CoolBrew User Guide Version 1.3 Based on CodeIgniter Version 1.5.4

Full Table of Contents

DB Session Class

Note: In CoolBrew, this class has replaced the built-in CodeIgniter Sessions Class.

The CodeIgniter sessions class stores all session data in a cookie and optionally stores the session ID in a database. That means if you were to store sensitive information in the session, that data would be stored on the user's computer which is rather insecure. Storing the data in the cookie also limits the amount of data you can store to 4KB.

DB Session stores only the session ID in the cookie and moves all the other data to the database table for added security. In addition, it supports Flash Data.

DB Session is designed to work simlarly to the CI_Session Class, so please see the Session Class section of the CodeIgniter User Guide for more information.

Creating the Database Table

DB Session requires that a database table be set up before it can be used. Here is the basic prototype (for MySQL) required by the DB Session class:

CREATE TABLE IF NOT EXISTS `ci_sessions` ( session_id varchar(40) DEFAULT '0' NOT NULL, ip_address varchar(16) DEFAULT '0' NOT NULL, user_agent varchar(50) NOT NULL, last_activity int(10) unsigned DEFAULT 0 NOT NULL, session_data text default '' not null, PRIMARY KEY (session_id) );

Note: By default the table is called ci_sessions, but you can name it anything you want as long as you update the system/config/config.php file so that it contains the name you have chosen. Once you have created your database table you must enable the database option in your config.php file as follows:

$config['sess_use_database'] = TRUE;

Make sure you've specified the table name in your config file as well:

$config['sess_table_name'] = 'ci_sessions";

Note: If you do not set the above variables as shown, DB Session will not work.

For a complete listing of config preferences related to sessions, please see the Session Class section of the CodeIgniter User Guide.

Initializing a Session

Sessions will typically run globally with each page load, so the session class must either be initialized in your controller constructors, or it can be auto-loaded by the system. For the most part the session class will run unattended in the background, so simply initializing the class will cause it to read, create, and update sessions.

To initialize the Session class manually in your controller constructor, use the $this->load->library function:

$this->load->library('session');

To ensure that the session class is available across multiple tags, you can load it by default in the system-level autoload config file along with the database library:

$autoload['libraries'] = array('database','session');

Once loaded, the Sessions library object will be available using: $this->session

Retrieving Session Data

Any piece of information from the session array is available using the following function:

$this->session->userdata('item');

Where item is the array index corresponding to the item you wish to fetch. For example, to fetch the session ID you will do this:

$session_id = $this->session->userdata('session_id');

Note: The function returns FALSE (boolean) if the item you are trying to access does not exist.

Adding Session Data

To add data to the session array, you use the set_userdata() method:

$this->session->set_userdata('username', 'johndoe');
$this->session->set_userdata('email', 'johndoe@some-site.com');
$this->session->set_userdata('logged_in', TRUE);

Or alternatively, you can send the data in an array:

$this->session->set_userdata(array('username' => 'johndoe', 'email' => 'johndoe@some-site.com', 'logged_in' => TRUE));

Deleting Session Data

To remove data from the session array, you use the unset_userdata() method:

$this->session->unset_userdata('username');

Using Flash Data

Flash data is session data that stays in the session only for the next request and then is automatically deleted. This is handy, for instance, when accessing a page that requires a login. You can save the return URL as flash data, redirect to your login page, and upon successful login, return to the original page.

For example, at the top of any page that requires a login (or in the constructor of the controller if the whole thing requires login), you could have:

$this->session->set_flashdata('return_url', $this->uri->current_uri());
redirect('user/login');

If you have a login error, you can maintain the flash data using keep_flashdata().

if ($login_successful) {
   if ($url = $this->session->flashdata('return_url') ) {
      redirect($url);
   } else {
      redirect('');
   }
} else {
   $this->session->keep_flashdata('return_url');
}

There are three methods available to work with flash data:

$this->session->set_flashdata( 'item', 'value' )

Sets the flash item and is similar to $this->session->set_userdata() except that you can't supply an array.

$this->session->flashdata( 'item' );

Retrieves the value of the given flash item and is similar to $this->session->userdata().

$this->session->keep_flashdata( 'item' );

Makes the given flash item valid for one more request for instances where you need to maintain the item until an error is resolved, for instance.

Top of Page   ·   User Guide Home

CoolBrew  ·  Copyright © 2006  ·  Jim Applegate