scache - scache

scache_reset, scache_preset

Description

resource scache_reset(string id [, string host [, string secret [, long expire [, long port [, long flags]]]]])

resource scache_preset(string id [, string host [, string secret [, long expire [, long port [, long flags]]]]])

bool $SCacheConnection->reset()

scache_reset and scache_preset opens connection to scached server and creates new or resets already existing session id, provided that secret matches in case of existing session has one set.

Both functions do a round trip to scached, scache_preset opens connection as persistent and reuses existing connections while scache_reset doesn't.

id is in most cases the cookie or whatever you send to browsers to distinguish them between. secret is meant to be web application specific check to be matched on a case where same scached is used between not so trustworthy apps and servers. If secret is set it must match on further opens. On a simple local-only scacheds secret has no sensible uses.

scache_open, scache_reset and scache_connect are all for opening session handle. Differencies between them are :

scache_connect initiates tcp connection to scached, but doesn't query anything. It merely prepares connection to use values provided. scache_connect operates only on existing and valid sessions and never create a new one.
scache_open initiates tcp connection and queries server. If session with provided id exists and optional secret matches, scache_open returns that session. If session doesn't exist, it will be created and scache_open acts like scache_reset. If return value is not FALSE, session is verified to be valid unlike with scache_connect where validness is not resolved out until on first actual operation.
scache_reset also initiates tcp connection and queries server, but it always resets and creates session whether it exists or not, as long as secret match if set on possibly existing session. As like with scache_open non-false result is actually verified.

Class interface does not support parameters on reset method. All parameters are given in SCache object's constructor.

Parameters

Unique session identifier that distinguishes sessions from each other on scached. Basically this is the cookie or whatever you use to distinguish your users. Scache treats this as null terminated c-string so it is not binary safe.

host

Host name of server to connect. If host name begins with slash (/) it is treated as a unix socket path to local filesystem. If hostname is null, system default path or ini-overrided value is used.

secret

Secret to match on already existing session or to be set to a new session. Scache treats this as null terminated c-string meaning it is not binary safe.

expire

Maximum idle time in seconds of created session between queries. If expire time is exceeded, session is invalidated in complete. If expire is false, either system default or it's ini overrided value is used.

port

TCP-port of host to connect. If port is false, either system default or it's ini overriden value is used.

flags

Something not to be used.

Return values

Class interface returns either TRUE on success or FALSE on failure, while procedural interface returns session resource on success or FALSE on failure. All other functions operate on this returned resource as their first parameter.

In case of failure, error codes resolvable by scache_lasterr is one of below :

SCERR_EXIST Session specified already exist but with differing secret. Session won't be overwritten without providing correct secret.
SCERR_LIMITS_REACHED Partition has exceeded its memory or node limits and new session cannot be created until memory is freed.
SCERR_NOT_CONNECTED Connection to backend is broken and cannot be reconnected.
SCERR_PROTOCOL Internal protocol error has occurred when communicating to backend. This indicates something is severely broken.

Notes

On a normal life-cycle you should separate user login from other activities and create session on that login phase with either scache_open or scache_reset. With scache_open you can detect already existing session and choose to select another session identifier while scache_reset always resets session leaving undetectable possibility that there is another user using same identifier. It's a case how much you trust you id's uniqueness.

On the later page loads you should acquire session resource with scache_connect to avoid unnecessary backend queries. Good practice is to separate session initialization from it's further use.

Finally you log out the user by destroying session with scache_drop

Examples

<?php
$new_session_identifier = uniqid();
$session = scache_reset($new_session_identifier, 'myhost.tcp.ip', 'SuperSeCREt');
?>

By class interface, equal session initialization must be done in two stages :

<?php
$new_session_identifier = uniqid();
$session = new SCache($new_session_identifier, 'myhost.tcp.ip', 
                      false /* default-expire */,
		      true /* persistent */, 'SuperSeCREt');
$session->reset();
?>