21.2. Basic Usage

Zend_Session utilizes ext/session and its special $_SESSION superglobal as the storage mechanism for session state data. While $_SESSION is still available in the global namespace, developers should refrain from directly accessing it, so that Zend_Session can most effectively and securely provide its suite of session related functionality.

21.2.1. Tutorial Examples

If no namespace is specified when instantiating Zend_Session, all data will be transparently stored in the 'Default' namespace. The example below demonstrates use of the 'Default' namespace and shows how to count the number of times a user views pages on your website, add the following code to your ZF bootstrap area (except for the echo):

Example 21.1. Counting Page Views

<?php
    require_once 'Zend/Session.php';
    $session = new Zend_Session();
    $session->numberOfPageRequests++; // this will increment for each page load.
    echo "Page requests this session: ", $session->numberOfPageRequests;
?>

One of the many benefits of Zend_Session is that multiple modules can use Zend_Session and be provided some level of data encapsulation. Zend_Session can be passed an optional $namespace argument in the constructor, which allows other components, modules, and developer specific code to be assured that their data is protected by a partition between data areas used by other components, modules, and developer code. Namespacing provides an effective and popular way to "secure" one a subset of your session state data against accidental changes. Namespace names are restricted to character sequences represented as non-empty PHP strings that do not begin with an underscore ('_') character. Only core components included in the Zend Framework should use namespace names starting with 'Zend_'.

Example 21.2. New Way: Namespaces Avoid Collisions

<?php
    // in the Zend-Auth component
    require_once 'Zend/Session.php';
    $auth_session = new Zend_Session('Zend_Auth');
    $auth_session->user = "myusername";

    // in a web services component
    $web_service_session = new Zend_Session('Some_Web_Service');
    $web_service_session->user = "mywebusername";
?>

The example above achieves the same effect as the code below, except that the session objects above preserve encapsulation of session data within their respective namespaces. Various checks combined with a singleton pattern in Zend_Session_Core are responsible for enforcing the encapsulation.

Example 21.3. Old Way: PHP Session Access

<?php
    $_SESSION['Zend_Auth']['user'] = "myusername";
    $_SESSION['Some_Web_Service']['user'] = "mywebusername";
?>

21.2.2. Iterating Over Session Namespaces

Zend_Session provides the full IteratorAggregate interface , including support for the foreach statement:

Example 21.4. Session Iteration

<?php
    // Zend_Session is iteratable
    require_once 'Zend/Session.php';
    $my_session = new Zend_Session();
    foreach ($my_session as $name => $value) {
        ....
    }
?>

21.2.3. Accessors for Session Namespaces

The usual accessors are available, via the __set(), __unset(), __isset(), and __get() magic methods. The magic methods should not be used directly, except from within a subclass of Zend_Session. Instead, use the normal operators to invoke these magic methods, such as:

Example 21.5. Accessing Session Data

<?php
            $object->property = $value; echo
            (isset($object->property) ? 'set' : 'unset');
?>