Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:68469 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 14622 invoked from network); 9 Aug 2013 21:15:09 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Aug 2013 21:15:09 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.215.42 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.215.42 mail-la0-f42.google.com Received: from [209.85.215.42] ([209.85.215.42:36991] helo=mail-la0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id E9/F5-06453-DDB55025 for ; Fri, 09 Aug 2013 17:15:09 -0400 Received: by mail-la0-f42.google.com with SMTP id mf11so3327071lab.29 for ; Fri, 09 Aug 2013 14:15:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=MvuaEgvrOTm+OrkZ7Lu09WglhgDEcZYkF3uFEQSGfmI=; b=u0Y7tdNAVBcp+0JKy+78An/0o/9lmqsNGvKdwB8MkhUxEfGKIWguCrJvRtZhv6ysP1 hPssqOegS2B5cUXlFcA0YvWnRbknRyev2vUcqHDN1rteLzLU/IFrK8qS9lq8/YSJXxBJ OCxMSo5OzugPwjyrAtG7dSggt0GSoIc058lBtUJgPwjf43K04KlBrx6xE/Qd8YsJGHh3 nFQlrTJDQWRHpQu46+lhjMToFT0ikkuc+HMw713osNzUp1g8SIvZvWuixVWgUhwPHuGC T/gGdHjhjrI9nC9Bn1xP9ikx5te83y3MD3aKfDvpanySlo/idCFQ5KOT0hRqLe0QtJ65 uxhg== X-Received: by 10.152.9.194 with SMTP id c2mr6733684lab.83.1376082906296; Fri, 09 Aug 2013 14:15:06 -0700 (PDT) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.112.127.233 with HTTP; Fri, 9 Aug 2013 14:14:26 -0700 (PDT) In-Reply-To: <52051E71.9010309@sugarcrm.com> References: <5202FC8A.2070307@sugarcrm.com> <52035622.1090301@lsces.co.uk> <52038ABF.8060904@lsces.co.uk> <5204B690.4060006@lsces.co.uk> <52051E71.9010309@sugarcrm.com> Date: Sat, 10 Aug 2013 06:14:26 +0900 X-Google-Sender-Auth: CcG6An7hWRjkyE9s3AREsvtlvxI Message-ID: To: Stas Malyshev Cc: Lester Caine , PHP internals Content-Type: multipart/alternative; boundary=001a1133dba0cfb99e04e38a44e4 Subject: Re: [PHP-DEV] "php_serialize" session serialize handler From: yohgaki@ohgaki.net (Yasuo Ohgaki) --001a1133dba0cfb99e04e38a44e4 Content-Type: text/plain; charset=UTF-8 Hi Stas, On Sat, Aug 10, 2013 at 1:53 AM, Stas Malyshev wrote: > > As I wrote, there is no real BC issue as it's just a matter of ini > setting. > > There is a BC issue if you need an ini setting. You keep dismissing it > but if it affected the app your business relates on it'd be a major > problem if on upgrade your app breaks and you need to scour release > notes to figure out all settings you need to change for each upgrade. So > we try to minimize such cases. > In some instances, it's unavoidable - but in this case, the support for > numerics in _SESSION is an exotic feature that will be of little use for > 99% of PHP users. So introducing additional upgrade headaches for this > is IMHO unnecessary. I think we are not talking about newbie users. Users who share session data among web servers are advanced users and they would not have problem reading release notes before upgrading. Most of users don't have care at all. If there is old session data, it's just discarded. > I'm not going to remove old one, though. Search bug db, there are many > > bug reports/feature requests that this patch solves. > > How many bug reports are there requesting numeric index support in session? It's one type of bug report that relates to this patch. There types bug/requests. Most of them are old one I suppose. IIRC, there were - Session fails to save if it contains special chars - Want unserialize session from session data, not from $_SESSION - Need function generates initial session data via dession_decode - Session should use plain serialize These are occasionally pops up and closed as "not a bug"/"wont fix". I remember since I was one of them closed as "not a bug"/"wont fix". > > If users aren't reading release note of minor version up, then it is > users' > > fault, > > not ours. If it is, we cannot release new PHP. > > We can. We can also take some responsibility for making it easier to > upgrade and not just say "we had it all in the fine print, it's your own > fault for not reading everything". Vendors that do that are usually > disliked by their customers. Even if there are users do not reading release notes, it does not break apps as it creates new session data. Users don't have clue, they would not have problem. Users may have affected, they should be able to read release notes. There wouldn't be upgrade headache. We don't want to keep misdesigned component due to "register_globals", don't we? Especially when the solution does not have real BC issue. Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net --001a1133dba0cfb99e04e38a44e4--