THE SESSION CLASS A class to manage user sessions. A session is simply a thing which contains information about a user who has logged on to the system, so in fact the session is just an extension of a user.
To access the system a user must either create a new session, or recover an existing session. A new session is created if the user provides login details: userid/password or unique $authid (MD5). An existing session may be 'recovered' if the login details are absent, and if a cookie is sent containing a valid session key.
Located in /session-defs.php (line 118)
user | --session
Class | Description |
---|---|
![]() |
The webstream class |
The session cookie name
The type of this session
Error condition message if any
True if we should limit 'guest' to browser lifetime
Time of last login (Unix timestamp)
The session lifetime, in seconds
Custom message to deliver when blocking
Option to take on logins exceeded for user
URL to redirect to on logins exceeded
Login type for this session
The ID of this session
The session record complete
Whether we are tracking session logins
Inherited from user
user::$authentication_method
user::$auth_code
user::$email
user::$enabled
user::$first_name
user::$group_info
user::$group_names
user::$hasgroups
user::$hasIPlist
user::$honorific_prefix
user::$IP
user::$last_name
user::$limit_logins
user::$locked
user::$mid_names
user::$name
user::$passwd_alphanum_mixed
user::$passwd_apply_stopwords
user::$passwd_char_uniqueness
user::$passwd_delay_ms
user::$passwd_encryption
user::$passwd_expiry_days
user::$passwd_expiry_ts
user::$passwd_failures
user::$passwd_forever
user::$passwd_history
user::$passwd_history_cycle
user::$passwd_max_attempts
user::$passwd_min_chars
user::$password
user::$remote_auth_dbname
user::$remote_auth_fields
user::$remote_auth_source
user::$remote_auth_tablename
user::$total_logins
user::$userid
user::$user_groups_cnt
user::$user_record
user::$user_type
user::$valid
Constructor Create a new session.
Initial creation of the session object does nothing. The activate() method sets it up, when called.
Delete session cookie Deletes the session cookie from the user's browser.
Identify the user/client
Here is where we activate our session. This involves searching for the cookie, username/password sequence, or authorisation code which will allow us to identify the requester and create the proper session for them to access the website..
Set logins exceeded action
This sets the action for when the number of logins for a given user of the system exceeds a maximum, if specified. The options for the action to take are: SESS_ALLOW Allow, assume app. will take action SESS_ALLOW_CULL Allow session, cull oldest SESS_BLOCK_MSG Block session, nice message SESS_BLOCK_SILENT Block session, no message SESS_BLOCK_REDIRECT Block session, redirect to URL SESS_BLOCK_GUEST Block session, login as guest instead
Recover session Recover an existing session. This will obliterate any pre-existing session information in this object, since we expect it to succeed..
Clear session vars Common method for clearing out the current session info from the object variables.
Create new session Make a brand new session for the user.
Delete the session Delete the current session from the system.
Is session valid Return validity status. If there is a session ID and a valid user then the whole session is deemed valid, otherwise not.
Set the session cookie.
Set session cookie name
Set session guest browser lifetime flag If set True this causes the cookie lifetime to be forced to the browser lifetime if the user is 'guest'.
Set session lifetime Set the session cookie lifetime in seconds.
Set session database backing type The database backing 'type' can be either SESS_DATABASE_BACKED, or SESS_STANDALONE.
Set session track logins flag If set True this causes the session logins for this site to be tracked for each user. This amounts to an extra DB update of a login count field.
Inherited From user
user::user()
user::authenticate()
user::authenticate_authid()
user::authenticate_ipaddress()
user::authenticate_password()
user::authenticate_userid()
user::friendlyName()
user::generate_password()
user::get_auth_code()
user::get_groups()
user::get_user_by_auth_code()
user::get_user_by_id()
user::get_user_by_ip()
user::group_ids_list()
user::group_names_list()
user::ismemberof_group()
user::ismemberof_group_in()
user::ismemberof_group_with_id()
user::isvalid()
user::password_expired()
user::push_password_history()
user::save_password_data()
user::set_password()
user::set_password_expiry()
user::set_remote_authentication()
user::set_security_profile()
user::valid_password()
Documentation generated by phpDocumentor 1.3.0RC3