session_set_save_handler
Description
The session_set_save_handler of Session for PHP sets the user-level session storage functions.
Syntax
session_set_save_handler(
object $sessionhandler,
bool $register_shutdown = true
): boolsession_set_save_handler(
callable $open,
callable $close,
callable $read,
callable $write,
callable $destroy,
callable $gc,
callable $create_sid = ?,
callable $validate_sid = ?,
callable $update_timestamp = ?
): boolParameters
sessionhandler
An instance of a class implementing SessionHandlerInterface, and optionally SessionIdInterface and/or SessionUpdateTimestampHandlerInterface, such as SessionHandler, to register as the session handler.
register_shutdown
Register session_write_close() as a register_shutdown_function() function.
open
A callable with the following signature:
open(string $savePath, string $sessionName): bool
The open callback works like a constructor in classes and is executed when the session is being opened. It is the first callback function executed when the session is started automatically or manually with session_start(). Return value is true for success, false for failure.
close
A callable with the following signature:
close(): bool
The close callback works like a destructor in classes and is executed after the session write callback has been called. It is also invoked when session_write_close() is called. Return value should be true for success, false for failure.
read
A callable with the following signature:
read(string $sessionId): string
The read callback must always return a session encoded (serialized) string, or an empty string if there is no data to read.
This callback is called internally by PHP when the session starts or when session_start() is called. Before this callback is invoked PHP will invoke the open callback.
The value this callback returns must be in exactly the same serialized format that was originally passed for storage to the write callback. The value returned will be unserialized automatically by PHP and used to populate the $_SESSION superglobal. While the data looks similar to serialize() please note it is a different format which is specified in the session.serialize_handler ini setting.
write
A callable with the following signature:
write(string $sessionId, string $data): bool
The write callback is called when the session needs to be saved and closed. This callback receives the current session ID a serialized version the $_SESSION superglobal. The serialization method used internally by PHP is specified in the session.serialize_handler ini setting.
The serialized session data passed to this callback should be stored against the passed session ID. When retrieving this data, the read callback must return the exact value that was originally passed to the write callback.
This callback is invoked when PHP shuts down or explicitly when session_write_close() is called. Note that after executing this function PHP will internally execute the close callback.
NOTE: The "write" handler is not executed until after the output stream is closed. Thus, output from debugging statements in the "write" handler will never be seen in the browser. If debugging output is necessary, it is suggested that the debug output be written to a file instead.
destroy
A callable with the following signature:
destroy(string $sessionId): bool
This callback is executed when a session is destroyed with session_destroy() or with session_regenerate_id() with the destroy parameter set to true. Return value should be true for success, false for failure.
gc
A callable with the following signature:
gc(int $lifetime): bool
The garbage collector callback is invoked internally by PHP periodically in order to purge old session data. The frequency is controlled by session.gc_probability and session.gc_divisor. The value of lifetime which is passed to this callback can be set in session.gc_maxlifetime. Return value should be true for success, false for failure.
create_sid
A callable with the following signature:
create_sid(): string
This callback is executed when a new session ID is required. No parameters are provided, and the return value should be a string that is a valid session ID for your handler.
validate_sid
A callable with the following signature:
validateId(string $key): bool
This callback is executed when a session is to be started, a session ID is supplied and session.use_strict_mode is enabled. The key is the session ID to validate. A session ID is valid, if a session with that ID already exists. The return value should be true for success, false for failure.
update_timestamp
A callable with the following signature:
updateTimestamp(string $key, string $val): bool
This callback is executed when a session is updated. key is the session ID, val is the session data. The return value should be true for success, false for failure.
Return
Returns true on success or false on failure.
Examples
1 · sessionhandler
<?
class MySessionHandler implements SessionHandlerInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
}
$sessionhandler = new MySessionHandler();
$return = session_set_save_handler($sessionhandler);
var_export($return);
session_start();
true
2 · register_shutdown · false
<?
class MySessionHandler implements SessionHandlerInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
}
$sessionhandler = new MySessionHandler();
$register_shutdown = false;
$return = session_set_save_handler($sessionhandler, $register_shutdown);
var_export($return);
session_start();
true
3 · register_shutdown · true
<?
class MySessionHandler implements SessionHandlerInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
}
$sessionhandler = new MySessionHandler();
$register_shutdown = true;
$return = session_set_save_handler($sessionhandler, $register_shutdown);
var_export($return);
session_start();
true
4 · open close read write destroy gc
<?
