Class yii\web\DbSession

Inheritanceyii\web\DbSession » yii\web\MultiFieldSession » yii\web\Session » yii\base\Component » yii\base\BaseObject
ImplementsArrayAccess, Countable, IteratorAggregate, yii\base\Configurable
Available since version2.0
Source Code https://github.com/yiisoft/yii2/blob/master/framework/web/DbSession.php

DbSession extends yii\web\Session by using database as session data storage.

By default, DbSession stores session data in a DB table named 'session'. This table must be pre-created. The table name can be changed by setting $sessionTable.

The following example shows how you can configure the application to use DbSession: Add the following to your application config under components:

'session' => [
    'class' => 'yii\web\DbSession',
    // 'db' => 'mydb',
    // 'sessionTable' => 'my_session',
]

DbSession extends yii\web\MultiFieldSession, thus it allows saving extra fields into the $sessionTable. Refer to yii\web\MultiFieldSession for more details.

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
$allFlashes array Flash messages (key => message or key => [message1, message2]). This property is read-only. yii\web\Session
$behaviors yii\base\Behavior[] List of behaviors attached to this component. This property is read-only. yii\base\Component
$cacheLimiter string Current cache limiter. This property is read-only. yii\web\Session
$cookieParams array The session cookie parameters. This property is read-only. yii\web\Session
$count integer The number of session variables. This property is read-only. yii\web\Session
$db yii\db\Connection|array|string The DB connection object or the application component ID of the DB connection. yii\web\DbSession
$flash string The key identifying the flash message. Note that flash messages and normal session variables share the same name space. If you have a normal session variable using the same name, its value will be overwritten by this method. This property is write-only. yii\web\Session
$flashParam string The name of the session variable that stores the flash message data. yii\web\Session
$gCProbability float The probability (percentage) that the GC (garbage collection) process is started on every session initialization. yii\web\Session
$handler SessionHandlerInterface|array An object implementing the SessionHandlerInterface or a configuration array. yii\web\Session
$hasSessionId boolean Whether the current request has sent the session ID. yii\web\Session
$id string The current session ID. yii\web\Session
$isActive boolean Whether the session has started. This property is read-only. yii\web\Session
$iterator yii\web\SessionIterator An iterator for traversing the session variables. This property is read-only. yii\web\Session
$name string The current session name. yii\web\Session
$readCallback callable A callback that will be called during session data reading. yii\web\MultiFieldSession
$savePath string The current session save path, defaults to '/tmp'. yii\web\Session
$sessionTable string The name of the DB table that stores the session data. yii\web\DbSession
$timeout integer The number of seconds after which data will be seen as 'garbage' and cleaned up. The default value is 1440 seconds (or the value of "session.gc_maxlifetime" set in php.ini). yii\web\Session
$useCookies boolean|null The value indicating whether cookies should be used to store session IDs. yii\web\Session
$useCustomStorage boolean Whether to use custom storage. This property is read-only. yii\web\MultiFieldSession
$useStrictMode boolean Whether strict mode is enabled or not. This property is read-only. yii\web\Session
$useTransparentSessionID boolean Whether transparent sid support is enabled or not, defaults to false. yii\web\Session
$writeCallback callable A callback that will be called during session data writing. yii\web\MultiFieldSession

Protected Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
$_forceRegenerateId string|null Holds the session id in case useStrictMode is enabled and the session id needs to be regenerated yii\web\Session
$_originalSessionModule string|null Holds the original session module (before a custom handler is registered) so that it can be restored when a Session component without custom handler is used after one that has. yii\web\Session
$fields array Session fields to be written into session table columns yii\web\DbSession

