Introduction

Basic Usage

Zend_Session_Namespace instances provide the primary API for manipulating session data in the Zend Framework. Namespaces are used to segregate all session data, although a default namespace exists for those who only want one namespace for all their session data. Zend_Session utilizes ext/session and its special $_SESSION superglobal as the storage mechanism for session state data. while $_SESSION is still available in PHP's global namespace, developers should refrain from directly accessing it, so that Zend_Session and Zend_Session_Namespace can most effectively and securely provide its suite of session related functionality.

Each instance of Zend_Session_Namespace corresponds to an entry of the $_SESSION superglobal array, where the namespace is used as the key.

  1. span style="color: #ff0000;">'myNamespace');
  2.  
  3. // $myNamespace corresponds to $_SESSION['myNamespace']

It is possible to use Zend_Session in conjunction with other code that uses $_SESSION directly. To avoid problems, however, it is highly recommended that such code only uses parts of $_SESSION that do not correspond to instances of Zend_Session_Namespace.

Tutorial Examples

If no namespace is specified when instantiating Zend_Session_Namespace, all data will be transparently stored in a namespace called "Default". Zend_Session is not intended to work directly on the contents of session namespace containers. Instead, we use Zend_Session_Namespace. The example below demonstrates use of this default namespace, showing how to count the number of client requests during a session:

Example #1 Counting Page Views

  1. span style="color: #ff0000;">'Default'// this will increment for each page load.
  2. // first time
  3. "Page requests this session: "

When multiple modules use instances of Zend_Session_Namespace having different namespaces, each module obtains data encapsulation for its session data. The Zend_Session_Namespace constructor can be passed an optional $namespace argument, which allows developers to partition session data into separate namespaces. Namespacing provides an effective and popular way to secure session state data against changes due to accidental naming collisions.

Namespace names are restricted to character sequences represented as non-empty PHP strings that do not begin with an underscore ("_") character. Only core components included in Zend Framework should use namespace names starting with "Zend".

Example #2 New Way: Namespaces Avoid Collisions

  1. // in the Zend_Auth component
  2. 'Zend_Auth');
  3. $authNamespace->user = "myusername";
  4.  
  5. // in a web services component
  6. 'Some_Web_Service');
  7. $webServiceNamespace->user = "mywebusername";

The example above achieves the same effect as the code below, except that the session objects above preserve encapsulation of session data within their respective namespaces.

Example #3 Old Way: PHP Session Access

  1. span style="color: #ff0000;">'Zend_Auth']['user'] = "myusername"'Some_Web_Service']['user'] = "mywebusername";

Iterating Over Session Namespaces

Zend_Session_Namespace provides the full » IteratorAggregate interface, including support for the foreach statement:

Example #4 Session Iteration

  1. span style="color: #ff0000;">'some_namespace_with_data_present'"aNamespace->$index = '$value';\n";
  2. }

Accessors for Session Namespaces

Zend_Session_Namespace implements the __get(), __set(), __isset(), and __unset() » magic methods, which should not be invoked directly, except from within a subclass. Instead, the normal operators automatically invoke these methods, such as in the following example:

Example #5 Accessing Session Data

  1. span style="color: #808080; font-style: italic;">// default namespace
  2. "\$namespace->foo = $namespace->foo\n""\$namespace->bar not set\n"

Introduction