session_api.module

Session API provides an interface for storing information in the session.

Functions

Namesort descending Description
session_api_available Determine if Session API is available by checking if cookies are enabled.
session_api_cron Implements hook_cron().
session_api_get_sid Returns the current session's Session ID.
session_api_menu Implements hook_menu().
session_api_start_session Create an empty string cookie.

File

session_api.module
View source
  1. <?php
  2. /**
  3. * @file
  4. * Session API provides an interface for storing information in the session.
  5. */
  6. /**
  7. * Determine if Session API is available by checking if cookies are enabled.
  8. */
  9. function session_api_available() {
  10. return !empty($_COOKIE);
  11. }
  12. /**
  13. * Create an empty string cookie.
  14. *
  15. * This is useful for fooling the session_api_available() function when using
  16. * Pressflow, which does not set a cookie for anonymous users.
  17. */
  18. function session_api_start_session() {
  19. $_SESSION['session_api_session'] = '';
  20. drupal_session_start();
  21. }
  22. /**
  23. * Returns the current session's Session ID.
  24. *
  25. * @param bool $create
  26. * (optional) A boolean indicating whether the session needs to be created if
  27. * it doesn't exist yet. Defaults to TRUE.
  28. *
  29. * @return
  30. * Returns a positive integer with the Session ID when it exists. If not,
  31. * there are 2 possible return values:
  32. * - -1. This indicates that no session exists and none was created.
  33. * - FALSE. This indicates that Session API is unavailable.
  34. *
  35. * @see drupal_session_initialize()
  36. */
  37. function session_api_get_sid($create = TRUE) {
  38. static $sid;
  39. if ($create) {
  40. // Must initialize sessions for anonymous users.
  41. session_api_start_session();
  42. }
  43. if (!session_api_available()) {
  44. return FALSE;
  45. }
  46. if (!isset($sid) || !$sid) {
  47. $sid = FALSE;
  48. // First, check if we already have an active session.
  49. if (isset($_COOKIE['session_api_session']) && $_COOKIE['session_api_session']) {
  50. $session_id = $_COOKIE['session_api_session'];
  51. }
  52. // If the caller doesn't want to create a new session if it didn't exist,
  53. // then return here.
  54. elseif (!$create) {
  55. // Return a negative value here, since it won't collide with any
  56. // session_api IDs.
  57. return -1;
  58. }
  59. else {
  60. $session_id = drupal_hash_base64(uniqid(mt_rand(), TRUE));
  61. }
  62. // Set expiration time. If -1, then use an expiration time of 0, which will
  63. // cause the cookie to expire when the session ends (i.e, when the browser
  64. // closes).
  65. $seconds = variable_get('session_api_cookie_expire_time', 2592000);
  66. $expire = $seconds === -1 ? REQUEST_TIME + $seconds : 0;
  67. // Update the session timeout.
  68. db_merge('session_api')
  69. ->key(array('session_id' => $session_id))
  70. ->fields(array('timestamp' => REQUEST_TIME))
  71. ->execute();
  72. // Retrieve the sid.
  73. $query = db_select('session_api', 'sap');
  74. $query->fields('sap', array('sid'));
  75. $query->condition('session_id', $session_id);
  76. $sid = $query->execute()->fetchField();
  77. // Set cookie using the same domain that Drupal's own session cookie uses.
  78. $cookie_domain = ini_get('session.cookie_domain');
  79. setcookie('session_api_session', $session_id, $expire, '/', $cookie_domain);
  80. }
  81. return $sid;
  82. }
  83. /**
  84. * Implements hook_menu().
  85. */
  86. function session_api_menu() {
  87. $items['admin/config/development/session-api'] = array(
  88. 'title' => 'Session API Configuration',
  89. 'description' => 'Configure Session API behavior.',
  90. 'access arguments' => array('administer site configuration'),
  91. 'page callback' => 'drupal_get_form',
  92. 'page arguments' => array('session_api_settings_form'),
  93. 'file' => 'session_api.admin.inc',
  94. );
  95. return $items;
  96. }
  97. /**
  98. * Implements hook_cron().
  99. */
  100. function session_api_cron() {
  101. // Fetch list of outdated sids.
  102. $query = db_select('session_api', 'sap');
  103. $query->fields('sap', array('sid'));
  104. $query->condition('sap.timestamp', REQUEST_TIME - variable_get('session_api_cookie_expire_time', 2592000), '<');
  105. $outdated_sids = $query->execute()->fetchCol();
  106. if (!empty($outdated_sids)) {
  107. module_invoke_all('session_api_cleanup', $outdated_sids);
  108. db_delete('session_api')
  109. ->condition('sid', $outdated_sids)
  110. ->execute();
  111. }
  112. }