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. yii\base\Component
__clone() This method is called after the object is created by cloning an existing one. yii\base\Component
__construct() Constructor. yii\base\BaseObject
__get() Returns the value of a component property. yii\base\Component
__isset() Checks if a property is set, i.e. defined and not null. yii\base\Component
__set() Sets the value of a component property. yii\base\Component
__unset() Sets a component property to be null. yii\base\Component
addFlash() Adds a flash message. yii\web\Session
attachBehavior() Attaches a behavior to this component. yii\base\Component
attachBehaviors() Attaches a list of behaviors to the component. yii\base\Component
behaviors() Returns a list of behaviors that this component should behave as. yii\base\Component
canGetProperty() Returns a value indicating whether a property can be read. yii\base\Component
canSetProperty() Returns a value indicating whether a property can be set. yii\base\Component
className() Returns the fully qualified name of this class. yii\base\BaseObject
close() Ends the current session and store session data. yii\web\DbSession
closeSession() Session close handler. yii\web\Session
count() Returns the number of items in the session. yii\web\Session
destroy() Frees all session variables and destroys all data registered to a session. yii\web\Session
destroySession() Session destroy handler. yii\web\DbSession
detachBehavior() Detaches a behavior from the component. yii\base\Component
detachBehaviors() Detaches all behaviors from the component. yii\base\Component
ensureBehaviors() Makes sure that the behaviors declared in behaviors() are attached to this component. yii\base\Component
gcSession() Session GC (garbage collection) handler. yii\web\DbSession
get() Returns the session variable value with the session variable name. yii\web\Session
getAllFlashes() Returns all flash messages. yii\web\Session
getBehavior() Returns the named behavior object. yii\base\Component
getBehaviors() Returns all behaviors attached to this component. yii\base\Component
getCacheLimiter() Returns current cache limiter yii\web\Session
getCookieParams() yii\web\Session
getCount() Returns the number of items in the session. yii\web\Session
getFlash() Returns a flash message. yii\web\Session
getGCProbability() yii\web\Session
getHasSessionId() Returns a value indicating whether the current request has sent the session ID. yii\web\Session
getId() Gets the session ID. yii\web\Session
getIsActive() yii\web\Session
getIterator() Returns an iterator for traversing the session variables. yii\web\Session
getName() Gets the name of the current session. yii\web\Session
getSavePath() Gets the current session save path. yii\web\Session
getTimeout() yii\web\Session
getUseCookies() Returns the value indicating whether cookies should be used to store session IDs. yii\web\Session
getUseCustomStorage() Returns a value indicating whether to use custom session storage. yii\web\MultiFieldSession
getUseStrictMode() yii\web\Session
getUseTransparentSessionID() yii\web\Session
has() yii\web\Session
hasEventHandlers() Returns a value indicating whether there is any handler attached to the named event. yii\base\Component
hasFlash() Returns a value indicating whether there are flash messages associated with the specified key. yii\web\Session
hasMethod() Returns a value indicating whether a method is defined. yii\base\Component
hasProperty() Returns a value indicating whether a property is defined for this component. yii\base\Component
init() Initializes the DbSession component. yii\web\DbSession
off() Detaches an existing event handler from this component. yii\base\Component
offsetExists() This method is required by the interface ArrayAccess. yii\web\Session
offsetGet() This method is required by the interface ArrayAccess. yii\web\Session
offsetSet() This method is required by the interface ArrayAccess. yii\web\Session
offsetUnset() This method is required by the interface ArrayAccess. yii\web\Session
on() Attaches an event handler to an event. yii\base\Component
open() Starts the session. yii\web\Session
openSession() Session open handler. yii\web\DbSession
readSession() Session read handler. yii\web\DbSession
regenerateID() Updates the current session ID with a newly generated one. yii\web\DbSession
remove() Removes a session variable. yii\web\Session
removeAll() Removes all session variables. yii\web\Session
removeAllFlashes() Removes all flash messages. yii\web\Session
removeFlash() Removes a flash message. yii\web\Session
set() Adds a session variable. yii\web\Session
setCacheLimiter() Set cache limiter yii\web\Session
setCookieParams() Sets the session cookie parameters. yii\web\Session
setFlash() Sets a flash message. yii\web\Session
setGCProbability() yii\web\Session
setHasSessionId() Sets the value indicating whether the current request has sent the session ID. yii\web\Session
setId() Sets the session ID. yii\web\Session
setName() Sets the name for the current session. yii\web\Session
setSavePath() Sets the current session save path. yii\web\Session
setTimeout() yii\web\Session
setUseCookies() Sets the value indicating whether cookies should be used to store session IDs. yii\web\Session
setUseStrictMode() yii\web\Session
setUseTransparentSessionID() yii\web\Session
trigger() Triggers an event. yii\base\Component
writeSession() Session write handler. yii\web\DbSession

