Session handling and GDPR

This is a community-contributed tutorial. This tutorial is over a year old and may not apply to your version of Concrete CMS.
Apr 24, 2019

When coding for concrete5 you shouldn't use the $_SESSION super global: there's the really handy Session object.

To get this object in a controller file, you can simply write this:

$session = $this->app->make('session');

If you are not in a controller, you'll need the Application instance, for example with this code:

$app = \Concrete\Core\Support\Facade\Application::getFacadeApplication();
$session = $app->make('session');

Please note that getting the Session instance will start the session (which implies setting a cookie on the visitors web browser).

This is not a problem if you are storing a value in the session object, but this is useless if you want to read something from the session.

Since concrete5 version 8.4.0 you can use the SessionValidator service class to check if there's already an active session, so that you can get the Session instance only if it's already created:

$sessionValidator = $this->app->make(\Concrete\Core\Session\SessionValidator::class);
$session = $sessionValidator->hasActiveSession() ? $this->app->make('session') : null;

With the above code, $session will be null if there's no active session, or it will contain the Session instance otherwise.

Since concrete5 version 8.5.1 you can also use this code (with the same result):

$session = $this->app->make(\Concrete\Core\Session\SessionValidator::class)->getActiveSession();

Once you have the Session instance, you can use all the fancy Symfony methods of the Session object:

  • $session->has('key')
  • $session->get('key', 'defaultValue')
  • $session->set('key', 'newValue')
  • $session->remove('key')
  • $session->all()
Recent Tutorials
Edit domains and sitemaps
Apr 4, 2025
By myq.

How to create a sitemap when using an edit domain

Block Types and CIF Data
Apr 2, 2025
By mlocati.

This tutorial describes how Concrete works with blocks data, and how you can create custom block types that works well when exporting and importing data with the CIF XML format.

Customize the default page title
Mar 12, 2025

Change the default " :: " and/or "site name :: page title" formatting separator to something else.

Configure Composer to work with a Page Type
Feb 20, 2025
By myq.

Fix the "Unable to load block into composer. You must edit this content from within the context of the page." error message

Permissions for editors in a multilingual site
Feb 2, 2025
By myq.

How to set up a multilingual Concrete CMS site for groups of language-specific editors

Restoring deleted pages using advanced search
Jan 16, 2025
By myq.

How to recover deleted pages when there are more than a few to choose from.

Improvements?

Let us know by posting here.