scache - scache

scache_open, scache_popen

Description

resource scache_open(string id [, string host [, string secret [, long expire [, long port [, long flags ]]]]])

resource scache_popen(string id [, string host [, string secret [, long expire [, long port [, long flags ]]]]])

bool $SCacheConnection->open()

scache_open and scache_popen opens connection to scached server and queries for session id provided. If session is found, it's verified and returned to caller. If session is not found, session will be created.

Both functions does a round trip to scached, scache_popen opens connection as persistent and reuses existing connections while scache_open doesn't.

Id is in most cases the cookie or whatever you send to browsers to distinguish them between. Secret is meant to be web application specific check to be matched on a case where same scached is shared between not so trustworthy apps and servers. If secret is set, it must match on further opens. On a simple local-only scacheds secret has no sensible uses.

scache_open, scache_reset and scache_connect are all for opening session handle. Differencies between them are :

scache_connect initiates tcp connection to scached, but doesn't query anything. It merely prepares connection to use values provided. scache_connect operates only on existing and valid sessions and never create a new one.
scache_open initiates tcp connection and queries server. If session with provided id exists and optional secret matches, scache_open returns that session. If session doesn't exist, it will be created and scache_open acts like scache_reset. If return value is not FALSE, session is verified to be valid unlike with scache_connect where validness is not resolved out until on first actual operation.
scache_reset also initiates tcp connection and queries server, but it always resets and creates session whether it exists or not, as long as secret match if set on possibly existing session. As like with scache_open non-false result is actually verified.

Class interface does not support parameters on open method. All parameters are given in SCache object's constructor.

Parameters

Unique session identifier that distinguishes sessions from each other on scached. Basically this is the cookie or whatever you use to distinguish your users. Scache treats this as null terminated c-string so it is not binary safe.

host

Host name of server to connect. If host name begins with slash (/) it is treated as a unix socket path to local filesystem. If hostname is null, system default path or ini-overrided value is used.

secret

Secret to match on already existing session or to be set to a new session. Scache treats this as null terminated c-string meaning it is not binary safe.

expire

Maximum idle time in seconds of created session between queries. If expire time is exceeded, session is invalidated in complete. If expire is false, either system default or it's ini overrided value is used.

port

TCP-port of host to connect. If port is false, either system default or it's ini overriden value is used.

flags

Something not to be used.

Return values

Class interface returns either TRUE on success or FALSE on failure, while procedural interface returns session resource on success or FALSE on failure. All other functions operate on this returned resource as their first parameter.

In case of failure, error codes resolvable by scache_lasterr is one of below :

SCERR_EXIST Session specified already exist but with differing secret. Session won't be opened without providing correct secret.
SCERR_LIMITS_REACHED Partition has exceeded its memory or node limits and new session cannot be created until memory is freed.
SCERR_NOT_CONNECTED Connection to backend is broken and cannot be reconnected.
SCERR_PROTOCOL Internal protocol error has occurred when communicating to backend. This indicates something is severely broken.

Notes

On a normal life-cycle you should separate user login from other activities and create session on that login phase with either scache_open or scache_reset. With scache_open you can detect already existing session and choose to select another session identifier while scache_reset always resets session leaving undetectable possibility that there is another user using same identifier. It's a case how much you trust you id's uniqueness.

On the later page loads you should acquire session resource with scache_connect to avoid unnecessary backend queries. Good practice is to separate session initialization from it's further use.

Finally you log out the user by destroying session with scache_drop

Examples

<?php
$my_session_identifier = $_COOKIE['MySessionIdentifier'];
$session = scache_open($my_session_identifier);
?>

By class interface, equal session opening must be done in two stages :

<?php
$my_session_identifier = $_COOKIE['MySessionIdentifier'];
$session = new SCache($my_session_identifier);
$session->open();
?>

Although when using class interface you probably spare your keyboard and omit session opening altogether, relying only to SCache-object initialization as it equals to scache_connect in itself.