You are here

class SessionHandler in Drupal 8

Same name and namespace in other branches
  1. 9 core/lib/Drupal/Core/Session/SessionHandler.php \Drupal\Core\Session\SessionHandler

Default session handler.

Hierarchy

  • class \Drupal\Core\Session\SessionHandler extends \Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy implements \Drupal\Core\Session\SessionHandlerInterface uses DependencySerializationTrait

Expanded class hierarchy of SessionHandler

1 string reference to 'SessionHandler'
core.services.yml in core/core.services.yml
core/core.services.yml
1 service uses SessionHandler
session_handler.storage in core/core.services.yml
Drupal\Core\Session\SessionHandler

File

core/lib/Drupal/Core/Session/SessionHandler.php, line 15

Namespace

Drupal\Core\Session
View source
class SessionHandler extends AbstractProxy implements \SessionHandlerInterface {
  use DependencySerializationTrait;

  /**
   * The request stack.
   *
   * @var \Symfony\Component\HttpFoundation\RequestStack
   */
  protected $requestStack;

  /**
   * The database connection.
   *
   * @var \Drupal\Core\Database\Connection
   */
  protected $connection;

  /**
   * Constructs a new SessionHandler instance.
   *
   * @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
   *   The request stack.
   * @param \Drupal\Core\Database\Connection $connection
   *   The database connection.
   */
  public function __construct(RequestStack $request_stack, Connection $connection) {
    $this->requestStack = $request_stack;
    $this->connection = $connection;
  }

  /**
   * {@inheritdoc}
   */
  public function open($save_path, $name) {
    return TRUE;
  }

  /**
   * {@inheritdoc}
   */
  public function read($sid) {
    $data = '';
    if (!empty($sid)) {

      // Read the session data from the database.
      $query = $this->connection
        ->queryRange('SELECT session FROM {sessions} WHERE sid = :sid', 0, 1, [
        ':sid' => Crypt::hashBase64($sid),
      ]);
      $data = (string) $query
        ->fetchField();
    }
    return $data;
  }

  /**
   * {@inheritdoc}
   */
  public function write($sid, $value) {

    // The exception handler is not active at this point, so we need to do it
    // manually.
    try {
      $request = $this->requestStack
        ->getCurrentRequest();
      $fields = [
        'uid' => $request
          ->getSession()
          ->get('uid', 0),
        'hostname' => $request
          ->getClientIP(),
        'session' => $value,
        'timestamp' => REQUEST_TIME,
      ];
      $this->connection
        ->merge('sessions')
        ->keys([
        'sid' => Crypt::hashBase64($sid),
      ])
        ->fields($fields)
        ->execute();
      return TRUE;
    } catch (\Exception $exception) {
      require_once DRUPAL_ROOT . '/core/includes/errors.inc';

      // If we are displaying errors, then do so with no possibility of a
      // further uncaught exception being thrown.
      if (error_displayable()) {
        print '<h1>Uncaught exception thrown in session handler.</h1>';
        print '<p>' . Error::renderExceptionSafe($exception) . '</p><hr />';
      }
      return FALSE;
    }
  }

  /**
   * {@inheritdoc}
   */
  public function close() {
    return TRUE;
  }

  /**
   * {@inheritdoc}
   */
  public function destroy($sid) {

    // Delete session data.
    $this->connection
      ->delete('sessions')
      ->condition('sid', Crypt::hashBase64($sid))
      ->execute();
    return TRUE;
  }

  /**
   * {@inheritdoc}
   */
  public function gc($lifetime) {

    // Be sure to adjust 'php_value session.gc_maxlifetime' to a large enough
    // value. For example, if you want user sessions to stay in your database
    // for three weeks before deleting them, you need to set gc_maxlifetime
    // to '1814400'. At that value, only after a user doesn't log in after
    // three weeks (1814400 seconds) will their session be removed.
    $this->connection
      ->delete('sessions')
      ->condition('timestamp', REQUEST_TIME - $lifetime, '<')
      ->execute();
    return TRUE;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
SessionHandler::$connection protected property The database connection.
SessionHandler::$requestStack protected property The request stack.
SessionHandler::close public function
SessionHandler::destroy public function
SessionHandler::gc public function
SessionHandler::open public function
SessionHandler::read public function
SessionHandler::write public function
SessionHandler::__construct public function Constructs a new SessionHandler instance.