-
Notifications
You must be signed in to change notification settings - Fork 0
Reading And Writing Values
These methods wrap the $_SESSION superglobal. They live on GetterSetter and
are reachable through the facade — Session::get(...) — or
on the object returned by set()/Session::createImmutable().
All reads are null-safe: if the session has not been started (so $_SESSION
is not populated), reads return their defaults instead of raising a type error.
Session::has('user'); // true / falseStores a value and returns the GetterSetter, so writes chain:
Session::set('user', 'ada')
->set('role', 'admin')
->set('prefs', ['theme' => 'dark']);Any serialisable value is allowed — strings, ints, arrays, objects:
Session::set('cart', ['sku-1', 'sku-2']);Returns the stored value, or $default when the key is missing:
Session::get('user'); // 'ada'
Session::get('missing'); // null
Session::get('locale', 'en'); // 'en'A stored null is a real value and is returned as-is:
Session::set('mute', null);
Session::get('mute', false); // null, not falseLike set(), but returns the value rather than the bag — handy in
expressions:
$token = Session::push('csrf', bin2hex(random_bytes(16)));
header('X-CSRF: ' . $token);Reads a key and removes it — the canonical "flash" primitive:
Session::set('flash', 'Saved!');
// ... next request ...
$message = Session::pull('flash'); // 'Saved!', then gone
Session::has('flash'); // falseIf the key is absent, pull() returns $default and changes nothing.
Removes one or more keys. delete() is an exact alias of remove(). Removing a
missing key is a silent no-op.
Session::remove('csrf');
Session::remove('a', 'b', 'c');
Session::delete('legacy'); // same thingReturns the entire session payload as an array:
foreach (Session::all() as $key => $value) {
// ...
}Before the session is started this returns [].
Bulk-writes an associative array. Only string keys are written — numeric keys are silently skipped, so you can pass mixed arrays safely.
Session::setAssoc([
'user' => 'ada',
'role' => 'admin',
0 => 'ignored', // numeric key → skipped
]);With $reset = true, the session is replaced by $assoc rather than merged:
Session::setAssoc(['only' => 'this'], true);
Session::all(); // ['only' => 'this']The facade does not replace the superglobal — mix and match freely:
$_SESSION['counter'] = ($_SESSION['counter'] ?? 0) + 1;
echo Session::get('counter');| Method | Returns | Removes? | Default on miss |
|---|---|---|---|
has |
bool |
— | — |
get |
value | — | ✅ |
set |
GetterSetter |
— | — |
push |
the value | — | — |
pull |
value | ✅ | ✅ |
remove / delete
|
GetterSetter |
✅ | — |
all |
array |
— | [] |
setAssoc |
GetterSetter |
optional ($reset) |
— |
- Session Lifecycle — start, regenerate, destroy.
-
Recipe: Flash Messages —
pull()in practice. - API Reference — exhaustive signatures.
initphp/sessions · MIT License · part of the InitPHP family
Source · Issues · Discussions · Packagist · Contributing · Security Policy
Getting Started
Core Usage
Adapters
- Adapters Overview
- File Adapter
- Redis Adapter
- PDO Adapter
- Cookie Adapter
- Memcache / Memcached Adapter
- MongoDB Adapter
- Custom Adapters
Reference
Practical Guides
Migration & Help