PHPackages wolfmoritz/session - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. wolfmoritz/session Abandoned → [pitoncms/session](/?search=pitoncms%2Fsession)ArchivedLibrary wolfmoritz/session ================== Manage session state without native PHP sessions 1.2.0(9y ago)0130MITPHPPHP >=5.3.0 Since Jan 30Pushed 7y ago1 watchersCompare [ Source](https://github.com/wolfmoritz/session)[ Packagist](https://packagist.org/packages/wolfmoritz/session)[ Docs](https://github.com/wolfmoritz/session)[ RSS](/packages/wolfmoritz-session/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (5)Used By (0) Archived ======== [](#archived) **Project has been moved to where it being maintained.** PHP Session Handler =================== [](#php-session-handler) This class maintains session state across page views. A hashed, salted session key is set in a cookie which is the key to the session record in a MySQL table. The session key is regenerated every 5 minutes or as set in the configuation array. No information, other than the key, is stored client side. All user session information is kept server side in a database table. When the session runs the session handler looks for a session record matching the cookie key, and if found it then runs optional checks to validate the session. If any of the checks fail, or if the session has timed out, the session is destoyed and a new session is started. Session data can be set and retrieved at any time as either a key-value pair, or an array of key-value pairs. Flash data is also supported, which only persists until the next request. Installation ------------ [](#installation) You can use Composer to install the session handler or just download the files to your project. ### Using Composer [](#using-composer) Either require the project in composer, ``` composer require wolfmoritz/session ``` or modify your `composer.json` project file to require this package and run an update or install. ``` "require": { "wolfmoritz/session": "~1.2.0" } ``` This will download the files and register the class with the composer autoloader. ### Or Just the Files, Please [](#or-just-the-files-please) If you do not use Composer, download this project and unzip. The only file you need is `src/Session/SessionHandler.php`. Place that file in your project and be sure to include it in your startup script. ### Create the Table [](#create-the-table) You will need to create the session table in your MySQL database using the **SessionTable.sql** script. You can change the table name in the script if desired, but you will need to provide the table name as a configuration item for `tableName`. Usage ----- [](#usage) To use the session handler create a new instance of `WolfMoritz\Session\SessionHandler` passing in a PDO database connection and the configuration array. ### Provide a PDO Connection [](#provide-a-pdo-connection) Define a new PDO connection and pass it in as the first argument of the constructor. ``` $dsn = 'mysql:host=' . HOST . ';dbname=' . DBNAME; $dbh = new PDO($dsn, USERNAME, PASSWORD, DB_OPTIONS); ``` ### Define Configuruation [](#define-configuruation) Define a configuration array and only include the options you wish to change. The only required configuration option is your application's encryption key. Use a long, random string and do not share it. **Options** OptionDefaultDescriptioncookieName'sessionCookie'Your session cookie name.tableName'session'Name of the MySQL table that stores your sessions.secondsUntilExpiration7200How long before the session expires in seconds.renewalTime300How long before the session key is regenerated in seconds.expireOnClosefalseWhether or not to destroy the session when the browser closes, true or false.checkIpAddressfalseWhether or not to match the IP address to the stored session, true or false.checkUserAgentfalseWhether or not to match the User Agent to the stored session, true or false.secureCookiefalseWhether or not to set an encrypted cookie, true of false. Note, this only works when using *https*.salt*none*Your custom encryption key. Any long (16+ characters) string of characters.autoRunSessiontrueWhether to run the session automatically, or only needed.