The PHP Function Session_Name

PHP is an integral part of full-stack web development. Simplilearn’s Post Graduate Program in Full Stack Web Development offers you the opportunity to learn everything about this programming language.

Sessions are a way to store data on the server instead of a remote client’s computer and to retrieve it later. It’s a great option to use when dealing with sensitive information, such as passwords.

By default, Sessions are stored in /tmp (on *nix systems like Linux) and any system user can read them. However, this isn’t very secure and you should change the session storage path using the session_set_save_handler() function.

The php function session_name() sets the name of the current Session and it’s also used in the cookie sent to the client’s browser. By default, the session name is PHPSESSID. However, you can give it a custom name using this function.

This function also allows you to set the lifespan of the Session. The value is in seconds and it defines how long this particular session will last. After that time, the session will expire and it will be closed. PHP will automatically close the session if you exit the web browser, but you can also destroy it manually using two functions. The session_unset() function clears the $_SESSION variables and the session_destroy() function deletes both the server side ($_SESSION) and the cookies from the client’s browser. Both of these functions should be called before calling session_start().

Andreas Behr - CTO of DesertCoderz
You are a developer and looking for Shopware projects?
Apply Now!

session_name example


        $listener = new LocaleListener($this->requestStack, 'fr');
        $event = $this->getEvent($request = Request::create('/'));

        $listener->setDefaultLocale($event);
        $this->assertEquals('fr', $request->getLocale());
    }

    public function testLocaleFromRequestAttribute()
    {
        $request = Request::create('/');
        $request->cookies->set(session_name(), 'value');

        $request->attributes->set('_locale', 'es');
        $listener = new LocaleListener($this->requestStack, 'fr');
        $event = $this->getEvent($request);

        $listener->onKernelRequest($event);
        $this->assertEquals('es', $request->getLocale());
    }

    public function testLocaleSetForRoutingContext()
    {
        
public function __construct(OptinServiceInterface $optinService, Session $session)
    {
        $this->optinService = $optinService;
        $this->session = $session;
    }

    public function generate(): string
    {
        $sessionId = $this->session->get('sessionId');

        return $this->optinService->add(self::TYPE_PAYMENT_TOKEN, (int) \ini_get('session.gc_maxlifetime')[
            'name' => session_name(),
            'value' => $sessionId,
        ]);
    }

    public function restore(string $hash): ?PaymentTokenResult
    {
        $value = $this->optinService->get(self::TYPE_PAYMENT_TOKEN, $hash);

        if (!$value) {
            return null;
        }

        
throw new \LogicException('Cannot change the ID of an active session.');
        }

        session_id($id);
    }

    /** * Gets the session name. */
    public function getName(): string
    {
        return session_name();
    }

    /** * Sets the session name. * * @return void * * @throws \LogicException */
    public function setName(string $name)
    {
        
$response->headers->set('X-Drupal-Cache', 'HIT');
    }
    else {
      $response = $this->fetch($request$type$catch);
    }

    // Only allow caching in the browser and prevent that the response is stored     // by an external proxy server when the following conditions apply:     // 1. There is a session cookie on the request.     // 2. The Vary: Cookie header is on the response.     // 3. The Cache-Control header does not contain the no-cache directive.     if ($request->cookies->has(session_name()) &&
      in_array('Cookie', $response->getVary()) &&
      !$response->headers->hasCacheControlDirective('no-cache')) {

      $response->setPrivate();
    }

    // Perform HTTP revalidation.     // @todo Use Response::isNotModified() as     // per https://www.drupal.org/node/2259489.     $last_modified = $response->getLastModified();
    if ($last_modified) {
      
return true;
        }

        if (\PHP_SESSION_ACTIVE === session_status()) {
            throw new \RuntimeException('Failed to start the session: already started by PHP.');
        }

        if (filter_var(\ini_get('session.use_cookies'), \FILTER_VALIDATE_BOOL) && headers_sent($file$line)) {
            throw new \RuntimeException(sprintf('Failed to start the session because headers have already been sent by "%s" at line %d.', $file$line));
        }

