Contenido

Frontend Session Information

Author Timo A. Hummel
Created 20th October 2003
Audience
 Module Developers
Applies to
 Contenido 4.4 or later

Introduction

In order to identify a website visitor, the default Contenido Frontend delivers a session mechanism.

Concept

The frontend automatically stores a cookie including the session ID. As the contenido frontend is based on the PHPLIB session management, the session ID can always be retrieved by calling $sess->id as long as the $sess object is made global.

Why Cookies?

This has several reasons. The most important ones are:

- Module developers don't need to care about session ID's, as this is managed transparently by the system.
- There's no need to re-process links that were inserted using the WYSIWYG.
- Users tend to copy'n'paste interesting web sites from the location bar. As this usually includes the session, we would no longer be able to identify a visitor uniquely.

Drawbacks:

- Some browsers and/or visitors don't like cookies. That makes it impossible for us to identify them. However, this is only the minority, and I guess we can expect that a visitor has cookies turned on in these days, since almost no web application (like shop systems, bulletin boards etc) will work without cookies.

Also note that the site will still be browsable - you just can't use the session to store data for the frontend.

Is there some way around cookies?

Yes, you can modify the file "local.php" in the conlib directory. Look for the class "Contenido_Frontend_Session" (currently on line 137, but this might change or has already been changed):

class Contenido_Frontend_Session extends Session {
  var $classname = "Contenido_Frontend_Session";
  var $cookiename     = "sid";              ## defaults to classname
  var $magic          = "Phillipip";        ## ID seed
  var $mode           = "cookie";           ## We propagate session IDs with cookies
  var $fallback_mode  = "cookie";
  var $lifetime       = 0;                  ## 0 = do session cookies, else minutes
  var $that_class     = "Contenido_CT_Sql"; ## name of data storage container
  var $gc_probability = 5; 
  function Contenido_Frontend_Session ()
  {
      global $load_lang, $load_client;
      $this->cookiename = "sid_".$load_client."_".$load_lang;
  }
}


The important variables are "$mode" and "$fallback_mode". Both of these can either be "get" or "cookie". Remember that if you set "get", you have to rewrite most of your modules (in fact, each module which generates or display links).

Remember: Using "get" as frontend session mode is neither supported nor recommended - use it on your own risk.