TracNav menu
Welcome to patSession
patSession is an abstraction layer for session-management. Therefore patSession can be used if you need session support. patSession comes with some with some security-features for session-fixiation. Also the patSession storage-containers are based on drivers.
Why patSession? $_SESSION works fine!
The super-global variable $_SESSION (Introduced in 4.1.0. In earlier versions, use $HTTP_SESSION_VARS) allows you store values in the PHP session and of course to recieve them later on. Also it is not such a big issue to start the session. You also need only a few more lines of code to add the session-name and -id to all hyperlinks to transport the session to the next request (This is what sessions are for). It is also no real hazard, to check whether the session is expired or to make sure, that the session-id still refers to the origin IP-address of the client. On the other hand, do you really want to implement all of this again and again and again?
At this point patSession enters the stage. patSession is an abstraction layer which allows to use sessions in a very convenient way. The API of patSession is very easy to handle and there are only a view public functions. Another great benefit of patSession is the driver based design. Separating the concrete storage classes into loadable drivers, allows you to use any custom driver, for example to share sessions with a second server.
So, patSession was designed to make programmers live easier. Furthermore, patSession already includes a heaps of security features. patSession automatically handles expired sessions and fixes the session to a Browser, IP referer. It also provides a cloning method to avoid hijacking privileged sessions. In other words, if you are sick of juggling with session ids, variables and security issues, you should try patSession and migrate to a modern, object oriented way of dealing with sessions.
Features
Even if patSession is a small package, it implements essential features for your next web application.
- Full PHP5 integration (PHP4 users may use branch patSession1)
- Small and easy to use API - use get(), set() and clear() to store, recieve and delete values from the session.
- Session containers implement ArrayAccess? and Iterator - that makes accessing variables much easier.
- Static factory-method to use patSession without juggling with references.
- Easy to use replacement for the PHP-session-constatnt "SID"
- Easy to configure during the instance creating process
- Allows to use seperated storage container at the same time
- Handy features to advance security (fixiation, tokens, ...)
- Uses/requires patError
- Plugable driver for several storage container as well as custom module support
Starting Points
- Examples
- API documentation, generated by phpDocumentor
- Documentation
- Download current snapshots
- Subversion Repository: http://www.php-tools.net/svn/patSession
