Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:16094
Return-Path: <hans@velum.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 1386 invoked by uid 1010); 26 Apr 2005 16:42:52 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 1371 invoked from network); 26 Apr 2005 16:42:52 -0000
Received: from unknown (HELO pb1.pair.com) (127.0.0.1)
  by localhost with SMTP; 26 Apr 2005 16:42:52 -0000
X-Host-Fingerprint: 69.17.117.25 mail23.sea5.speakeasy.net Linux 2.5 (sometimes 2.4) (4)
Received: from ([69.17.117.25:38011] helo=mail23.sea5.speakeasy.net)
	by pb1.pair.com (ecelerity 1.2.12rc1 r(5476:5477)) with SMTP
	id 52/29-59279-B8F6E624 for <internals@lists.php.net>; Tue, 26 Apr 2005 12:42:51 -0400
Received: (qmail 18602 invoked from network); 26 Apr 2005 16:42:48 -0000
Received: from out.appliedsec.com (HELO [127.0.0.1]) (hlellelid@[69.17.56.162])
	(envelope-sender <hans@velum.net>)
	by mail23.sea5.speakeasy.net (qmail-ldap-1.03) with AES256-SHA encrypted SMTP
	for <sascha@schumann.cx>; 26 Apr 2005 16:42:48 -0000
Message-ID: <426E6F87.5020908@velum.net>
Date: Tue, 26 Apr 2005 12:42:47 -0400
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Sascha Schumann <sascha@schumann.cx>
CC: Thomas O'Neill <tommyo@gmail.com>,  internals@lists.php.net
References: <4266894D.1070702@cain.sh> <42668AC0.1010607@caedmon.net>	<pkhi61di24djruht2uhqhjfppn6bt6dsme@4ax.com> <4269D32C.1080706@cain.sh>	<d0cb926205042518356213b551@mail.gmail.com> <Pine.LNX.4.61.0504260952410.29267@chatserv>
In-Reply-To: <Pine.LNX.4.61.0504260952410.29267@chatserv>
X-Enigmail-Version: 0.89.5.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] [PATCH] Modifications for ext/session/
From: hans@velum.net (Hans Lellelid)

Sascha Schumann wrote:
>     They are not helpful for various reasons.  e.g. if you need
>     to ask whether a session was started, your architecture is
>     broken (a central place needs to manage sessions; that single
>     place must know whether a session has been started).

I haven't looked in any detail at these functions, but wouldn't you be 
able to prevent fixation by inquiring whether a particular session was 
already started? -- rather than PHP's current (IMHO flawed) behavior 
where a new session is simply started with whatever session is is passed in.

-Hans