Alpha ZealPHP is early-stage and under active development. APIs may change between minor versions until v1.0. Feedback and bug reports welcome on GitHub.
API Index — Namespaces, Packages, Reports, Indices

SessionManager
in package

OpenSwoole onRequest handler for superglobals mode (App::superglobals(true)).

Invoked as a callable (via __invoke()) for every inbound HTTP request on the worker. Responsible for:

  • Resetting per-request RequestContext state (error/exception/shutdown stacks).
  • Optionally managing the PHP session lifecycle (session_start() → inner middleware stack → session_write_close()), gated on App::$session_lifecycle and App::cgiOwnsSessions().
  • Wrapping the raw OpenSwoole request/response in ZealPHP\HTTP\Request / ZealPHP\HTTP\Response and storing them on RequestContext.
  • Running the per-request isolation cleanup hooks from ext-zealphp when coroutine-legacy mode is active (zealphp_reset_request_rtcaches, zealphp_reset_request_statics, zealphp_reset_request_class_statics).

The coroutine-mode equivalent is CoSessionManager.

Table of Contents

Properties

$g  : RequestContext
Snapshot of the RequestContext singleton at construction time.
$idGenerator  : string|callable
Session ID generator: a callable or the string 'session_create_id'.
$middleware  : callable
The inner middleware callable — the PSR-15 stack entry point.
$useCookies  : bool
Whether to read/write the session ID via cookies.
$useOnlyCookies  : bool
Whether cookies are the only allowed transport for the session ID.

Methods

__construct()  : mixed
Inject dependencies for the session manager.
__invoke()  : void
Handle one inbound OpenSwoole request: set up session + context, run the middleware stack, then clean up.
safeForFunctionIsolation()  : bool
Returns false when running zealphp_process_state_clean() would be unsafe.

Properties

$idGenerator

Session ID generator: a callable or the string 'session_create_id'.

protected string|callable $idGenerator

$middleware

The inner middleware callable — the PSR-15 stack entry point.

protected callable $middleware

$useCookies

Whether to read/write the session ID via cookies.

protected bool $useCookies

$useOnlyCookies

Whether cookies are the only allowed transport for the session ID.

protected bool $useOnlyCookies

Methods

__construct()

Inject dependencies for the session manager.

public __construct(callable $middleware[, string|callable $idGenerator = 'session_create_id' ][, bool|null $useCookies = null ][, bool|null $useOnlyCookies = null ]) : mixed
Parameters
$middleware : callable

The inner PSR-15 middleware stack entry point.

$idGenerator : string|callable = 'session_create_id'

Session ID generator; defaults to 'session_create_id'.

$useCookies : bool|null = null

When null, inherits session.use_cookies ini value.

$useOnlyCookies : bool|null = null

When null, inherits session.use_only_cookies ini value.

__invoke()

Handle one inbound OpenSwoole request: set up session + context, run the middleware stack, then clean up.

public __invoke(Request $request, Response $response) : void

Sequence (when session management is active):

  1. Reset per-request RequestContext state (error/shutdown stacks, streaming flags).
  2. Resolve the session ID from cookie or query string; call session_start().
  3. Wrap raw OpenSwoole objects in ZealPHP\HTTP\Request / ZealPHP\HTTP\Response.
  4. Invoke the inner middleware stack via call_user_func($this->middleware, ...).
  5. In the finally block: session_write_close(), isolation cleanup hooks (zealphp_reset_request_rtcaches, zealphp_reset_request_statics, zealphp_reset_request_class_statics), and constant/globals cleanup.

When App::$session_lifecycle is false or App::cgiOwnsSessions() returns true, the session lifecycle steps are skipped — context setup and cleanup hooks still run.

Parameters
$request : Request

Raw OpenSwoole request object.

$response : Response

Raw OpenSwoole response object.

safeForFunctionIsolation()

Returns false when running zealphp_process_state_clean() would be unsafe.

private static safeForFunctionIsolation() : bool

Checks registered spl_autoload callbacks: if any Composer\Autoload\ClassLoader maps classes under App::$document_root, cleaning function/class state would orphan those lazily-loaded classes. In that case the caller should skip the cleanup and rely on legacy-cgi (process-isolated) mode instead.

Return values
bool
On this page