How do I get the Session ID in a Symfony action? - session

I'm using Symfony 1.4 and Doctrine 1.2. I need to get the session ID inside an action.
I'm using doctrine session storage and that works fine. I'm also using sfDoctrineGuardPlugin and am able to get and set session variables in the user according to recommended practice, using code like this:
$this->getUser()->setAttribute('variable_name', $value);
$value = $this->getUser()->getAttribute('variable_name');
But how do I get the session id of the current user?

It seems like you can't access the sfStorage from the user object. The sfSessionStorage stores the user data in the session...
So the only way I currently see is calling the 'native' session_id().
If you want to it perfectly you should extends the sfSessionStorage adding a method to retrieve the session id. Then assign this storage to the user, and you would be able to call $this->getUser()->getStorage()->getSessionId();.

Related

Flash message require session

I'm trying to use express-flash in a standard web express js app. I don't want to use session, because I want to do the app as stateless as possible, but when I try to use without session, the app show me this error:
req.flash() requires sessions
Can I use express-flash without session? Can I use other alternatives for this kind of messages?
Thanks.
Note: A flash message is a variable stored within a session that is only available once, for the next request. That is if we put a flash variable and renders a page, the flash variable is available but if we render the same (or other) page again the flash variable is not present (it is destroyed).
-- acanimal
Based on this premise, you need to have sessions to use message flashing.
One way I think you can accomplish what you want is to add an item to the request (req) object in your middleware, and then in your controller, check if the key exists. You can then pass a specific message to your template, assuming you're using a template engine or pass it as part of your response.
Hope this helps.

Sessions in Meteor

After a research it seems that Meteor Sessions are reset after refreshing page or opening the website in new tab, i.e. they are not usual server-side sessions but something like global javascript variables on client-side. Some people advice to use AmplifyJS, but I'm not sure that it will work like usual session in other frameworks/languages and also it is a third party library, so is there any normal way to use sessions in Meteor, i.e. keep user-specific data on server?
At this moment I'm handling that by using custom Collections, but it is not an ideal way of doing that because it is needed to remove expired values from Collection manually, which makes additional troubles.
Yes this is correct. Despite the name Session is nothing like a cookie, but just a reactive form of a variable stored in a hashmap
To keep data persistent across tabs you need to use a Collections (as this is the only way to reactively share data across tabs) - Cookies can't work because they can't be made reactive as data needs to be sent to the server to notify the client when there is a change. There really wouldn't be another way at the moment as the publish/subscribe methods can only send down data from collections at the moment.
You can use your setup you have now with your custom collection. You can use a server side cron job to remove expired data (either with Meteor.setInterval or Tom Coleman's cron.
There is a package developed just for that: https://atmospherejs.com/u2622/persistent-session
After installation you can use the following functions to set sessions which are persistent:
//store a persistent session variable which is stored across templates
Session.setPersistent(key, value);
//same as above, but automatically deletes session data when user logs out
Session.setAuth(key, value);
I've tried the package and it works like charm.

How to make Symfony2 read php native session directly

I have a Symfony2 app and I have to read the sessions set from another, non-symfony app.
The non-symfony app just set its sessions into $_SESSION, as usual.
However, when I attempt to read this session, the data isn't there. No matter I do it by
$session = $this->get('request')->getSession();
var_dump($session->all());
or even (I know I shouldn't do this, but anyway)
var_dump($_SESSION);
and this gives me session already started error, and I have no idea why there is error despite I have never started session in the Symfony app. Tells me if this way actually work so that I can look into session_start() thing.
$session = new Session();
$session->start();
var_dump($session->all());
The PHPSESSID cookie is set in the Symfony2 app and its value is the same as the cookie set in the non-symfony app, but my Symfony2 app just refuse to read the content of the session. ($session->getName() returns PHPSESSID, to be clear)
(To be exact, both apps are under same domain but different subdomains, and I have already set framework.session.domain correctly in app/config.yml in Symfony app and called session_set_cookie_params on the non-symfony app to have the same domain setting to allow sharing session cookie between subdomains i.e. .example.com)
So how do you read sessions in a Symfony2 app/Controller that is set by a non-symfony app? Thanks.
I am using Symfony 2.1, if this matters.
No need to write a custom session handler, the native one from Symfony2 can directly read/write from the default PHP $_SESSION.
In config.yml of your Symfony2 app, add a save_path option as below:
framework:
session:
save_path: ~
Clean the cache, and now your sessions will be saved in the default PHP path instead of the Symfony2 sessions folder. You can now share data, that's what I did to login data between a new Sf2 app and an old Sf1 app.
You won't be able to use the native Symfony2 session wrapper classes because they read session data from app/cache/{env}/sessions/{session_id}, and your non-Symfony2 app isn't writing its session data to that location.
You could write a custom session handler in your non-Symfony2 app that writes to that location, or better still you could write a native session handler class in Symfony2 which bypasses the default Symfony2 session read location and gets it from the default PHP session path
EDIT: Since writing this answer there is now a much more elegant solution available in gadbout's post below.