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
composeFields() Composes storage field set for session writing. yii\web\MultiFieldSession
extractData() Extracts session data from storage field set. yii\web\MultiFieldSession
freeze() If session is started it's not possible to edit session ini settings. In PHP7.2+ it throws exception. yii\web\Session
getReadQuery() Generates a query to get the session from db yii\web\DbSession
registerSessionHandler() Registers session handler. yii\web\Session
typecastFields() Method typecasts $fields before passing them to PDO. yii\web\DbSession
unfreeze() Starts session and restores data from temporary variable yii\web\Session
updateFlashCounters() Updates the counters for flash messages and removes outdated flash messages. yii\web\Session

Property Details

$db public property

The DB connection object or the application component ID of the DB connection. After the DbSession object is created, if you want to change this property, you should only assign it with a DB connection object. Starting from version 2.0.2, this can also be a configuration array for creating the object.

$fields protected property (available since version 2.0.17)

Session fields to be written into session table columns

protected array $fields = []
$sessionTable public property

The name of the DB table that stores the session data. The table should be pre-created as follows:

CREATE TABLE session
(
    id CHAR(40) NOT NULL PRIMARY KEY,
    expire INTEGER,
    data BLOB
)

where 'BLOB' refers to the BLOB-type of your preferred DBMS. Below are the BLOB type that can be used for some popular DBMS:

  • MySQL: LONGBLOB
  • PostgreSQL: BYTEA
  • MSSQL: BLOB

When using DbSession in a production server, we recommend you create a DB index for the 'expire' column in the session table to improve the performance.

Note that according to the php.ini setting of session.hash_function, you may need to adjust the length of the id column. For example, if session.hash_function=sha256, you should use length 64 instead of 40.

public string $sessionTable '{{%session}}'

Method Details

close() public method (available since version 2.0.17)

Ends the current session and store session data.

public void close ( )
destroySession() public method

Session destroy handler.

public boolean destroySession ( $id )
$id string

Session ID

return boolean

Whether session is destroyed successfully

gcSession() public method

Session GC (garbage collection) handler.

public boolean gcSession ( $maxLifetime )
$maxLifetime integer

The number of seconds after which data will be seen as 'garbage' and cleaned up.

return boolean

Whether session is GCed successfully

getReadQuery() protected method

Generates a query to get the session from db

protected yii\db\Query getReadQuery ( $id )
$id string

The id of the session

init() public method

Initializes the DbSession component.

This method will initialize the $db property to make sure it refers to a valid DB connection.

public void init ( )
throws yii\base\InvalidConfigException

if $db is invalid.

openSession() public method

Session open handler.

public boolean openSession ( $savePath, $sessionName )
$savePath string

Session save path

$sessionName string

Session name

return boolean

Whether session is opened successfully

readSession() public method

Session read handler.

public string readSession ( $id )
$id string

Session ID

return string

The session data

regenerateID() public method

Updates the current session ID with a newly generated one.

Please refer to https://secure.php.net/session_regenerate_id for more details.

This method has no effect when session is not active. Make sure to call open() before calling it.

public void regenerateID ( $deleteOldSession false )
$deleteOldSession boolean

Whether to delete the old associated session file or not.

typecastFields() protected method (available since version 2.0.13)

Method typecasts $fields before passing them to PDO.

Default implementation casts field data to \PDO::PARAM_LOB. You can override this method in case you need special type casting.

protected array typecastFields ( $fields )
$fields array

Fields, that will be passed to PDO. Key - name, Value - value

writeSession() public method

Session write handler.

public boolean writeSession ( $id, $data )
$id string

Session ID

$data string

Session data

return boolean

Whether session write is successful