Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:73456
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 36027 invoked from network); 28 Mar 2014 06:49:39 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 28 Mar 2014 06:49:39 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.220.49 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.220.49 mail-pa0-f49.google.com  
Received: from [209.85.220.49] ([209.85.220.49:52727] helo=mail-pa0-f49.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id D3/40-31219-18B15335 for <internals@lists.php.net>; Fri, 28 Mar 2014 01:49:37 -0500
Received: by mail-pa0-f49.google.com with SMTP id lj1so4519203pab.8
        for <internals@lists.php.net>; Thu, 27 Mar 2014 23:49:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc:content-type;
        bh=RYzHC64k5ySkIoXsziYw68h4+RH75QDMfFIiJVtj3ts=;
        b=EmaDMTp4ilnB8q3FZ9U07NWQn2MP3gO79NVFuGukW3G/bXwgEc409fzZAWfB8Ws/GM
         DMlkajnA0Qfza6YlVyU7XWtTcuW/s4mOPsl4dGakwQLow/kID2XUoBBXVGGNdimSI/NH
         cPWE2uTduk1T4QSGSm6FfYdkM4Y8J7aUE37DY3UiB9TpaTdprDG/2ZFeGaUvgXtJs6iZ
         CL3w7ShgFfgNZUykHPQOVIwlDImaTWttC4ta3fwSQMZwCHyUYirn4t/sdmnrjqoWALF0
         sYOk4h5iVf2Q7++QGi8pG8OTkMcSubA8dLO31Z4rYYbofiX39xIPwOLWSp4rjjoS5PQ3
         oh0A==
X-Received: by 10.68.193.166 with SMTP id hp6mr6609743pbc.144.1395989374381;
 Thu, 27 Mar 2014 23:49:34 -0700 (PDT)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.70.34.45 with HTTP; Thu, 27 Mar 2014 23:48:54 -0700 (PDT)
In-Reply-To: <CAPhkiZze7NoetcmzUiwRXHCk9s=epRVrm2Nc57tbLSwZCCRSKg@mail.gmail.com>
References: <CAMUwpuSVE4iMA86bxXUnvYLonJ3xmDZ_QSzM38eNvJibxcv6Xw@mail.gmail.com>
 <CAGa2bXYO6s6sQo0UkuRSaSciU1XVCHhWqc5MHCDL1H15ChZ65Q@mail.gmail.com>
 <CAMUwpuQePpm3FLY27ptvPyBU=kndK805D8sRr5N3GSoTQiiGxw@mail.gmail.com>
 <CAPhkiZy=y7AAfwtNPgPgfEWvLyv+aOnU=Yi_XKTYsszB7dS74g@mail.gmail.com>
 <CAMUwpuQ1NodZ+GXdT+3zFWQXbWQMBPnzB35mqLp6ghbwAfLhBA@mail.gmail.com>
 <CAGa2bXYLLw=CC54ceJe76n+tCBz-CawR3jR=A4Cx=gAoL91-tA@mail.gmail.com> <CAPhkiZze7NoetcmzUiwRXHCk9s=epRVrm2Nc57tbLSwZCCRSKg@mail.gmail.com>
Date: Fri, 28 Mar 2014 15:48:54 +0900
X-Google-Sender-Auth: gpfCse1w8lZCMbMYRDauPmoeFoY
Message-ID: <CAGa2bXZpcV94779+y3xGC+RgEP2dJa6dfnKvQvoSgq92ci93mg@mail.gmail.com>
To: Andrey Andreev <narf@devilix.net>
Cc: Julien Pauli <jpauli@php.net>, PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=047d7b15a61bc5369704f5a51a1c
Subject: Re: session_reset() and session_abort() to send errors
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--047d7b15a61bc5369704f5a51a1c
Content-Type: text/plain; charset=UTF-8

Hi Andrey,

On Thu, Mar 27, 2014 at 9:05 PM, Andrey Andreev <narf@devilix.net> wrote:

> > This function is useful for session save handlers that do not lock
> > session data. Example is memcached. This function could be used
> > re-read session data to mitigate over written session data with unlock
> > session data.
> >
> > Andrey, just because you don't think of usage, it does not mean it does
> not
> > mean unneeded or not useful. You are better to ask the reason behind why
> > first.
> > Good library should have defined API for specific tasks, too. You also
> has
> > misunderstanding about why delayed deletion for session_regenerate_id()
> > is mandatory.
>
> Yasuo ... There's no misunderstanding, I just have a disagreement with
> you about that issue and I'm tired of arguing over that. Let's just
> keep session_regenerate_id() in it's own thread, ok?
>

Ok.
I'm talking about XHR cannot be solution and delayed deletion is
mandatory for precise session management. We may discuss later since
I'm going to fork session module.


> But speaking of mandatory: locks are mandatory, so how are non-locking
> handlers an argument in all of this?
>

I use unlocked session for performance tuning often.
Apps could be much faster with little care and little code changes.
Sometimes this function is needed to be sure.

Also, I didn't just question if there's a use case, I'm questioning if
> it is safe to use session_reset() at all. Re-reading doesn't imply
> discarding currently open resources and complerely re-initializing the
> session and from what I see - that's exactly what the function does,
> or am I missing something?


I think session manager should "manage" how session is managed.
Save handlers should save/retrieve session data only. Since session
manager does not have such feature, save handlers does the task and
there is unlocked sessions. Since there is no exposed user functions for
save handlers, reset is needed on occasion.

I would rather have session_gc() back as I wrote in previous mail, though.
This one is truly mandatory function even with precise session data
expiration.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--047d7b15a61bc5369704f5a51a1c--