It's better when it's simple

User Tools

Site Tools


Session handling

DokuWiki opens the session in inc/init.php. After some things are initialized it is closed again. This is because PHP locks the session and this session lock may halt background requests like images, ajax, etc.

Depending on when your plugin runs, the session might already have been closed. You can still read a closed session's variables but writing will have no effect. If you need to write to it, you need to call session_start() again, use the session as usual and close the session with session_write_close() again. To re-open a session, no chars must be sent to the clients browser.

You can also act before the session is closed, for example when catching the DOKUWIKI_STARTED event in an Action plugin:

use dokuwiki\Extension\ActionPlugin;
use dokuwiki\Extension\EventHandler;
use dokuwiki\Extension\Event;
class action_plugin_demo extends ActionPlugin {
    public function register(EventHandler $contr) {
        $contr->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'session_update');
    public function session_update(Event $event, $param) {
        global $INPUT;
        if ($INPUT->post->has('demo_persistent_data') && checkSecurityToken()) {
            if (!empty($_POST['demo_persistent_data'])) {
                $_SESSION["my_persistent_data"] = $_POST['demo_persistent_data'];
                // optionally saves the persistent data in a cookie
            } else {
                // optionally removes an associated cookie
        // This is for all the pages of the site, other than handling the above update
        // Optionally loads the cookie
        if (!isset($_SESSION["my_persistent_data"])) {
            $_SESSION["my_persistent_data"] = get_doku_pref("my_persistent_data","");

This can be used for example in the syntax plugin:

class syntax_plugin_demo extends DokuWiki_Syntax_Plugin {
    // Connect and handle the keywords/tokens you recognize as usual
    // ...
    // main rendering code
    function render($mode, Doku_Renderer $renderer, $data) {
        // ... 
        // At some point, you can create a form to upload persistent data
        $renderer->doc .= '<p><form id="demopersist" enctype="multipart/form-data" method="post" action="">';
        $renderer->doc .= formSecurityToken();
        $renderer->doc .= 'Data: <input name="demo_persistent_data" />';
        $renderer->doc .= '<button type="submit">Make Persistent</button></form></p>';
        // ... 
        // In every page, you can read the persistent data simply by accessing the $_SESSION variable
        msg("TEST session ".$_SESSION["my_persistent_data"], 0);

Obviously you should tighten the security more than in the above example, but it gives you a start.

devel/session_handling.txt · Last modified: 2023-09-02 09:55 by Klap-in

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki