Session handling and GDPR

This is a community-contributed tutorial. This tutorial is over a year old and may not apply to your version of Concrete CMS.
Apr 24, 2019

When coding for concrete5 you shouldn't use the $_SESSION super global: there's the really handy Session object.

To get this object in a controller file, you can simply write this:

$session = $this->app->make('session');

If you are not in a controller, you'll need the Application instance, for example with this code:

$app = \Concrete\Core\Support\Facade\Application::getFacadeApplication();
$session = $app->make('session');

Please note that getting the Session instance will start the session (which implies setting a cookie on the visitors web browser).

This is not a problem if you are storing a value in the session object, but this is useless if you want to read something from the session.

Since concrete5 version 8.4.0 you can use the SessionValidator service class to check if there's already an active session, so that you can get the Session instance only if it's already created:

$sessionValidator = $this->app->make(\Concrete\Core\Session\SessionValidator::class);
$session = $sessionValidator->hasActiveSession() ? $this->app->make('session') : null;

With the above code, $session will be null if there's no active session, or it will contain the Session instance otherwise.

Since concrete5 version 8.5.1 you can also use this code (with the same result):

$session = $this->app->make(\Concrete\Core\Session\SessionValidator::class)->getActiveSession();

Once you have the Session instance, you can use all the fancy Symfony methods of the Session object:

  • $session->has('key')
  • $session->get('key', 'defaultValue')
  • $session->set('key', 'newValue')
  • $session->remove('key')
  • $session->all()
Recent Tutorials
Setting addon/theme version compatibility in the marketplace
Jan 9, 2024

For developers worn out with setting the latest addon or theme version manually across too many core versions, here is a JavaScript bookmarklet to do it for you.

How to get the locale of a page
Jan 8, 2024
By mandako.

Now, why don't we just have a getLocale() method on Page objects beats me, but here's how you work around it

Using a Redis Server
Jun 16, 2023
By mlocati.

How to configure Concrete to use one or more Redis servers to persist the cache.

Using the Concrete Migration Tool Addon
Apr 27, 2023

How to use the Concrete CMS Migration Tool

How To Add Page Last Updated To Your Concrete CMS Pages
Mar 7, 2023

Concrete CMS has a page attribute you can add to a global area called "Page Date Modified." Here's how to add it

How To Exclude Subpages from Navigation
Dec 24, 2022

How to exclude subpages from navigation - useful for a news or blog link in your main navigation where you don't want all the subpages to appear in a drop down menu.

Improvements?

Let us know by posting here.