Class for working with the $_SESSION array, including read-once flashes.

On instantiation, lazy-starts the session. That is, if a session cookie already exists, it starts the session; otherwise, it waits until the first attempt to write to the session before starting it.

Instantiate this once for each class that wants access to $_SESSION values. It automatically segments $_SESSION by class name, so be sure to use setClass() (or the 'class' config key) to identify the segment properly.

A "flash" is a session value that propagates only until it is read, at which time it is removed from the session. Taken from ideas popularized by Ruby on Rails, this is useful for forwarding information and messages between page loads without using GET vars or cookies.


This class is part of the Solar_Session package.


Configuration Keys

  • class: Store values in this top-level key in $_SESSION. Default is 'Solar'.

  • handler: A Solar_Session_Handler dependency injection. Default is the string 'php', which means to use the native PHP session save. handler instead of a dependency injection.

  • P3P: Compact [Platform for Privacy Preferences][] policy. Default is 'CP="CAO COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT STA"', which translates to: CAO ACCESS Element: the ability of the individual to view identified data and address questions or concerns to the service provider. CAO is short for 'contact-and-other', meaning Identified Contact Information and Other Identified Data: access is given to identified online and physical contact information as well as to certain other identified data. COR REMEDIES Element: Remedies in case a policy breach occurs. COR is short for 'correct', meaning Errors or wrongful actions arising in connection with the privacy policy will be remedied by the service. CURa ADMa DEVa TAIa PURPOSE Elements: Purposes for data processing relevant to the Web. The 'a' following each code indicates 'always', meaning the site provides no opt-in/opt-out choices for the information collected in the CATEGORIES Elements. CUR is short for 'current', meaning Completion and Support of Activity For Which Data Was Provided: Information may be used by the service provider to complete the activity for which it was provided, whether a one-time activity such as returning the results from a Web search, forwarding an email message, or placing an order; or a recurring activity such as providing a subscription service, or allowing access to an online address book or electronic wallet. ADM is short for 'admin', meaning Web Site and System Administration: Information may be used for the technical support of the Web site and its computer system. This would include processing computer account information, information used in the course of securing and maintaining the site, and verification of Web site activity by the site or its agents. DEV is short for 'develop', meaning Research and Development: Information may be used to enhance, evaluate, or otherwise review the site, service, product, or market. This does not include personal information used to tailor or modify the content to the specific individual nor information used to evaluate, target, profile or contact the individual. TAI is short for 'tailoring', meaning One-time Tailoring: Information may be used to tailor or modify content or design of the site where the information is used only for a single visit to the site and not used for any kind of future customization. For example, an online store might suggest other items a visitor may wish to purchase based on the items he has already placed in his shopping basket. OUR RECIPIENT Element: The legal entity, or domain, beyond the service provider and its agents where data may be distributed. OUR is short for 'ourselves', meaning Ourselves and/or entities acting as our agents or entities for whom we are acting as an agent: An agent in this instance is defined as a third party that processes data only on behalf of the service provider for the completion of the stated purposes. (e.g., the service provider and its printing bureau which prints address labels and does nothing further with the information.) BUS IND RETENTION Elements: The type of retention policy in effect. BUS is short for 'business-practices', meaning Determined by service provider's business practice: Information is retained under a service provider's stated business practices. IND is short for 'indefinitely', meaning Information is retained for an indeterminate period of time. UNI COM NAV INT STA CATEGORIES Elements: Elements inside data elements that provide hints to users and user agents as to the intended uses of the data. UNI is short for 'uniqeid', meaning Unique Identifiers: Non-financial identifiers, excluding government-issued identifiers, issued for purposes of consistently identifying or recognizing the individual. These include identifiers issued by a Web site or service. COM is short for 'computer', meaning Computer Information: Information about the computer system that the individual is using to access the network -- such as the IP number, domain name, browser type or operating system. NAV is short for 'navigation', meaning Navigation and Click-stream Data: Data passively generated by browsing the Web site -- such as which pages are visited, and how long users stay on each page. INT is short for 'interactive', meaning Interactive Data: Data actively generated from or reflecting explicit interactions with a service provider through its site -- such as queries to a search engine, or logs of account activity. STA is short for 'state', meaning State Management Mechanisms: Mechanisms for maintaining a stateful session with a user or automatically recognizing users who have visited a particular site or accessed particular content previously -- such as HTTP cookies. Please refer to the W3C P3P specification for more information on customizing this default policy. A compact policy delivered in an HTTP header is only part of a complete P3P implementation. [Platform for Privacy Preferences]: http://www.w3.org/TR/P3P/



Public Properties

The Solar_Session class has no public properties; try the list of all properties.

Public Methods

These are all the public methods in the Solar_Session class.

You can also view the list of all public, protected, and private methods.




Default destructor; does nothing other than provide a safe fallback for calls to parent::__destruct().


Magic get for store and flash as a temporary measure.


Appends a normal value to a key; this will start the session if needed.


Appends a flash value to a key; this will start the session if needed.


Deletes a key from the store, removing it entirely.


Deletes a flash key, removing it entirely.


Convenience method for getting a dump the whole object, or one of its properties, or an external variable.


Gets a normal value by key, or an alternative default value if the key does not exist.


Gets the current class segment for $_SESSION.


Gets a flash value by key, thereby removing the value.


Whether or not the session currently has a particular data key stored.


Whether or not the session currently has a particular flash key stored.


Tells if the session segment is loaded or not.


Has a session been started yet?


Lazy-start the session (i.e., only if a session cookie from the client already exists).


Loads the session segment with store and flash values for the current class.


Looks up class-specific locale strings based on a key.


Regenerates the session ID.


Resets (clears) all normal keys and values.


Resets both "normal" and "flash" values.


Resets (clears) all flash keys and values.


Sets a normal value by key; this will start the session if needed.


Sets the class segment for $_SESSION; unloads existing store and flash values.


Sets a flash value by key; this will start the session if needed.


Starts the session; automatically sends a P3P header if one is defined (and it is, by default).