Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:73596
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 68193 invoked from network); 4 Apr 2014 22:32:22 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 4 Apr 2014 22:32:22 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.182 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.217.182 mail-lb0-f182.google.com  
Received: from [209.85.217.182] ([209.85.217.182:61079] helo=mail-lb0-f182.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 77/01-61914-5F23F335 for <internals@lists.php.net>; Fri, 04 Apr 2014 17:32:21 -0500
Received: by mail-lb0-f182.google.com with SMTP id n15so2977320lbi.13
        for <internals@lists.php.net>; Fri, 04 Apr 2014 15:32:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc:content-type;
        bh=4woZ3v+Aof3Vj6Gc3wu6edkBOXZQvxl/5D2aw1eergg=;
        b=ln8CLXEYik6/q3RBPoxKqyrFobSKzK5brClPdCmyo7pKPW9lB4YLAfQp2/dXheofSq
         nMdafL20v2mOjBkQjtpWDmc928Q+PM82eHaE2z78AgjS2nf1YnhYRvJlWqsSSisdfhQK
         mgcypo7P93tsUmfiXh/gEZgc9i0pHypXJObp1LP+tzCP6vGLzD+4XUugUHTGYqo31XVw
         CsDqdn+n4b7z98Z6uawUquTHrmJ2LUwZYnEZBwpetE6yDWCGCsPu223TRWEDrVpL9lHd
         TisytSnwqiwOlVPURazFq8wjD8w+XSyQsuE9QCFnKWWmVFnIop+q43Y9nOto8HnhMYNu
         CeOA==
X-Received: by 10.152.115.178 with SMTP id jp18mr10182584lab.23.1396650737505;
 Fri, 04 Apr 2014 15:32:17 -0700 (PDT)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.112.205.73 with HTTP; Fri, 4 Apr 2014 15:31:37 -0700 (PDT)
In-Reply-To: <CAPhkiZxcWa+bwMOOMcjnTThY_CTRK5r5K7HWCFqHhKVUbqN7dA@mail.gmail.com>
References: <CAMUwpuSVE4iMA86bxXUnvYLonJ3xmDZ_QSzM38eNvJibxcv6Xw@mail.gmail.com>
 <CAGa2bXYO6s6sQo0UkuRSaSciU1XVCHhWqc5MHCDL1H15ChZ65Q@mail.gmail.com>
 <CAMUwpuQePpm3FLY27ptvPyBU=kndK805D8sRr5N3GSoTQiiGxw@mail.gmail.com>
 <CAPhkiZy=y7AAfwtNPgPgfEWvLyv+aOnU=Yi_XKTYsszB7dS74g@mail.gmail.com>
 <CAGa2bXZJN72Z+L24NxVNT0A0sdojr8tJ4E5TPjYUTnjvSWkPig@mail.gmail.com>
 <CAPhkiZzBOM_jAm_tz2YKpj_ExJRUuP8y2dHBy4tm3+6KeHNiCQ@mail.gmail.com>
 <CAGa2bXaau5peLX=dh+6OUtOxKdYsHQzzdJktiXmDqb5UmXB96A@mail.gmail.com>
 <CAPhkiZy_1mQ4WGz1CiKiiC32i_oOVyfkTu===QZjV=UtWY6mKA@mail.gmail.com>
 <CAGa2bXbHomZmh91wk-5=LHG7S2FSbxTUnD+M=E9756WxFwYmHg@mail.gmail.com> <CAPhkiZxcWa+bwMOOMcjnTThY_CTRK5r5K7HWCFqHhKVUbqN7dA@mail.gmail.com>
Date: Sat, 5 Apr 2014 07:31:37 +0900
X-Google-Sender-Auth: lrmoZrenM6GazA6mQxxikxdzVXo
Message-ID: <CAGa2bXZ_kEYidfmYRde8HuXtfZzjtSLyWRxVVj2NyUZZGz7N_A@mail.gmail.com>
To: Andrey Andreev <narf@devilix.net>
Cc: Julien Pauli <jpauli@php.net>, PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a11c3474c159b2004f63f17f0
Subject: Re: session_reset() and session_abort() to send errors
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--001a11c3474c159b2004f63f17f0
Content-Type: text/plain; charset=UTF-8

Hi Andrey,

On Fri, Apr 4, 2014 at 7:07 PM, Andrey Andreev <narf@devilix.net> wrote:

> On Fri, Apr 4, 2014 at 12:48 PM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
> > Hi Andrey,
> >
> > On Tue, Apr 1, 2014 at 6:20 PM, Andrey Andreev <narf@devilix.net> wrote:
> >>
> >> >> Well, I just re-checked it and does indeed just call
> >> >> php_session_initialize(), so what's the point? Shorthand for
> >> >> session_abort() && session_start() ?
> >> >
> >> >
> >> > Yes, it's an API for it.
> >> > It's more efficient than user land functions as it requires needless
> >> > close and open (and initialization required to open).
> >>
> >> I'm confused now, does it call open() or does it not?
> >> If it doesn't - it's unsafe.
> >
> >
> > It's safe as long as handler locks data during read/write.
> > Example is memcached save handler with unlocked session.
>
> I had something other in mind and you didn't really answer my
> question, but ... there you have it - it can be unsafe even by your
> own words. :)
>

Regarding to safety of session data management, session management is _not_
safe anyway. Locked session does not guarantee data consistency due to
nature of HTTP session management. Locked session provides a litter better
consistency. That's all and no more than that. i.e. It's false sense of
safety.

That said better is better. That's the reason why I'm proposing various
_better_
way of management than now.

>> If it does - it's unclear, redundant and optimizes by silently
> >> discarding already open resources (without properly closing them).
> >>
> >> Either way, I like efficiency but I also see it as flawed.
> >
> >
> > Save handler may lock/unlock session data. There is no standardized
> > way for it.
> >
> > Since there would not be lock option for session manager, I don't mind
> > removing it. There is not much point to have it without lock option for
> > session manager. I would like to have session_gc() than session_reset().
>
> This sounds a bit like you're proposing some kind of a trade
> agreement. When you put it that way, I'd also rather have session_gc()
> instead of session_reset(), but that's not the point. My initial
> argument was that these features need to be brainstormed here on
> internals and there was no discussion about them at all.


It's not trade. session_gc() is mandatory and I'll add it anyway :)
Periodic GC is much better way than probability based GC. There must
be API for it. I think there wouldn't be argument for this.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--001a11c3474c159b2004f63f17f0--