Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:70129
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 56765 invoked from network); 14 Nov 2013 21:13:21 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 14 Nov 2013 21:13:21 -0000
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.175 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.217.175 mail-lb0-f175.google.com  
Received: from [209.85.217.175] ([209.85.217.175:40520] helo=mail-lb0-f175.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 52/B0-53459-EEC35825 for <internals@lists.php.net>; Thu, 14 Nov 2013 16:13:20 -0500
Received: by mail-lb0-f175.google.com with SMTP id p9so2035393lbv.20
        for <internals@lists.php.net>; Thu, 14 Nov 2013 13:13:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc:content-type;
        bh=hnrz4ILh/V26vOBuQwoprtbEue0SV7bT4XPyWPq3FAY=;
        b=q06mW4PR1hOLyhX31/gtNUVbZEuyNPVQ9gGvGvkpVLN4lYM74c3uGYUb/V9eROg60j
         4kjyyZv3FQA/F1xW8f90m+kn4sW6Ue/Ht9gIGnDpt+NURcMPHVoeQ+nCXzcTD79sjXK5
         A3YEeJow0K3nBlY0FdMhrEjnRMppZae26gdZvMCdg0RKd/VeVP0Y/hu3SuHhzElFOq8d
         4ulbv56DD7low6u0dDBmM9Q7/t2rwbvzgfwR1PiRP1sQ20cRp+d/zZCFHn/v4jkNbkf/
         Ggt4XytTiN5VzUmZ/kOk6CKwyFUQjHTTyyUmRhBpIxzAO6jtA8rrkcaid4/1TydI/Zu+
         yC5A==
X-Received: by 10.112.205.6 with SMTP id lc6mr1845905lbc.45.1384463595328;
 Thu, 14 Nov 2013 13:13:15 -0800 (PST)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.112.154.201 with HTTP; Thu, 14 Nov 2013 13:12:34 -0800 (PST)
In-Reply-To: <5285390D.6000106@sugarcrm.com>
References: <CAGa2bXb7hR=jkHnxrBDXnSZkN7B6cDVPj_Nve2=tWS4_AmmOKg@mail.gmail.com>
 <CADajX4CJ061_1b__TAT_6vjNJ9Z+_N6bqN2CA63d+8gvxf4BXQ@mail.gmail.com> <5285390D.6000106@sugarcrm.com>
Date: Fri, 15 Nov 2013 06:12:34 +0900
X-Google-Sender-Auth: qmr2vw6MhO-M1O40ZXeKTgkza_w
Message-ID: <CAGa2bXZ99mW003=wZ021gNUxVJ3z6KxUUYMUYJh3QdiDEwQFRA@mail.gmail.com>
To: Stas Malyshev <smalyshev@sugarcrm.com>
Cc: Adam Harvey <aharvey@php.net>, "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a11c3ca10cde21a04eb298c7f
Subject: Re: [PHP-DEV] Session cache, lock and write
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a11c3ca10cde21a04eb298c7f
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi Stas,

On Fri, Nov 15, 2013 at 5:56 AM, Stas Malyshev <smalyshev@sugarcrm.com>wrot=
e:

> > How do you propose to check if session data was changed? For scalar
>
> I think the best way is not to check, but to let the user tell you.
> I.e., I often found it useful to have some way to load session data, but
> then to drop the lock and not write anything. It may be useful for
> application which keeps the state in the session but changes the state
> rarely and only in some well-defined points - e.g. when the app is
> authorized (needs session for auth state) but only login/logout actually
> change this state. That would reduce network traffic by such app for
> session storage by almost 2x, even ignoring the fact that writes are
> usually more expensive than reads on the server end.


We need new user function that close session and does not write session
data. Current session module writes session data always. I'll add that.

session_close() - Close session and discard data.



>  >> Session module could have ini settings
> >>  - session.lock =3D On/Off (On by default. Some save handlers already =
have
> >> this)
> >
> > I've got some concerns on this. I agree that it's a real issue =E2=80=
=94 we do
>
> We could have read-with-no-lock semantics, but taking into account the
> above it's almost the same as read-with-lock+release-lock semantics, and
> given the protocols for some storage engines, may internally probably do
> exactly the same. Convenience function though may be useful.
>
> read-with-no-lock + write however is very dangerous proposition and I
> don't think we should support that - it makes, as you correctly pointed
> out, shooting oneself in the foot extremely easy.
>
> Which means for me that INI setting doesn't make a lot of sense, since
> you dont want ALL of your sessions be read-only - you need to write
> something to read something - and write without locks is a nightmare.


I think you've wrote this before I sent new mail. For files save handler,
when session.lock=3DOff, it will be

open-and-lock -> read session data -> close-and-unlock ->
script executed
-> open-and-lock -> write session data -> close-and-unlock

There may be race for writing, but full data is written to data file.

Current behavior is

open-and-lock -> read session data
script executed
-> write session data -> close-and-unlock

Therefore, other script execution is blocked until lock is released.
(i.e. call session_commit() or script execution ends as you already knew.)

New behavior
=3D=3D=3D=3D=3D=3D
open-and-lock -> read session data -> close-and-unlock ->
script executed
-> open-and-lock -> write session data -> close-and-unlock
=3D=3D=3D=3D=3D=3D
would not be a problem with write short circuit, since unchanged session
data is not written to session storage. User has to know what session
module is doing well to avoid problems, though.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a11c3ca10cde21a04eb298c7f--