        $sessionId = $_COOKIE[session_name()] ?? null;
        /* * Explanation of the session ID regular expression: `/^[a-zA-Z0-9,-]{22,250}$/`. * * ---------- Part 1 * * The part `[a-zA-Z0-9,-]` is related to the PHP ini directive `session.sid_bits_per_character` defined as 6. * See https://www.php.net/manual/en/session.configuration.php#ini.session.sid-bits-per-character. * Allowed values are integers such as: * - 4 for range `a-f0-9` * - 5 for range `a-v0-9` * - 6 for range `a-zA-Z0-9,-` * * ---------- Part 2 * * The part `{22,250}` is related to the PHP ini directive `session.sid_length`. * See https://www.php.net/manual/en/session.configuration.php#ini.session.sid-length. * Allowed values are integers between 22 and 256, but we use 250 for the max. * * Where does the 250 come from? * - The length of Windows and Linux filenames is limited to 255 bytes. Then the max must not exceed 255. * - The session filename prefix is `sess_`, a 5 bytes string. Then the max must not exceed 255 - 5 = 250. * * ---------- Conclusion * * The parts 1 and 2 prevent the warning below: * `PHP Warning: SessionHandler::read(): Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed.` * * The part 2 prevents the warning below: * `PHP Warning: SessionHandler::read(): open(filepath, O_RDWR) failed: No such file or directory (2).` */
$session->template = $theme->getTemplate();
        $session->Admin = true;

        if (!$this->Request()->isXmlHttpRequest()) {
            $this->get('events')->notify('Shopware_Theme_Preview_Starts', [
                'session' => Shopware()->Session(),
                'shop' => $shop,
                'theme' => $theme,
            ]);

            $hash = $this->container->get(OptinServiceInterface::class)->add(OptinServiceInterface::TYPE_THEME_PREVIEW, 300, [
                'sessionName' => session_name(),
                'sessionValue' => $session->get('sessionId'),
            ]);

            $url = $this->Front()->ensureRouter()->assemble([
                'module' => 'frontend',
                'controller' => 'index',
                'themeHash' => $hash,
            ]);

            $this->redirect($url);
        }
    }
session_start();
        $this->assertTrue($this->proxy->isActive());
    }

    /** * @runInSeparateProcess * * @preserveGlobalState disabled */
    public function testName()
    {
        $this->assertEquals(session_name()$this->proxy->getName());
        $this->proxy->setName('foo');
        $this->assertEquals('foo', $this->proxy->getName());
        $this->assertEquals(session_name()$this->proxy->getName());
    }

    /** * @runInSeparateProcess * * @preserveGlobalState disabled */
    public function testNameException()
    {
return true;
        }

        if (\PHP_SESSION_ACTIVE === session_status()) {
            throw new \RuntimeException('Failed to start the session: already started by PHP.');
        }

        if (filter_var(\ini_get('session.use_cookies'), \FILTER_VALIDATE_BOOL) && headers_sent($file$line)) {
            throw new \RuntimeException(sprintf('Failed to start the session because headers have already been sent by "%s" at line %d.', $file$line));
        }

