Data::Session - A persistent session manager
For background, read the docs (including the Changes files) and bug reports for both Apache::Session and CGI::Session.
The interface to Data::Session is not quite compatible with that of CGI::Session, hence the new namespace.
The purpose of Data::Session is to be a brand-new alternative to both Apache::Session and CGI::Session.
Aliases for method names are not supported.
In CGI::Session, methods etime() and expires() were aliased to expire(). This is not supported in Data::Session.
Data::Session does have an etime() method, "Method: etime()" in Data::Session, which is different.
In CGI::Session, method header() was aliased to http_header(). Only the latter method is supported in Data::Session. See "Method: cookie()" and "Method: http_header([@arg])".
In CGI::Session, id generators had a method generate_id() aliased to generate(). This is not supported in Data::Session.
In CGI::Session, method param_dataref() was aliased to dataref(). Neither of these methods is supported in Data::Session. If you want to access the session data, use my($hashref) = $session -> session.
This topic is sometimes used as a form of coercion, which is unacceptable, and sometimes leads to a crippled design.
So, by design, Data::Session is not exactly backwards-compatible with CGI::Session, but does retain it's major features:
This determines the type of session object you wish to create.
Default: 'driver:File;id:MD5;serialize:DataDumper'.
And specifically, the format of that case-sensitive string is as expected. See "Specifying Session Options" in Data::Session for details.
Call this just before your program exits.
In particular, as with CGI::Session, persistent environments stop your program exiting in the way you are used to. This matter is discussed in "Trouble with Exiting" in Data::Session.
Instead, consider using scripts/expire.pl, which ships with Data::Session.
Being able to supply a code ref as the value of the 'dbh' parameter to new() is supported.
This mechanism is used to delay creation of a database handle until it is actually needed, which means if it is not needed it is not created.
Calling methods on the class is not supported. You must always create an object.
The reason for this is to ensure every method call, without exception, has access to the per-object data supplied by you, or by default, in the call to new().
Controlling the capabilities of the Data::Session object is determined by the 'type' parameter passed in to new, as Data::Session -> new(type => $string).
A sample string looks like 'driver:BerkeleyDB;id:SHA1;serialize:DataDumper'.
Abbreviation of component key names ('driver', 'id', 'serialize') is not supported.
Such abbreviations were previously handled by Text::Abbrev. Now, these must be named in full.
The decision to force corresponding class names to lower case is not supported.
Nevertheless, lower-cased input will be accepted. Such input is converted to the case you expect.
This affects the names of various sub-classes. See "ID Generators", "Serialization Drivers" and "Storage Drivers".
For example, driver:pg is now driver:Pg, which actually means Data::Session::Driver::Pg, based on the class name DBD::Pg.
Exceptions are caught with Try::Tiny. Errors cause Data::Session to die.
The only exception to this is the call to new(), which can return undef. In that case, check $Data::Session::errstr.
Global variables are not supported. This includes:
Id generator classes have been renamed:
Data::Session::Serialize::JSON uses JSON, not JSON::Syck.
The light-weight Hash::FieldHash is used to manage object attributes.
So, neither Mouse nor Moose, nor any other such class helper, is used.
Forcing the query object to have a cookie method is not supported. You may now use a query class which does not provide a cookie method.
The logic of checking the cookie (if any) first (i.e. before checking for a form field of the same name) is supported.
See "Method: http_header([@arg])".
The [] indicate an optional parameter.
Returns a HTTP header. This means it does not print the header. You have to do that, when appropriate.
Forcing the document type to be 'text/html' when calling http_header() is not supported. You must pass in a document type to http_header(), as $session -> http_header('-type' => 'text/html'), or use the query object's default. Both CGI and CGI::Simple default to 'text/html'.
Data::Session handles the case where the query object does not have a cookie() method.
The @arg parameter, if any, is passed to the query object's header() method, after the cookie parameter, if any.
The new load() takes no parameters.
Excess versions of new() are not supported.
The new new() takes a hash of parameters.
This hash will include all options previously passed in in different parameters to new(), including $dsn, $query, $sid, \%dsn_args and \%session_params.
Class name changes are discussed in "ID Generators", "Serialization Drivers" and "Storage Drivers".
As discussed in "Method: new()" in Data::Session, these name changes are both the result of cleaning up all the options to new(), and because the option names are now also method names.
This is used in the call to new().
This is used in various id generator classes, some of which provided generate as an alias.
This is used in the call to new(), and in the '... id:AutoIncrement ...' id generator.
Excess versions of param() will not be supported.
Use param($key => $value) to set and param($key) to get.
param() may be passed a hash, to set several key/value pairs in 1 call.
All POD has been re-written.
The race handling code in CGI::Session::Driver::postgresql has been incorporated into other Data::Session::Driver::* drivers.
Serializing classes have been renamed:
The latter will use JSON. In the past JSON::Syck was used.
The latter uses YAML::Tiny. In the past either YAML::Syck or YAML was used.
The ability to create a Perl object without a session id is not supported.
Every time a object of type Data::Session is created, it must have an id.
This id is either supplied by the caller, taken from the query object, or one is generated.
See "Specifying an Id" in Data::Session for details.
CGI::Session tracks calls to param() to set a flag if the object is modified, so as to avoid writing the session to disk if nothing has been modified.
This includes checking if setting a param's value to the value it already has.
The behaviour is supported.
CGI::Session had these internal object attributes (parameters) not available to the user:
Hashref: Keys: _SESSION_ATIME, _SESSION_CTIME, _SESSION_ID and _SESSION_REMOTE_ADDR.
Hashref.
Scalar.
Scalar (bitmap).
Data::Session has these internal object attributes (parameters):
Scalar: Last access time.
Scalar: Creation time.
Scalar: Expiry time.
Scalar: The id.
Hashref: Expiry times of parameters.
Data::Session stores user data internally in a hashref, and the module reserves keys starting with '_'.
Of course, it has a whole set of methods to manage state.
CGI::Session objects can be one of 6 states. Every attempt has been made to simplify this design.
Classes related to DBI/DBD will use DBD::* style names, to help beginners.
Hence (with special cases):
The latter no longer uses DB_File.
All tests have been re-written.
Perl 5 code will be used.
Data::Session::Serialize::YAML uses YAML::Tiny, not YAML::Syck or YAML.
Data::Session was written by Ron Savage <ron@savage.net.au> in 2010.
Home page: http://savage.net.au/index.html.
Australian copyright (c) 2010, Ron Savage.
All Programs of mine are 'OSI Certified Open Source Software'; you can redistribute them and/or modify them under the terms of The Artistic License, a copy of which is available at: http://www.opensource.org/licenses/index.html
To install Data::Session, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Data::Session
CPAN shell
perl -MCPAN -e shell install Data::Session
For more information on module installation, please visit the detailed CPAN module installation guide.