Beschreibung
WordPress core does not use PHP sessions, but sometimes they are required by your use-case, a plugin or theme.
This plugin implements PHP’s native session handlers, backed by the WordPress database. This allows plugins, themes, and custom code to safely use PHP $_SESSIONs in a distributed environment where PHP’s default tempfile storage just won’t work.
Note that primary development is on GitHub if you would like to contribute:
https://github.com/pantheon-systems/wp-native-php-sessions
Contributing
The best way to contribute to the development of this plugin is by participating on the GitHub project:
https://github.com/pantheon-systems/wp-native-php-sessions
Pull requests and issues are welcome!
You may notice there are two sets of tests running, on two different services:
- Travis CI runs the PHPUnit test suite.
- Circle CI runs the Behat test suite against a Pantheon site, to ensure the plugin’s compatibility with the Pantheon platform.
Both of these test suites can be run locally, with a varying amount of setup.
PHPUnit requires the WordPress PHPUnit test suite, and access to a database with name wordpress_test. If you haven’t already configured the test suite locally, you can run bash bin/install-wp-tests.sh wordpress_test root '' localhost.
Behat requires a Pantheon site. Once you’ve created the site, you’ll need install Terminus, and set the TERMINUS_TOKEN, TERMINUS_SITE, and TERMINUS_ENV environment variables. Then, you can run ./bin/behat-prepare.sh to prepare the site for the test suite.
Problembehandlung
If you see an error like „Fatal error: session_start(): Failed to initialize storage module: user (path: ) in …/code/wp-content/plugins/plugin-that-uses-sessions/example.php on line 2“ you likely have a plugin in the mu-plugins directory that is instantiating a session prior to this plugin loading. To fix, you will need to deactivate this plugin and instead load it via an mu-plugin that loads first, e.g. create an mu-plugin called 00.php and add a line in it to include the wp-native-php-sessions/pantheon-sessions.php file and the problem should disappear.
Installation
- Upload to the
/wp-content/plugins/directory - Aktiviere das Plugin im „Plugins“-Menü in WordPress
That’s it!
FAQ
-
Why not use another session plugin?
-
This implements the built-in PHP session handling functions, rather than introducing anything custom. That way you can use built-in language functions like the
$_SESSIONsuperglobal andsession_start()in your code. Everything else will „just work“. -
Why store them in the database?
-
PHP’s fallback default functionality is to allow sessions to be stored in a temporary file. This is what most code that invokes sessions uses by default, and in simple use-cases it works, which is why so many plugins do it.
However, if you intend to scale your application, local tempfiles are a dangerous choice. They are not shared between different instances of the application, producing erratic behavior that can be impossible to debug. By storing them in the database the state of the sessions is shared across all application instances.
Rezensionen
Mitwirkende & Entwickler
„WordPress Native PHP Sessions“ ist Open-Source-Software. Folgende Menschen haben an diesem Plugin mitgewirkt:
Mitwirkende
„WordPress Native PHP Sessions“ wurde in 1 Sprache übersetzt. Danke an die Übersetzerinnen und Übersetzer für ihre Mitwirkung.
Übersetze „WordPress Native PHP Sessions“ in deine Sprache.
Interessiert an der Entwicklung?
Durchstöbere den Code, sieh dir das SVN Repository an oder abonniere das Entwicklungsprotokoll per RSS.
Änderungsprotokoll
1.2.0 (May 18th, 2020)
- Avoids using cookies for sessions when WP-CLI is executing [#154].
1.1.0 (April 23rd, 2020)
- Avoids initializing PHP sessions when doing cron [#149].
1.0.0 (March 2nd, 2020)
- Plugin is stable.
0.9.0 (October 14th, 2019)
- Refactors session callback logic into
Session_Handlerabstraction, fixing PHP notice in PHP 7.3 [#135].
0.8.1 (August 19th, 2019)
- Fixes handling of ‚X-Forwarded-For‘ header in
get_client_ip_server()[#126].
0.8.0 (August 13th, 2019)
- Respects various
HTTP_*sources for client IP address [#122].
0.7.0 (April 3rd, 2019)
- Adds a safety check that restores
$wpdbwhen it’s missing.
0.6.9 (May 15th, 2018)
- Ensures
_pantheon_session_destroy()uses a return value.
0.6.8 (May 4th, 2018)
- Switches to
E_USER_WARNINGinstead ofE_WARNINGwhen triggering errors.
0.6.7 (April 26th, 2018)
- Disables plugin load when
WP_INSTALLING, because session table creation breaks installation process.
0.6.6 (March 8th, 2018)
- Restores session instantiation when WP-CLI is executing, because not doing so causes other problems.
0.6.5 (February 6th, 2018)
- Disables session instantiation when
defined( 'WP_CLI' ) && WP_CLIbecause sessions don’t work on CLI.
0.6.4 (October 10th, 2017)
- Triggers PHP error when plugin fails to write session to database.
0.6.3 (September 29th, 2017)
- Returns false when we entirely fail to generate a session.
0.6.2 (June 6th, 2017)
- Syncs session user id when a user logs in and logs out.
0.6.1 (May 25th, 2017)
- Bug fix: Prevents warning session_write_close() expects exactly 0 parameters, 1 given.
0.6.0 (November 23rd, 2016)
- Bug fix: Prevents PHP fatal error in
session_write_close()by running on WordPress‘shutdownaction, before$wpdbdestructs itself. - Bug fix: Stores the actual user id in the sessions table, instead of
(bool) $user_id.
0.5
- Compatibility with PHP 7.
- Adds
pantheon_session_expirationfilter to modify session expiration value.
0.4
- Adjustment to
session_id()behavior for wider compatibility - Using superglobal for REQUEST_TIME as opposed to
time()
0.3
- Fixes issue related to WordPress plugin load order
0.1
- Erstveröffentlichung