        $sessionId = $_COOKIE[session_name()] ?? null;
        /* * Explanation of the session ID regular expression: `/^[a-zA-Z0-9,-]{22,250}$/`. * * ---------- Part 1 * * The part `[a-zA-Z0-9,-]` is related to the PHP ini directive `session.sid_bits_per_character` defined as 6. * See https://www.php.net/manual/en/session.configuration.php#ini.session.sid-bits-per-character. * Allowed values are integers such as: * - 4 for range `a-f0-9` * - 5 for range `a-v0-9` * - 6 for range `a-zA-Z0-9,-` * * ---------- Part 2 * * The part `{22,250}` is related to the PHP ini directive `session.sid_length`. * See https://www.php.net/manual/en/session.configuration.php#ini.session.sid-length. * Allowed values are integers between 22 and 256, but we use 250 for the max. * * Where does the 250 come from? * - The length of Windows and Linux filenames is limited to 255 bytes. Then the max must not exceed 255. * - The session filename prefix is `sess_`, a 5 bytes string. Then the max must not exceed 255 - 5 = 250. * * ---------- Conclusion * * The parts 1 and 2 prevent the warning below: * `PHP Warning: SessionHandler::read(): Session ID is too long or contains illegal characters. Only the A-Z, a-z, 0-9, "-", and "," characters are allowed.` * * The part 2 prevents the warning below: * `PHP Warning: SessionHandler::read(): open(filepath, O_RDWR) failed: No such file or directory (2).` */
public function testSessionLessRememberMeLogout()
    {
        $client = $this->createClient(['test_case' => 'RememberMe', 'root_config' => 'stateless_config.yml']);

        $client->request('POST', '/login', [
            '_username' => 'johannes',
            '_password' => 'test',
        ]);

        $cookieJar = $client->getCookieJar();
        $cookieJar->expire(session_name());

        $this->assertNotNull($cookieJar->get('REMEMBERME'));
        $this->assertSame('lax', $cookieJar->get('REMEMBERME')->getSameSite());

        $client->request('GET', '/logout');
        $this->assertSame(302, $client->getResponse()->getStatusCode(), 'Logout unsuccessful.');
        $this->assertNull($cookieJar->get('REMEMBERME'));
    }

    public static function provideConfigs()
    {
        
$bag = new AttributeBag();
        $bag->setName('flashes');

        $storage = $this->getStorage();
        $storage->registerBag($bag);

        $this->assertEquals($storage->getBag('flashes')$bag);
    }

    public function testRegenerateInvalidSessionIdForNativeFileSessionHandler()
    {
        $_COOKIE[session_name()] = '&~[';
        session_id('&~[');
        $storage = new NativeSessionStorage([]new NativeFileSessionHandler());
        $started = $storage->start();

        $this->assertTrue($started);
        $this->assertMatchesRegularExpression('/^[a-zA-Z0-9,-]{22,250}$/', session_id());
        $storage->save();

        $_COOKIE[session_name()] = '&~[';
        session_id('&~[');
        $storage = new NativeSessionStorage([]new SessionHandlerProxy(new NativeFileSessionHandler()));
        
throw new \LogicException('Cannot change the ID of an active session.');
        }

        session_id($id);
    }

    /** * Gets the session name. */
    public function getName(): string
    {
        return session_name();
    }

    /** * Sets the session name. * * @return void * * @throws \LogicException */
    public function setName(string $name)
    {
        
/** * Print the current session ID as read from the cookie. * * @param \Symfony\Component\HttpFoundation\Request $request * The request object. * * @return string * A notification message with session ID. */
  public function getIdFromCookie(Request $request) {
    return ['#markup' => 'session_id:' . $request->cookies->get(session_name()) . "\n", '#cache' => ['contexts' => ['cookies:' . session_name()]]];
  }

  /** * Stores a value in $_SESSION['session_test_value']. * * @param string $test_value * A session value. * * @return string * A notification message. */
  
use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorageFactory;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
use Symfony\Component\HttpKernel\EventListener\SessionListener;
use Symfony\Component\HttpKernel\HttpKernelInterface;

/** @var Response $r */
$r = require __DIR__.'/common.inc';

$sessionId = 'vqd4dpbtst3af0k4sdl18nebkn';
session_id($sessionId);
$sessionName = session_name();
$_COOKIE[$sessionName] = $sessionId;

$request = new Request();
$request->cookies->set($sessionName$sessionId);

$requestStack = new RequestStack();
$requestStack->push($request);

$sessionFactory = new SessionFactory($requestStacknew NativeSessionStorageFactory());

$container = new Container();
Home | Imprint | This part of the site doesn't use cookies.