[ Index ]

PHP Cross Reference of WordPress

title

Body

[close]

/wp-includes/ -> class-wp-session-tokens.php (summary)

[Source view] [Print] [Project Stats]

Session API: WP_Session_Tokens class

File Size: 294 lines (7 kb)
Included or required: 1 time
Referenced: 0 times
Includes or requires: 0 files

Defines 14 functions

  __construct()
  get_instance()
  hash_token()
  get()
  verify()
  create()
  update()
  destroy()
  destroy_others()
  is_still_valid()
  destroy_all()
  destroy_all_for_all_users()
  get_all()
  drop_sessions()

Functions
Functions that are not part of a class:

__construct( $user_id )   X-Ref
Protected constructor. Use the `get_instance()` method to get the instance.

param: int $user_id User whose session to manage.
since: 4.0.0

get_instance( $user_id )   X-Ref
Retrieves a session manager instance for a user.

This method contains a {@see 'session_token_manager'} filter, allowing a plugin to swap out
the session manager for a subclass of `WP_Session_Tokens`.

return: WP_Session_Tokens The session object, which is by default an instance of
param: int $user_id User whose session to manage.
since: 4.0.0

hash_token( $token )   X-Ref
Hashes the given session token for storage.

return: string A hash of the session token (a verifier).
param: string $token Session token to hash.
since: 4.0.0

get( $token )   X-Ref
Retrieves a user's session for the given token.

return: array|null The session, or null if it does not exist.
param: string $token Session token.
since: 4.0.0

verify( $token )   X-Ref
Validates the given session token for authenticity and validity.

Checks that the given token is present and hasn't expired.

return: bool Whether the token is valid for the user.
param: string $token Token to verify.
since: 4.0.0

create( $expiration )   X-Ref
Generates a session token and attaches session information to it.

A session token is a long, random string. It is used in a cookie
to link that cookie to an expiration time and to ensure the cookie
becomes invalidated when the user logs out.

This function generates a token and stores it with the associated
expiration time (and potentially other session information via the
{@see 'attach_session_information'} filter).

return: string Session token.
param: int $expiration Session expiration timestamp.
since: 4.0.0

update( $token, $session )   X-Ref
Updates the data for the session with the given token.

param: string $token Session token to update.
param: array  $session Session information.
since: 4.0.0

destroy( $token )   X-Ref
Destroys the session with the given token.

param: string $token Session token to destroy.
since: 4.0.0

destroy_others( $token_to_keep )   X-Ref
Destroys all sessions for this user except the one with the given token (presumably the one in use).

param: string $token_to_keep Session token to keep.
since: 4.0.0

is_still_valid( $session )   X-Ref
Determines whether a session is still valid, based on its expiration timestamp.

return: bool Whether session is valid.
param: array $session Session to check.
since: 4.0.0

destroy_all()   X-Ref
Destroys all sessions for a user.

since: 4.0.0

destroy_all_for_all_users()   X-Ref
Destroys all sessions for all users.

since: 4.0.0

get_all()   X-Ref
Retrieves all sessions for a user.

return: array Sessions for a user.
since: 4.0.0

drop_sessions()   X-Ref
Destroys all sessions for all users.

since: 4.0.0


Generated: Tue Oct 28 01:00:02 2025 Cross-referenced by PHPXref 0.7.1