Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:71301 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 11853 invoked from network); 20 Jan 2014 07:35:38 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Jan 2014 07:35:38 -0000 Authentication-Results: pb1.pair.com smtp.mail=smalyshev@sugarcrm.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=smalyshev@sugarcrm.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain sugarcrm.com designates 108.166.43.67 as permitted sender) X-PHP-List-Original-Sender: smalyshev@sugarcrm.com X-Host-Fingerprint: 108.166.43.67 smtp67.ord1c.emailsrvr.com Linux 2.6 Received: from [108.166.43.67] ([108.166.43.67:51604] helo=smtp67.ord1c.emailsrvr.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 2D/D1-02192-9C1DCD25 for ; Mon, 20 Jan 2014 02:35:37 -0500 Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp1.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id D55441489CA; Mon, 20 Jan 2014 02:35:34 -0500 (EST) X-Virus-Scanned: OK Received: by smtp1.relay.ord1c.emailsrvr.com (Authenticated sender: smalyshev-AT-sugarcrm.com) with ESMTPSA id 80AB71489E1; Mon, 20 Jan 2014 02:35:34 -0500 (EST) Message-ID: <52DCD1C5.8080109@sugarcrm.com> Date: Sun, 19 Jan 2014 23:35:33 -0800 Organization: SugarCRM User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: Yasuo Ohgaki CC: "internals@lists.php.net" References: <52DC905F.2080705@sugarcrm.com> <52DCAE75.8070401@sugarcrm.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] [VOTE] Introduce session.lock, session.lazy_write and session.lazy_destory From: smalyshev@sugarcrm.com (Stas Malyshev) Hi! > It allows access to old session for certain amount of time. 30 seconds > would be enough for session.lock=off. 60 or more when session.lock=on. > I was about to allow access to deleted session for 90 seconds. > Configurable INI may be better. I'll make session.lazy_destroy a integer > config. It is irrelevant how long it is. Even 1 microsecond is long enough - if the app said session data should be gone, then they should be gone, not linger around and allow access to them. If you need access to that data, copy it into the new session. > IIRC you're one of them who are preferred to have separate > implementation(?) I prefer not to have implementation for 2 out of 3 proposed "features" at all, because I think they will produce more problems than solutions. For the lazy-write feature, IMO it can be made global, or function (I actually prefer both) - but I see no reason to create a duplicate driver, if you don't want it turned on, turn off the option. I'm not sure what would be the reason to clone the driver. Do you have a reference for where it was asked so I could re-read it and recall what were the reasons for it? My memory may be failing me :) > No, they don't have to. They can ignore new features or implement them > all or part of them. This would be a bit confusing - you set an option, but some drivers would implement it, some would ignore it, so you never know what actually happens. > Shooting their own foot is possible, but let advanced users to enjoy > extreme performance! I don't think performance at he expense of reliability, data consistency and security should be our goal. Like I said, we could also make an option to ignore random number of file writes and claim it is a performance feature, but it would be useless, since there is no case where one would recommend to use it. I see no case where I would recommend anybody to use unlocked sessions - so why introduce it? -- Stanislav Malyshev, Software Architect SugarCRM: http://www.sugarcrm.com/ (408)454-6900 ext. 227