Use of the Laravel session

Use Laravel to develop the application, copy the original code, the previous code session used $_SESSION , I thought the transplant can be very good to run, because there is no reliance on other components , the results appear this

Undefined variable: _session

The configuration file configuration of the Laravel session app/config/session.php can be used to look at the option settings and annotations available in the session configuration file.

Laravel uses file to implement the session by default. She does not use php native $_session (PHP native SESSION to see php.ini < Span style= "color: #0000ff; font-size:14px;width:auto;height:auto;float:none;" > position ), so omit PHP-related session function , for example session_start () , $_session . Laravel will be in app /storage/session/ Directory writes to session information, so this directory needs to have write permission, no session will not be able to write successfully.

Laravel, in addition to using the default file as the session implementation, also supports cookie , Memcached Redis and 数据库 the back-end drive as the session implementation. When necessary, you also need to implement a session, such as in the public account and user interaction, the session can not be used directly, because each time the server to request, not through the source of the request to identify the user.

Laravel's session brief API

Session API is relatively simple, we look at the Chinese document also probably know how to mean. But there are a few that are not very well understood.

1. Permanent Save of Session (within the non-expiring range)

2. Session::p ut (' key ', ' value ');

4. Native session equivalent to PHP

5. $_session[' key ' = ' value ';

7. Get operation

8. $value = Session::get (' key ', ' default ');

10. Remove operation and Delete, similar to pop concept

11. $value = Session::p ull (' key ', ' default ');

13. Detect if a key exists

14. Session::has (' users ');

16. Delete key

17. Session::forget (' key ');

This correspondence as long as the session is not period, basically is permanently saved, the next HTTP request also exists. Different from the flash concept below.

Flash concept in the session of Laravel

But laravel out a 快闪flash concept, and I got mixed up all of a sudden. This Flash two requests are valid (this time and the next request is valid), regardless of how many times this request takes action.

1. Save Key,value

2. Session::flash(' key ', ' value ');

4. The value method is still the same.

5. Session::get (' key ');

7. Refreshes the flash data time and remains to the next request

8. Session::keep (Array (' username ', ' email '));

This flash concept put is not the same as the concept above.

• Put: This corresponds as long as the session is not period, basically is permanently saved, the next request also exists.

• Flash : Saved values, this request can be used, the next HTTP request can be used, and the next one will not exist.

That is, the next time the request is destroyed , will not let the value of the session become more and more large, you can save some temporary data.

Examples of usage scenarios for this scenario are:

• The user requests the page, the error message appears, redirects to a new page, and the previous data needs to be displayed. (although it can be passed by URL parameters, it may have an XSS vulnerability if handled poorly).

• The user visited a page, the filter found no permissions, save the current page URL, redirect to the login page, login success, remove the value, redirect to the original page. (You may need to refresh the saved flash data here)

time when the session landed

I naively thought that Session was used::p ut The function can save this variable. So my code writes like this:

1. class logincontroller { 

2.  

3.      public function login () { 

4.          session::p ut (' key ', ' value ');   

5.          print_r ( session::all ()  )  //out to see if the put succeeds  

6.          exit;   //habitual debugging all exit, do not execute subsequent code  

7.          //return redirect::to (/);  The framework will have subsequent code execution   after return;

8.     }  

9. } &nbs P;

Results the next request is not to find this session, and look at the app/storage/session directory is no file generation. There's always something wrong.

Later saw on the network there is a method Session::save() , so I also used the next, incredibly found a successful generation of the session of the file. So I feel that laravel do not have PHP native session, then after the controller should do something, the session will be written to the file, not every put operation is write operation, so that the IO operation is too frequent, affecting performance.

View the code associated with the call. Laravel after compiling, in the bootstrap/compiled.php

2. class Middleware implements Httpkernelinterface

4. {

6. ...

8. Public function handle (Request $request, $type = httpkernelinterface::master_request, $ Catch = True)

10. {

12. $this->checkrequestforarraysessions ($request);

14. if ($this->sessionconfigured ()) {

16. $session = $this->startsession ($request); //Start session

18. $request->setsession ($session);

20. }

22. $response =app->handle $this($request, $type, $catch ); //Call Controller's method

24. if ($this->sessionconfigured ()) {

26. $this->closesession ($session); //Close Session

28. $this->addcookietoresponse ($response, $session);

30. }

32. return $response;

34. }

36. ...

40. protected function closesession (sessioninterface $session)

42. {

44. $session->save (); //Save session

46. $this->collectgarbage ($session);

48. }

50. }

Tip: If you do not know the function call condition, you can change it in the controller and throw new Exception(); then in /config/app.php the debug debug=>true . You can see the call relationship of the function .

As you can see, after the controller is called, the session->save() method is called to save the session actively. This session can be ground to save, if the controller or view in the Write exit; , then the session will not be saved, unless the active writing Session::save() can be saved manually. So in debug debugging when you must pay attention to AH.

Use of the Laravel session