#SESSION, is used to access the data linked to an authenticated site visitor and to automatically use a differentiated cache constructed for each visitor.

  • New in : SPIP 2.0

The details for an authenticated visitor are:

  • id_auteur: the unique internal author number
  • nom: the author’s signature name
  • bio: the author’s short biography
  • email: the author’s email address
  • nom_site: the author’s Internet site name/title
  • url_site: the author’s Internet site HTTP address
  • login: the login identifier
  • statut:
    • 0minirezo (for administrators and restricted administrators),
    • 1comite (editors),
    • 6forum (visitors)
  • webmestre : ’oui’ if the author is declared as webmaster
  • maj: the date and time of the last modification to the author’s personal data (any modification to the author data contained in spip_auteurs such as the last connection date/time, last internal message sent, list update to the personal details file...)
  • pgp: the author’s public PGP key
  • en_ligne: the date and time of last connection (not the current one)
  • imessage: ’oui’ if the author has sent a private message
  • messagerie:
  • prefs: the list of author preferences (basically how the private space displays, if a cookie is to be remembered...)
    • couleur => 1 to 6, colour code for the private space
    • display => 1 (text only) ; 2 (icons and text) ; 3 (icons only)
    • cnx => empty or ’perma’ (if "connected several days" has been checked)
  • cookie_oubli: hash of the replacement cookie sent of forgotten, otherwise empty
  • source: ’spip’ or ’ldap’
  • lang: language used in the private space
  • extra: list of extra fields declared for the author
  • auth: type of authentication used (spip, ldap)
  • cookie: ’oui’ if connected with a cookie - non-existent if connected otherwise (incl. PHP_AUTH_USER)
  • hash_env: internal (hash) code identifying the visitor session uniquely
  • ip_change: FALSE so long as the connected IP doesn’t change. TRUE if the connected IP changes. SPIP then recreates a new session for the connected user (with ip_change set to FALSE); this new session disconnects any possible cookie thief.

To display one of these details if and only if the visitor is an administrator:

[(#SESSION{statut}|=={0minirezo}|oui)  You are one of the administrators, maybe restricted, maybe not]

In the same fashion, you can restrict the display of a field depending on the visitor’s status:

[(#SESSION{statut}|=={0minirezo}|oui)  #DESCRIPTIF]

You can complicate the case further still, by loading a template called reserved.html :

[(#SESSION{statut}|=={0minirezo}|oui)  <INCLURE{fond=reserved, env}>]

See also

and also…

Author Mark Published : Updated : 22/07/23

Translations : عربي, català, English, Español, français, Nederlands, русский, українська