Sessions
Louis Stowasser
as well as initializing the $_SESSION global vars but can't submit
because the site won't let me. I packaged it together as one rather
than individual functions because to use the sessions you need all the
functions and variables not just one.
See here: http://github.com/louisstow/phpjs/tree/master/_unported/session/session.js
Also did it that way for private members. Unit tests are in
'test.html'.
SESSION.JS
---------------------------
(function(w, undefined) {
var lifetime = 1800, //in seconds
path = undefined,
domain = undefined,
secure = undefined,
sid = 'JSSESSID';
/**
* Check for a PHPSESSID. If found unpack it from the cookie
* If not found, create it then pack everything in $_SESSION
* into a cookie.
*/
w.session_start = function() {
var cookie = w.getcookie(sid);
if(!cookie || cookie == "null") {
w.$_SESSION = {};
w.session_set_cookie(sid, w.serialize(w.$_SESSION), lifetime, path,
domain, secure);
} else {
w.$_SESSION = w.unserialize(w.urldecode(w.getcookie(sid)));
}
};
/**
* Bundle all session destroying functions (they all do the same
thing)
* Resets the global $_SESSION and sets the cookie to null
*/
w.session_unset = w.session_destroy = w.session_unregister =
function() {
w.$_SESSION = null;
w.session_set_cookie(sid,null);
};
/**
* Updates the session cookie data with $_SESSION
*/
w.session_update = function() {
w.session_set_cookie(sid, w.serialize(w.$_SESSION), lifetime, path,
domain, secure);
};
/**
* Update the params of the cookie
*/
w.session_set_cookie_params = function(l, p, d, s) {
lifetime = l;
path = p;
domain = d;
secure = !!s; //make sure bool
};
/**
* Get value of a cookie
*/
w.getcookie = function(name) {
var cookies = document.cookie.split(';'),i=0,l=cookies.length,
current;
for(;i<l;i++) {
current = cookies[i].split('=');
current[0] = current[0].replace(/\s+/,"");
if(current[0] === name) return current[1];
}
return undefined;
};
w.session_set_cookie = function(name, value, expires, path, domain,
secure) {
if(expires) {
expires = (new Date((new Date).getTime() + expires *
3600)).toGMTString();
}
var r = [name + '=' + w.urlencode(value)], s = {}, i = '';
s = {expires: expires, path: path, domain: domain};
for (i in s) {
if (s.hasOwnProperty(i)) { // Exclude items on Object.prototype
s[i] && r.push(i + '=' + s[i]);
}
}
return secure && r.push('secure'), w.document.cookie = r.join(";"),
true;
}
/**
* Encode string in session format (serialized then url encoded)
*/
w.session_encode = function() {
return w.urldecode(w.getcookie(sid));
}
/**
* Decode string from session format
*/
w.session_decode = function(str) {
return w.unserialize(w.urldecode(str));
}
})(window);
Brett Zamir
Here's the text I'm trying to post on site now regarding your
submission, but there's a server problem at the moment, so I can't make
the submission...
----------------------------------------------------
@Louis: Thanks! That's excellent...
But would you be open to enhancing by also detecting a session ID on
query strings? I think in some ways that could be more useful, as unlike
document.cookie, the settings made here could be made to propagate to
other pages (I remember something about sessions causing all URLs on the
page to be rewritten with that session query string--wouldn't be too
hard to do in DOM/JavaScript either, and pretty convenient actually
(maybe even in combination with Ajax, though I haven't had time to think
through it much).
You might take a look at
http://phpjs.org/functions/import_request_variables:431 for how we did
it for that function. Also, we can even make use of ini_get to make use
of some settings at
http://www.php.net/manual/en/session.configuration.php like
session.use_cookies or session.use_only_cookies ...
Also, we can use our own ini setting (e.g., "phpjs.sessionObj") to
create an alternate object instead of $_SESSION (in case someone wants
better namespacing).
Anyhow, thanks again for the submission!
> return secure&& r.push('secure'), w.document.cookie = r.join(";"),
Brett Zamir
document.cookie not working across pages. I really thought it didn't,
but glad I was wrong... :). I do still want to implement optionally via
GET string too though.
Just letting you know I'm going to try to do your functions this weekend
and have already implemented a few minor (PHP-deprecated) functions and
added them to _experimental:
http://github.com/kvz/phpjs/commit/4c64dcd9857ac31b7f8b693d2354111ec78a7a77
. As you can/could see there, if the user has added $_SESSION to the
namespaced object, they can avoid using it on the window object (the
default).
I also fixed your unit test to work with the 2nd page again apparently
because you added a session destroy as the last test and so there was no
more session to pass to the next page:
http://github.com/kvz/phpjs/commit/ff0e9ff2063e3e7045ba9a50baeb1f0ac25754e2
. Good thing for your unit tests or otherwise I wouldn't have noticed
this! :)
best wishes,
Brett
On 8/23/2010 6:12 PM, Louis Stowasser wrote:
> return secure&& r.push('secure'), w.document.cookie = r.join(";"),
Louis Stowasser
Brett Zamir
Through the query string would be good. Would need to find every link and append the HREF with it though.
How would the user change the setting so to have a custom namespaced $_SESSION object
var someObj = {}; ini_set('phpjs.sessionObject', someObj);
or use GET instead of cookies?
ini_set('session.use_cookies', 0);
We achieve interoperability between functions like ini_set and the cookie functions via the php_js "global" (not actually global on the namespaced version): http://wiki.github.com/kvz/phpjs/php_js_global
Oops, forgot I was testing session_destroy. Gotta love unit tests ;)
Brett