Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:68462 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 32518 invoked from network); 9 Aug 2013 09:27:44 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Aug 2013 09:27:44 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.172 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.217.172 mail-lb0-f172.google.com Received: from [209.85.217.172] ([209.85.217.172:32871] helo=mail-lb0-f172.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id B4/B6-06453-D06B4025 for ; Fri, 09 Aug 2013 05:27:43 -0400 Received: by mail-lb0-f172.google.com with SMTP id o7so3163793lbv.31 for ; Fri, 09 Aug 2013 02:27:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=g0/v9MmRTOdoowOE5rfyEv7VTb5gVuERjtMS2PmBhhc=; b=itoEuYi4KYFub3ADTIdKDBzkocixy3DCnMOy7+YKzxT74gP8AHHcmSlpSOQhYu9G0B 5HSqxPKd0ZYOIjkvZQH+95G+/XrAaRaRTbHrQcldf1cyeKKMd3C0gKrHUHN2rO9ANZYW mkD3kmZZtX8EbwleRvLZ5fg7Yhz9r2p0D8+peMIXmF0RwIc5BmDTHbmfV90bxjI/I7dO g4CJebFBv6D0iS+cl17C9Q0wS6QKcGgoMVT4dFhRCcL9evwutnbIKSlGIra57/mdFhqI ADL374z/Dt0bRFovDi/Xj5oROuzGy7dJtUiclSwOSkCTRtEVMHFhx2SK0c96BhMYf/sK JYhg== X-Received: by 10.152.37.41 with SMTP id v9mr5747425laj.9.1376040457992; Fri, 09 Aug 2013 02:27:37 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.112.127.233 with HTTP; Fri, 9 Aug 2013 02:26:56 -0700 (PDT) In-Reply-To: References: <5202AF52.9060200@sugarcrm.com> <5202EE67.5020307@sugarcrm.com> <5202FC8A.2070307@sugarcrm.com> <52035622.1090301@lsces.co.uk> <52038ABF.8060904@lsces.co.uk> Date: Fri, 9 Aug 2013 18:26:56 +0900 X-Google-Sender-Auth: JJ5Qb2n5oneAOXx3-Uh-b040Ebg Message-ID: To: Leigh Cc: Lester Caine , "internals@lists.php.net" Content-Type: multipart/alternative; boundary=089e0160b998b1fe4704e3806265 Subject: Re: [PHP-DEV] "php_serialize" session serialize handler From: yohgaki@ohgaki.net (Yasuo Ohgaki) --089e0160b998b1fe4704e3806265 Content-Type: text/plain; charset=UTF-8 Hi Leigh, On Fri, Aug 9, 2013 at 5:28 PM, Leigh wrote: > On 8 August 2013 23:31, Yasuo Ohgaki wrote: > >> >> How php_serialize would cause BC issues for PHP users? >> > > Not everyone uses PHP in the way you would expect. Just how many sites out > there do you think use PHPs session functionality? I'd go for hundreds of > millions, and that's a pretty big target to hit. > > If you session_encode() something on 5.x with default settings and 5.x+1 > cannot session_decode() it with default settings, that is a BC break. > Mixing versions with shared data should be carefully handled for almost all apps. Even if this is the case, users may use old serializer so no BC. Anyway, we also have to consider number of bug/request reports that it solves. There are countless bug reports that were closed as "won't fix"/"not a bug" because of the register_globals support in session module. Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net --089e0160b998b1fe4704e3806265--