Generates a session token and attaches session information to it.
Description
A session token is a long, random string. It is used in a cookie to link that cookie to an expiration time and to ensure the cookie becomes invalidated when the user logs out.
This function generates a token and stores it with the associated expiration time (and potentially other session information via the ‘attach_session_information’ filter).
Parameters
$expirationintrequired- Session expiration timestamp.
Source
final public function create( $expiration ) {
/**
* Filters the information attached to the newly created session.
*
* Can be used to attach further information to a session.
*
* @since 4.0.0
*
* @param array $session Array of extra data.
* @param int $user_id User ID.
*/
$session = apply_filters( 'attach_session_information', array(), $this->user_id );
$session['expiration'] = $expiration;
// IP address.
if ( ! empty( $_SERVER['REMOTE_ADDR'] ) ) {
$session['ip'] = $_SERVER['REMOTE_ADDR'];
}
// User-agent.
if ( ! empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
$session['ua'] = wp_unslash( $_SERVER['HTTP_USER_AGENT'] );
}
// Timestamp.
$session['login'] = time();
$token = wp_generate_password( 43, false, false );
$this->update( $token, $session );
return $token;
}
Hooks
- apply_filters( ‘attach_session_information’,
array $session ,int $user_id ) Filters the information attached to the newly created session.
Changelog
| Version | Description |
|---|---|
| 4.0.0 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.