Syncing sessions between Yii and KCFinder

>Info: As KCFinder's documentation mentions, if your application (Yii in our case) session handling is using the PHP environment configuration - meaning no change in session handling at all, then no change is needed also on KCFinder side to be able to use this session and thus have this simple interface between your Yii webapp and KCFinder. If that's your case then you probably need not read the rest of this article but rather just make sure that before a user attempts to upload or browse your server a session variable is already set for him (or her) with his specific configuration already waiting for KCFinder there. What can this session interface be useful for? For example, for having per-user upload directory. You could have uploadURL variable established in the session variable to contain the user's id. When an upload or browse use case will occur, the client side will trigger the KCFinder completely decoupled from the Yii application. Yet, since you've already synced your user-specific-configuration with KCFinder via the session, KCFinder will pick it up and use it.

I have been trying to find information on how to sync the sessions between Yii and KCFinder so that the two applications can "communicate" with each other. I managed to find some bits and pieces on the correct approach to use, but not a definite guide or concrete code.

So... if you are using Yii with CDbHttpSession and also want KCFinder to share the same session as Yii, you must create your own SESSION SAVE HANDLER as described here.

This handler must be placed inside file core/autoload.php of KCFinder.

class SessionSaveHandler 
    protected $savePath;
    protected $sessionName;
    public $db;
    public $sessionTableName;

    public function __construct() 
            array($this, "open"),
            array($this, "close"),
            array($this, "read"),
            array($this, "write"),
            array($this, "destroy"),
            array($this, "gc")
    public function loadConfig()
        // application configuration file
        $config_file = dirname(__FILE__) . '/../../../protected/config/main.php';
        $find = array('<?php', '?>');
        $replace = array('', '');
        $configuration = eval(str_replace($find, $replace, file_get_contents($config_file)));
        $this->sessionName = $configuration['components']['session']['sessionName'];
        $this->db = $configuration['components']['db'];
        $this->sessionTableName = $configuration['components']['session']['sessionTableName'];

    public function open($savePath, $sessionName) {
        return true;

    public function close() {
        return true;

    public function read($id) {
        try {
            $dbh = new PDO($this->db['connectionString'], $this->db['username'], $this->db['password']);
            $statement = $dbh->prepare("SELECT data FROM $this->sessionTableName WHERE id = :id AND expire > :expire");
            $statement->bindParam(':id', $id, PDO::PARAM_STR);
            $statement->bindParam(':expire', time(), PDO::PARAM_INT);
            $result = $statement->execute();
            if ($result) {
                $row = $statement->fetch();
                return $row['data'];
        } catch (PDOException $e) {

        return '';

    public function write($id, $data) {
        return true;

    public function destroy($id) {
        return true;

    public function gc($maxlifetime) {
        return true;

new SessionSaveHandler();

That's It!

Feel free to comment on the approach used and suggest any other tips.

1 0
Viewed: 12 379 times
Version: 1.1
Category: How-tos
Written by: Thanasis Fotis
Last updated by: Boaz
Created on: Nov 20, 2012
Last updated: 6 years ago
Update Article


View all history

Related Articles