ch16lev1sec7.html

Q&A

Q. Is there a way to implement the session framework in stand-alone applications?
A. Yes. You can access django.contrib.sessions.backends.db.SessionStore to access the SessionStore data. The following code creates a session store, adds a value to it, and then saves it:
from django.contrib.sessions.backends.db import SessionStore s = SessionStore(session_key='123abc321cba1234567890abcdef1234') s['session_name'] = 'My Session' s.save()

If you are using the db backend, you can access the session model directly. However, you need to call the get_decoded() function to access the dictionary, because the dictionary is stored in an encoded format. For example:

from django.contrib.sessions.models import Session s = Session.objects.get(pk='123abc321cba1234567890abcdef1234') s = s.get_decoded() print 'Session %s' % s.['session_name']

Q. Is there a way add the session to the URL like PHP does?
A. No. Django's session framework is entirely cookie-based. Not only is putting the session ID in the URL as a last-resort backup ugly, it also makes the site vulnerable to session ID theft.

Q.	Is there a way to implement the session framework in stand-alone applications?
A.	Yes. You can access `django.contrib.sessions.backends.db.SessionStore` to access the `SessionStore` data. The following code creates a session store, adds a value to it, and then saves it: from django.contrib.sessions.backends.db import SessionStore s = SessionStore(session_key='123abc321cba1234567890abcdef1234') s['session_name'] = 'My Session' s.save() If you are using the `db` backend, you can access the `session` model directly. However, you need to call the `get_decoded()` function to access the dictionary, because the dictionary is stored in an encoded format. For example: from django.contrib.sessions.models import Session s = Session.objects.get(pk='123abc321cba1234567890abcdef1234') s = s.get_decoded() print 'Session %s' % s.['session_name']
Q.	Is there a way add the session to the URL like PHP does?
A.	No. Django's session framework is entirely cookie-based. Not only is putting the session ID in the URL as a last-resort backup ugly, it also makes the site vulnerable to session ID theft.