Difference between #1 and #2 of Syncing sessions between Yii and KCFinder

Syncing sessions between Yii and KCFinder
File upload
>Info: As KCFinder's documentation
[mentions](http://kcfinder.sunhater.com/integrate#session ""), if your
application (Yii in our case) session handling is using the PHP environment
configuration - meaning no change in session handling at all, then no change is
needed also on KCFinder side to be able to use this session and thus have this
simple interface between your Yii webapp and KCFinder. If that's your case then
you probably need not read the rest of this article but rather just make sure
that before a user attempts to upload or browse your server a session variable
is already set for him (or her) with his specific
[configuration](http://kcfinder.sunhater.com/install#config "")
already waiting for KCFinder there. What can this session interface be useful
for? For example, for having per-user upload directory. You could have
*uploadURL* variable established in the session variable to contain the user's
id. When an upload or browse use case will occur, the client side will trigger
the KCFinder completely decoupled from the Yii application. Yet, since you've
already synced your user-specific-configuration with KCFinder via the session,
KCFinder will pick it up and use it. 

I have been trying to find information on how to sync the sessions between Yii
and KCFinder so that the two applications can "communicate" with each
other. I managed to find some bits and pieces on the correct approach to use,
but not a definite guide or concrete code.

So... if you are using Yii with CDbHttpSession and also want KCFinder to share
the same session as Yii, you must create your own SESSION SAVE HANDLER as
described [here](http://kcfinder.sunhater.com/docs/integrate#session
"Session configuration").

This handler must be placed inside file **core/autoload.php** of KCFinder.


class SessionSaveHandler 
    protected $savePath;
    protected $sessionName;
    public $db;
    public $sessionTableName;

    public function __construct() 
            array($this, "open"),
            array($this, "close"),
            array($this, "read"),
            array($this, "write"),
            array($this, "destroy"),
            array($this, "gc")
    public function loadConfig()
        // application configuration file
        $config_file = dirname(__FILE__) .
        $find = array('<?php', '?>');
        $replace = array('', '');
        $configuration = eval(str_replace($find, $replace,
        $this->sessionName =
        $this->db = $configuration['components']['db'];
        $this->sessionTableName =

    public function open($savePath, $sessionName) {
        return true;

    public function close() {
        return true;

    public function read($id) {
        try {
            $dbh = new PDO($this->db['connectionString'],
$this->db['username'], $this->db['password']);
            $statement = $dbh->prepare("SELECT data FROM
$this->sessionTableName WHERE id = :id AND expire > :expire");
            $statement->bindParam(':id', $id, PDO::PARAM_STR);
            $statement->bindParam(':expire', time(), PDO::PARAM_INT);
            $result = $statement->execute();
            if ($result) {
                $row = $statement->fetch();
                return $row['data'];
        } catch (PDOException $e) {

        return '';

    public function write($id, $data) {
        return true;

    public function destroy($id) {
        return true;

    public function gc($maxlifetime) {
        return true;

new SessionSaveHandler();


That's It!

Feel free to comment on the approach used and suggest any other tips.