Differences

This shows you the differences between two versions of the page.

--- devel:session_handling [2017-08-02 16:56] – og
+++ devel:session_handling [2023-09-02 09:55] (current) – Klap-in
@@ Line 1: / Line 1: @@
 ====== Session handling ======
-FIXME
 DokuWiki opens the session in ''inc/init.php''. After some things are initialized it is closed again. This is because PHP locks the session and this session lock may halt background requests like images, ajax, etc.
-Depending on when your plugin runs, the session might already have been closed. You can still read a closed session's variables but writing will have no effect. If you need to write to it, you need to call ''session_start()'' again, use the session as usual and close the session with ''session_write_close()'' again.
+Depending on when your plugin runs, the session might already have been closed. You can still read a closed session's variables but writing will have no effect. If you need to write to it, you need to call ''session_start()'' again, use the session as usual and close the session with ''session_write_close()'' again. To re-open a session, no chars must be sent to the clients browser.
+You can also act before the session is closed, for example when catching the DOKUWIKI_STARTED event in an Action plugin:
+<code php>
+use dokuwiki\Extension\ActionPlugin;
+use dokuwiki\Extension\EventHandler;
+use dokuwiki\Extension\Event;
+class action_plugin_demo extends ActionPlugin {
+    public function register(EventHandler $contr) {
+        $contr->register_hook('DOKUWIKI_STARTED', 'AFTER', $this, 'session_update');
+    }
+    public function session_update(Event $event, $param) {
+        global $INPUT;
+        if ($INPUT->post->has('demo_persistent_data') && checkSecurityToken()) {
+            if (!empty($_POST['demo_persistent_data'])) {
+                $_SESSION["my_persistent_data"] = $_POST['demo_persistent_data'];
+                // optionally saves the persistent data in a cookie
+                set_doku_pref("my_persistent_data",$_POST['demo_persistent_data']);
+            } else {
+                unset($_SESSION["my_persistent_data"]);
+                // optionally removes an associated cookie
+                set_doku_pref("my_persistent_data",false);
+            }
+            return;
+        }
+        // This is for all the pages of the site, other than handling the above update
+        // Optionally loads the cookie
+        if (!isset($_SESSION["my_persistent_data"])) {
+            $_SESSION["my_persistent_data"] = get_doku_pref("my_persistent_data","");
+        }
+    }
+}
+</code>
+This can be used for example in the syntax plugin:
+<code php>
+class syntax_plugin_demo extends DokuWiki_Syntax_Plugin {
+    // Connect and handle the keywords/tokens you recognize as usual
+    // ...
+    // main rendering code
+    function render($mode, Doku_Renderer $renderer, $data) {
+        // ...
+        // At some point, you can create a form to upload persistent data
+        $renderer->doc .= '<p><form id="demopersist" enctype="multipart/form-data" method="post" action="">';
+        $renderer->doc .= formSecurityToken();
+        $renderer->doc .= 'Data: <input name="demo_persistent_data" />';
+        $renderer->doc .= '<button type="submit">Make Persistent</button></form></p>';
+        // ...
-:?: When in code does it close? How to detect? If one tries to (re)open a session which is currently not closed, he get's an error.
+        // In every page, you can read the persistent data simply by accessing the $_SESSION variable
+        msg("TEST session ".$_SESSION["my_persistent_data"], 0);
+    }
+}
+</code>
-:!: To re-open a session, no chars must be sent to the clients browser.
+Obviously you should tighten the security more than in the above example, but it gives you a start.