class MySessionHandler implements SessionHandlerInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
}
$sessionhandler = new MySessionHandler();
$open =
[
&$sessionhandler,
"open"
];
$close =
[
&$sessionhandler,
"close"
];
$read =
[
&$sessionhandler,
"read"
];
$write =
[
&$sessionhandler,
"write"
];
$destroy =
[
&$sessionhandler,
"destroy"
];
$gc =
[
&$sessionhandler,
"gc"
];
$return = session_set_save_handler($open, $close, $read, $write, $destroy, $gc);
var_export($return);
session_start();
true
5 · create_sid
<?
class MySessionHandler implements SessionHandlerInterface, SessionIdInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
public function create_sid()
{
return session_create_id();
}
}
$sessionhandler = new MySessionHandler();
$open =
[
&$sessionhandler,
"open"
];
$close =
[
&$sessionhandler,
"close"
];
$read =
[
&$sessionhandler,
"read"
];
$write =
[
&$sessionhandler,
"write"
];
$destroy =
[
&$sessionhandler,
"destroy"
];
$gc =
[
&$sessionhandler,
"gc"
];
$create_sid =
[
&$sessionhandler,
"create_sid"
];
$return = session_set_save_handler($open, $close, $read, $write, $destroy, $gc, $create_sid);
var_export($return);
session_start();
true
6 · validate_sid
<?
$option = "session.use_strict_mode";
$value = true;
ini_set($option, $value);
class MySessionHandler implements SessionHandlerInterface, SessionIdInterface, SessionUpdateTimestampHandlerInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
public function create_sid()
{
return session_create_id();
}
public function validateId($key)
{
return $key == session_create_id() ? true : false;
}
public function updateTimestamp($key, $val)
{
return true;
}
}
$sessionhandler = new MySessionHandler();
$open =
[
&$sessionhandler,
"open"
];
$close =
[
&$sessionhandler,
"close"
];
$read =
[
&$sessionhandler,
"read"
];
$write =
[
&$sessionhandler,
"write"
];
$destroy =
[
&$sessionhandler,
"destroy"
];
$gc =
[
&$sessionhandler,
"gc"
];
$create_sid =
[
&$sessionhandler,
"create_sid"
];
$validate_sid =
[
&$sessionhandler,
"validateId"
];
$return = session_set_save_handler($open, $close, $read, $write, $destroy, $gc, $create_sid, $validate_sid);
var_export($return);
session_start();
true
7 · update_timestamp
<?
$option = "session.use_strict_mode";
$value = true;
ini_set($option, $value);
class MySessionHandler implements SessionHandlerInterface, SessionIdInterface, SessionUpdateTimestampHandlerInterface
{
private $savePath;
public function open($savePath, $sessionName)
{
$this->savePath = $savePath;
if(!is_dir($this->savePath))
{
mkdir($this->savePath, 0777);
}
return true;
}
public function close()
{
return true;
}
public function read($sessionId)
{
return (string)@file_get_contents("$this->savePath/sess_$sessionId");
}
public function write($sessionId, $data)
{
return file_put_contents("$this->savePath/sess_$sessionId", $data) === false ? false : true;
}
public function destroy($sessionId)
{
$file = "$this->savePath/sess_$sessionId";
if(file_exists($file))
{
unlink($file);
}
return true;
}
public function gc($lifetime)
{
foreach(glob("$this->savePath/sess_*") as $file)
{
if(filemtime($file) + $lifetime < time() && file_exists($file))
{
unlink($file);
}
}
return true;
}
public function create_sid()
{
return session_create_id();
}
public function validateId($key)
{
return $key == session_create_id() ? true : false;
}
public function updateTimestamp($key, $val)
{
return true;
}
}
$sessionhandler = new MySessionHandler();
$open =
[
&$sessionhandler,
"open"
];
$close =
[
&$sessionhandler,
"close"
];
$read =
[
&$sessionhandler,
"read"
];
$write =
[
&$sessionhandler,
"write"
];
$destroy =
[
&$sessionhandler,
"destroy"
];
$gc =
[
&$sessionhandler,
"gc"
];
$create_sid =
[
&$sessionhandler,
"create_sid"
];
$validate_sid =
[
&$sessionhandler,
"validateId"
];
$update_timestamp =
[
&$sessionhandler,
"updateTimestamp"
];
$return = session_set_save_handler($open, $close, $read, $write, $destroy, $gc, $create_sid, $validate_sid, $update_timestamp);
var_export($return);
session_start();
true
Links
Session
- session_abort
- session_cache_expire
- session_cache_limiter
- session_commit
- session_create_id
- session_decode
- session_destroy
- session_encode
- session_gc
- session_get_cookie_params
- session_id
- session_module_name
- session_name
- session_regenerate_id
- session_register_shutdown
- session_reset
- session_save_path
- session_set_cookie_params
- session_start
- session_status
- session_unset
- session_write_close