``` $config['salt'] = 'akjfao8ygoa8hba9707lakusdof87'; // Use your own salt! $config['secondsUntilExpiration'] = 1800; // 30 minutes // More configuration options ... ``` ### Creating a Session [](#creating-a-session) Create a new session as part of your application flow. ``` $Session = new WolfMoritz\Session\SessionHandler($dbh, $config); ``` The session runs immediately if `autoRunSession` is set to true (which is the default) and checks for a valid session, regenerates the session key if necessary, and loads any existing session data for immediate retrieval. Create the session object once, or simply add it to your Dependency Injection Container as a singleton. When the session runs, it queries the database. If you need to make the session class available but do not need to immediately run the session you can set autoRunSession to false in the configuration. Then when you are ready to run a session call the `run()` method. ``` $Session->run(); ``` ### Save Session Data [](#save-session-data) Once the session is running, you can add or update session data by passing in key-value pairs or an array of key-value pairs using the `setData()` method. The value can be any type as long as it is serializable to JSON. ``` // Save simple key-value pair $Session->setData('lupine', 'wolf'); // Save array of key-value pairs $sessionData = array( 'feline' => 'cat', 'canine' => 'dog', 'lastModified' => 1422592486 ); $Session->setData($sessionData); ``` Supplying the same key will overwrite any prior value saved in session. ### Get Session Data [](#get-session-data) To get session data pass in the item key to `getData()`. The method returns `null` if no key was found. To get all session data simply do not provide an argument. ``` // Get one session item $value = $Session->getData('keyName'); // Get all session items $values = $Session->getData(); ``` ### Save Flash Data [](#save-flash-data) You can add flash data by passing in a string, a key-value pair, or an array of key-value pairs using the `setFlashData()` method. The value can be any type as long as it is serializable to JSON. Flash data will only stay until the next request, after which it is removed automatically. ``` // Save simple key-value pair $Session->setFlashData('Something went wrong!'); $Session->setFlashData('alert', 'Something went very wrong!'); ``` ### Get Flash Data [](#get-flash-data) To get flash data pass in the item key to `getFlashData()`. The method returns `null` if no key was found. To get all flash data simply do not provide an argument. Flash data is automatically removed on the next request, so there's no need to explicitly unset flash data. ``` // Get one flash item $value = $Session->getFlashData('alert'); // Get all flash items $values = $Session->getFlashData(); ``` ### Unset Session Data [](#unset-session-data) You can delete a session item by passing in the item key to `unsetData()`, or delete all session data by not providing an argument. ``` // Delete one session item $Session->unsetData('keyName'); // Delete all session data $Session->unsetData(); ``` ### Delete a Session [](#delete-a-session) Any session that does not pass validation will be destoyed automatically. But, if you want to delete a session call the `destroy()` method. ``` $Session->destroy(); ``` WARNING ======= [](#warning) Use this session class at your own risk. Read the code, and understand what it does if you intend on using this for for anything secure. I make no warranty if something goes wonky. But, if you have any improvments please fork this project and send me a pull request! ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity10 Limited adoption so far Community7 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~261 days Total 4 Last Release 3341d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/0a33abe02ef0be62ac8b5730a687131c7b9ca57d481e37d0de204f924202f838?d=identicon)[wolfmoritz](/maintainers/wolfmoritz) --- Top Contributors [![wolfmoritz](https://avatars.githubusercontent.com/u/2895080?v=4)](https://github.com/wolfmoritz "wolfmoritz (23 commits)") --- Tags session ### Embed Badge ![Health badge](/badges/wolfmoritz-session/health.svg) ``` [![Health](https://phpackages.com/badges/wolfmoritz-session/health.svg)](https://phpackages.com/packages/wolfmoritz-session) ``` ### Alternatives [nette/http 🌐 Nette Http: abstraction for HTTP request, response and session. Provides careful data sanitization and utility for URL and cookies manipulation. 48819.2M541](/packages/nette-http)[yiisoft/yii2-redis Redis Cache, Session and ActiveRecord for the Yii framework 48011.7M245](/packages/yiisoft-yii2-redis)[laminas/laminas-session Object-oriented interface to PHP sessions and storage 8122.7M113](/packages/laminas-laminas-session)[aura/session Provides session management functionality, including lazy session starting, session segments, next-request-only ("flash") values, and CSRF tools. 2041.2M69](/packages/aura-session)[mezzio/mezzio-session Session container and middleware for PSR-7 applications 24982.3k16](/packages/mezzio-mezzio-session) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)