In CakePHP 1.3 is there any advantage of using $this->Controller->Session over $this->Session in a component?

I'm using a modified version of Felix Geisendörfer's SimpleAuth/SimpleAcl components that I've combined into a single Component, Simple_Authable.
I changed his startup() function to initialize() to not clutter the beforeFilter function in my app_controller.
One of the things that this component does is check who the active user is and if that user can't be found it either looks him up based on the primary User.id or uses 'guest'. Either way, the component uses $this->Controller->Session->write() to save the active user or guest information.
I'm also using Felix's Authsome plugin instead of the default CakePHP Auth component.
When I'm logging in, the active user is guest, obviously.
After I've submitted the form, the active user is still guest because the component's initialize() function is firing before everything else. Then, the Authsome plugin comes into play and validates my user as "root" and also calls $this->SimpleAuthable->setActiveUser($id, true); to force SimpleAuthable to update the active user information it is storing via $this->Controller->Session; Then I am redirected and my simple Session information and DebugKit's Session tab reflect that I am indeed the root user.
However, when I try to navigate to an 'admin' page, let's say /admin/users/index, lo and behold SimpleAuthable thinks I'm still a 'guest' user because when it performs a $this->Controller->Session->read() call to the key holding my user id, it is getting an empty response, i.e., the data stored on the previous page didn't persist.
Maybe there is something funky happening between Authsome & SimpleAuthable, but things look pretty straightforward and to my mind, $this->Controller->Session should be saving and persisting the data written to it.
So, I'm looking at refactoring all the calls to $this->Controller->Session and replacing them with $this->Session but first I wanted to throw this out to the community and see if anybody has seen anything similar and if so how did they resolve it.
Sincerely,
Christopher.
I found the problem... I'm also using Joshua McNeese's Permissionable plugin and I needed to disable it for the $this->Controller->{$this->userModel}->findById($id); in my SimpleAuthable component when I try to lookup the current active user.
Note to self: I would have caught this faster if I had some unit testing in place :(.

Session not ending in ASP.NET

I have created an asp.net application in which i have used global.asax. I have created a static class which stores user information such as LoginID, CompanyID etc using properties. A property IsLoggedIn indicates whether user logged in or not. I have created a method ResetAll() within the same class to reset those properties.
The problem is that if the user directly closes the browser window without logging off the property values are not resetted. Therefore if the user opens a new browser window, the user is logged in automatically. I have also called ResetAll() within from Session_End() but still it is not working. Could someone explain me whats wrong with that or simply how to reset the property values if the user directly closes the browser window.
If I am reading this correctly and you have a class with static members, then you are going to run into issues. With an ASP.NET web app, static members are static for the entire AppDomain, not just for an individual user, so the values would be the same no matter where the request has come from.
It sounds like what you really need to think about doing is storing an instance of the user information class in the session. That way the information is specific to that particular user. Also, that should solve your issue as the session cookie is normally removed when the browser window is closed, forcing a new session when the browser window is re-opened.
So something like:
Dim thisUser As New UserInformation()
thisUser.LoginID = someValue
Session("UserInformation") = thisUser
You cannot make the class static. Worse than keeping the user logged in across sessions is the fact you cannot have multiple users in your system. They will all share the same login information. You should read about static.
What you want is to store an instance of that class in the session and access it whenever you need.

Resources