Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:81067
Return-Path: <mails@thomasbley.de>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 19726 invoked from network); 24 Jan 2015 03:45:27 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 24 Jan 2015 03:45:27 -0000
Authentication-Results: pb1.pair.com header.from=mails@thomasbley.de; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=mails@thomasbley.de; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain thomasbley.de from 85.13.137.24 cause and error)
X-PHP-List-Original-Sender: mails@thomasbley.de
X-Host-Fingerprint: 85.13.137.24 dd15934.kasserver.com  
Received: from [85.13.137.24] ([85.13.137.24:35844] helo=dd15934.kasserver.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id C4/31-10645-65513C45 for <internals@lists.php.net>; Fri, 23 Jan 2015 22:45:27 -0500
Received: from dd15934.kasserver.com (dd0802.kasserver.com [85.13.143.1])
	by dd15934.kasserver.com (Postfix) with ESMTPSA id 7F51C2615F8;
	Sat, 24 Jan 2015 04:45:22 +0100 (CET)
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-SenderIP: 178.2.18.135
User-Agent: ALL-INKL Webmail 2.11
In-Reply-To: <CAGa2bXZN67hw_hLH7uWdYmMWKdNyxKUeAzrX1K+d3jiie4MZRg@mail.gmail.com>
References: <CAGa2bXZN67hw_hLH7uWdYmMWKdNyxKUeAzrX1K+d3jiie4MZRg@mail.gmail.com>
To: internals@lists.php.net, yohgaki@ohgaki.net
Message-ID: <20150124034522.7F51C2615F8@dd15934.kasserver.com>
Date: Sat, 24 Jan 2015 04:45:22 +0100 (CET)
Subject: Re: [PHP-DEV] User defined session serialize handler
From: mails@thomasbley.de ("Thomas Bley")

Sessions take a big amount of data in production systems, so it might be worth to use msgpack (or others) as an option.

Regards
Thomas


Yasuo Ohgaki wrote on 24.01.2015 03:28:

> Hi all,
> 
> Session module has session serializer modules that serializes $_SESSION
> back and forth.
> Session serializer module can be defined by user if there is API for it. I
> would like to
> propose user defined serialize handler API.
> 
> The user defined serializer API will have similar API like
> session_set_save_handler().
> 
> bool session_set_save_handler(callable $serialize_callback, callable
> $unserialize_callback)
> bool session_set_save_handler(SessionSerializer $serializer);
> 
> interface SessionSerializer {
>  public string function serialize(array $_SESSION); // Return serialized
> session data
>  public bool function unserialize(array &$_SESSION, string $session_data);
> // Initialize $_SESSION by $session_data
> }
> 
> php.ini :
> There is "session.serialize_handler" (Default: php) "user" will be added,
> but user must use
> session_set_serialize_handler() just like session_set_save_handler().
> 
> I also would like to php_serialize handler as the default serializer and
> make php/php_binary deprecated.
> 
> php/php_binary serializers are made to work with register_globals and have
> many limitations.
> e.g. Integer key not allowed, key cannot start with number, delimiter chars
> are invalid and
> ignored, etc. php_serialize does not have such limitations at all.
> 
> Thank you for your feedback.
> 
> Regards,
> 
> --
> Yasuo Ohgaki
> yohgaki@ohgaki.net
>