Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:68394 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 41209 invoked from network); 7 Aug 2013 06:59:57 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 7 Aug 2013 06:59:57 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.176 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.217.176 mail-lb0-f176.google.com Received: from [209.85.217.176] ([209.85.217.176:39882] helo=mail-lb0-f176.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id D4/73-06453-D60F1025 for ; Wed, 07 Aug 2013 02:59:57 -0400 Received: by mail-lb0-f176.google.com with SMTP id w10so1207086lbi.21 for ; Tue, 06 Aug 2013 23:59:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to:content-type; bh=dBYQQFFQbd2uLWOGWRsJKb+8UKj/Liu9DjbUTx+hSfo=; b=sgn0XAV8Wo+W7JT1g7yxgZIZr8xIhO03/NPnr50uutNKUs8iOzi+gil+47sopk+9py C8hPqLQ6sF7AKlcQCFbmxcdcn7SsqQJ8XzARTPKAE19ql02glTZxN/xcK0R8mTNQ5qQR u8Jj7Yi6h7mWf4yJ0Q4W5MjXT/hDj5AzQ1RWZglLSIIM8BrS3qkHXyiY/wIc/R5XhJVB pCrA4hcv7KU4X/AXtSFLsAsT1wYRBX9qx9zyboPlM2UM4tdbLtqhzmL6WPqXdHYorJFP PSJ53wtpFQ1fD9IUk/fZMfSdAdYeWzaBnSWZ4R8JJFLOh6Aj522KbR/ajcZxJkPctIde 5YoQ== X-Received: by 10.152.29.103 with SMTP id j7mr785666lah.7.1375858794172; Tue, 06 Aug 2013 23:59:54 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.112.127.233 with HTTP; Tue, 6 Aug 2013 23:59:14 -0700 (PDT) Date: Wed, 7 Aug 2013 15:59:14 +0900 X-Google-Sender-Auth: Xr3JT1jPD-otjaHizij8WXNLHYA Message-ID: To: "internals@lists.php.net" Content-Type: multipart/alternative; boundary=089e0160b828b0146c04e3561691 Subject: "php_serialize" session serialize handler From: yohgaki@ohgaki.net (Yasuo Ohgaki) --089e0160b828b0146c04e3561691 Content-Type: text/plain; charset=UTF-8 Hi all, Current session module has a few limitations due to "register_globals" support which is now obsolete. One of them is numeric key indexed session data. i.e. $_SESSION[1] = $var is not allowed now and it raises error at R_SHUTDOWN with useless message for debugging. https://bugs.php.net/bug.php?id=65359 Following patch (diff against 5.5 branch) add php_serialize session serialize handler and removes the limitation. To test patch, set "session.serialize_handler = php_serialize" in php.ini file or set it via ini_set(). https://gist.github.com/yohgaki/6171628 (All tests and my new test for new serializer passed with Valgrind) It's possible to remove unneeded limitation from current serializers, but it causes BC. (e.g. AFAIK, perl and python have serializer/unserializer for PHP session data. If we simply remove limitation, session data decode may fail.) Therefore, adding new serializer would be better. Since it uses plain serialize(), users may simply unserialize() to inspect session data if it is needed. Users may setup initial $_SESSION array from serialize()ed data. i.e. session_decode($serialized_data) These would be useful for some users. I would like to add this new serializer to 5.5(optional) and master(default). Any comments? -- Yasuo Ohgaki yohgaki@ohgaki.net --089e0160b828b0146c04e3561691--