A week ago (August 9th) we quietly added some nice enhancements to the CodeIgniter Session library that I wanted to mention. You can see these for yourself in the subversion repository (here’s the Session.php library and the userguide page). The upgrades will be part of the next CodeIgniter release. Three notables include (in descending order of sexiness):
Configurable time_to_update variable
$time_to_update was a variable hardcoded to 300 (5 minutes in seconds). After the time to live expired, the CI session class runs sess_update, which does some general maintenance and session handiwork. While 5 minutes is probably a very good choice for 99% of us, there may be times when you want the update to run faster or slower. So the update time is now configurable by adding $config[‘sess_time_to_update’] to your config file with the rest of the session preferences. If you choose not to add it, CI just assumes 5 minutes for you.
Regenerating Session Ids
When a session is created, CodeIgniter (well, all PHP applications really) creates a “session id” and assigns it uniquely to you. In this manner, data can be exchanged with you without also giving away your session data to other visitors. CodeIgniter now regenerates your id every time sess_update runs (this is of course what makes the configurable time noteworthy). This provides an additional layer of protection against session fixation.
OK, now on to the most impressive addition - Flashdata. Flashdata are variables that only exist for the next request. They are mostly useful for “flashing” messages like
The person $person was successfully edited, but can extraordinarily useful in the general development of a web application. In Bamboo I use them to indicate success or failure messages to the user, store whom was edited for dynamic dropdowns, store a client name for assigning of invoices, and other various purposes. Again… very useful.
Using them is almost the same as using the current session library.
$this->session->set_flashdata('foo', 'bar'); // a variable that only exists for 1 request
$this->session->flashdata('foo'); // reading a flashdata variable
There is also a keep_flashdata() function, should you need to preserve from one request to another, perhaps a redirect.
If you’ve used any of the wonderful third party CodeIgniter session libraries, you’ve probably already enjoyed some of these features, and I suspect they will be a welcome addition to your toolkit. On that note though, I’d like to personally take a moment to thank some of the people who have already done great work in this area. Thanks Dariusz Debowczyk (native session), Oscar Bajner (OBsession), Monte Ohrt ( PHP Session), and Dready (DB Session) for their fine work in this area.
This was not an attempt to re-write the session library, but rather to add in a few commonly requested and useful features. Enjoy!, and I hope it takes your programming to even higher heights!