echo SessionManager::isRememberMe() ? 'Persistent' : 'Temporary'; ``` 5. API Reference ---------------- [](#5-api-reference) All methods are static. Call `init()` first. ### 5.1. Initialization [](#51-initialization) Method Description `init(array $options = []): void` Start session with config. Idempotent. ### 5.2. Core Storage [](#52-core-storage) Method Description `set(string $key, mixed $value): void` Store value; updates activity. `get(string $key, mixed $default = null): mixed` Retrieve value. `has(string $key): bool` Key exists? `delete(string $key): void` Remove key. `all(): array` All namespace data. `clear(): void` Empty current namespace. ### 5.3. Namespacing [](#53-namespacing) Method Description `namespace(string $namespace): void` Switch namespace. `currentNamespace(): string` Active namespace. ### 5.4. Flash Messages [](#54-flash-messages) Method Description `flash(string $key, mixed $value): void` Set for next request. `getFlash(string $key, mixed $default = null): mixed` Get and erase. `hasFlash(string $key): bool` Exists? (non-destructive). ### 5.5. Security & Lifecycle [](#55-security--lifecycle) Method Description `regenerate(bool $deleteOld = true): void` New ID; updates activity. `setRegenerateInterval(int $seconds): void` Interval (min 60s). `setTimeout(int $seconds): void` Inactivity timeout (min 1s). `destroy(): void` Full logout (clears data/cookie). `id(): string` Raw session ID. ### 5.6. Remember Me [](#56-remember-me) Method Description `enableRememberMe(int $lifetime = 2592000): void` Enable persistent (regenerates ID). `disableRememberMe(): void` Disable (session-only). `isRememberMe(): bool` Currently persistent? 6. Examples ----------- [](#6-examples) ### 6.1. Login with Remember Me [](#61-login-with-remember-me) ``` SessionManager::init(['remember_me' => $_POST['remember'] ?? false]); if (authenticate($_POST['email'], $_POST['password'])) { SessionManager::set('user_id', $user->id); SessionManager::enableRememberMe(); // If checkbox checked SessionManager::flash('success', 'Welcome!'); header('Location: /dashboard'); } else { SessionManager::flash('error', 'Invalid credentials'); } ``` ### 6.2. Namespaced E-Commerce [](#62-namespaced-e-commerce) ``` UserSession::set('logged_in', true); CartSession::set('total', 99.99); echo CartSession::all(); // ['total' => 99.99] SessionManager::namespace('user'); // Switch back ``` 7. Security Considerations -------------------------- [](#7-security-considerations) - **Defaults**: HTTP-only, SameSite=Lax, strict mode enabled. - **Regeneration**: Auto every 10min; manual via `regenerate()`. - **Timeouts**: 30min inactivity → auto-destroy. - **Persistent Sessions**: Use secure cookies; validate user on resume (e.g., DB token). - **Large Data**: Avoid storing files/objects; use DB/Redis for >1MB. - **File Handler**: Auto-clears oversized/corrupt sessions; consider Redis for scale. ### Health Score 36 — LowBetter than 81% of packages Maintenance86 Actively maintained with recent releases Popularity2 Limited adoption so far Community6 Small or concentrated contributor base Maturity43 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 179d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/fb9f19ff5a5cb0467539819a0ab5ad82b938937d8e8f0f65d317fa2938179fae?d=identicon)[inanepain](/maintainers/inanepain) --- Top Contributors [![inanepain](https://avatars.githubusercontent.com/u/1823594?v=4)](https://github.com/inanepain "inanepain (20 commits)") --- Tags librarysecuresessioninaneinanepainremember-me ### Embed Badge ![Health badge](/badges/inanepain-session/health.svg) ``` [![Health](https://phpackages.com/badges/inanepain-session/health.svg)](https://phpackages.com/packages/inanepain-session) ``` ### Alternatives [cse/helpers-session The helpers allows you to easily manage session data. START, SET, GET DELETE, HAS method session - all this is available in this library. 102.6k3](/packages/cse-helpers-session) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)