I just committed some significant changes to our session handling code in the trunk so we can control some of the settings from the config file, as well as provide a custom session handling class (via XPDO) to store sessions in the database. MODx will still work as is, without XPDO for MODx 0.9.5 and the custom session handling class, but I’m sure you all want to try out the new database-controlled session capabilities.
So, there are just a few simple steps to using the custom database session handling, which will also give you a preliminary look at an object-oriented API built with XPDO for all the current MODx 0.9.5 database tables. This API is far from exhaustive, but provides at least some centralized functionality now, and can easily be extended to handle more before we release 0.9.5. But without further ado, here are the steps to configure the new modSessionHandler class, as well as the XPDO for 0.9.5 Preview in the process:
NEW INSTALLATION
- export or checkout MODx from SVN trunk (revision 1196 or above)
- extract the contents of the attached xpdo-095-20060728.zip file into the root of your MODx installation
- run the new installation process
- set the value of $modx_session_handler in your config.inc.php to ’modx095.modSessionHandler’ (example line is commented in the new config.inc.php)
UPGRADE INSTALLATION
- export or checkout MODx from SVN trunk (revision 1196 or above) and run the upgrade installation process. Running the upgrade will change the contents of your config.inc.php file so this step is necessary.
- extract the contents of the attached xpdo-095-20060728.zip file into the root of your MODx installation
- change the following lines of your /manager/includes/config.inc.php by removing the comment // in front (uncomment it):
//$modx_session_handler= 'modx095.modSessionHandler';
That’s it. Start up MODx as usual, and you should have sessions in your database instead of the filesystem; look for a table called {table_prefix}session, which will be created the first time a session is created once modSessionHandler is configured properly. And to disable it, just set $modx_session_handler = ’’ again.
You might also notice that you can set the values of two constants in the new config.inc.php file:
- MODX_SESSION_GC_MAXLIFETIME will determine the number of seconds before a session record expires and should be garbage collected; when using modx095.modSessionHandler, this is controlled without affecting the php ini setting, otherwise it attempts the ini_set(’session.gc_maxlifetime’, MODX_SESSION_GC_MAXLIFETIME)... [Default is 60*60*24*14, or 14 days]
- MODX_SESSION_COOKIE_LIFETIME will determine how many seconds before the session cookie expires and a user visiting will be forced to get a new session... [Default is 60*60*24*7, or 7 days; 0 means cookie is removed when browser is closed]
That’s enough for now (I think I covered the major points anyway). Let me know if you run into any pitfalls, or just have questions about this. I’ll post updates to the XPDO-powered API along with example add-ons that use it very soon.