Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:91019
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 90610 invoked from network); 30 Jan 2016 10:38:17 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 30 Jan 2016 10:38:17 -0000
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.160.180 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.160.180 mail-yk0-f180.google.com  
Received: from [209.85.160.180] ([209.85.160.180:34331] helo=mail-yk0-f180.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 94/A2-55829-7929CA65 for <internals@lists.php.net>; Sat, 30 Jan 2016 05:38:16 -0500
Received: by mail-yk0-f180.google.com with SMTP id a85so97089583ykb.1
        for <internals@lists.php.net>; Sat, 30 Jan 2016 02:38:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:content-type;
        bh=GCe6jdOrBHKvzu3qM4A18t5j0Ir/31AoL1CPXGi47hA=;
        b=dh9lzNlChA69MET+kx8Cvd/I7iCzOnPh0wCwfu9RCfpQBP6bu2HXrVXkCMSI2hAyL+
         w+W4mHgA/rTcgrTaUapfEPfyTwyGcuj7n2rjFwP92qP1ol3uPzKda9YYeFeTsWVqj+1m
         RXuQ8U3IGjYkbiwmxzycH/IbzsEQRQNPHjEJhs8BbFaz465jyiW2qXJb3Gs+hz7EMGkp
         QUh9BW65gdYQl7mFpJr4K9aFQFELSDoZpVqCmyGzouTRGpdnFhqJwA3aOZpTIFQk7kGS
         k7yHgXk5q7mq0Da+yuRlqddnfNI/AKCl2iC11j1C5FZZjObZeSzx+1vbIYJztqWz3eiw
         6+DA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:content-type;
        bh=GCe6jdOrBHKvzu3qM4A18t5j0Ir/31AoL1CPXGi47hA=;
        b=fxBAS/qbcgIxrd13yg8K5HQcuOydqNhn4EOAqtG7P31DIhyaOlecvT9BXL+EBysUvU
         YTmOxkRFrhycdPjDjmSbKk+sdI0leq9lE3AgX5Bf6KXZIcvI4hoUx+Cs7+A/F7+foUM4
         mO0w5uJ6PLvpqoZTae6RVJxevbLvHqDB2KDqQK8zWDBDPbzJbZ3luPQ1QWpiJGPFMu/x
         W0qepU6Vqkn2J7OqOro+5IMCdYyPWSEXb7KBfke/BYS7KNTpsowVAw2BE6p6Crfp7eYH
         GgygyNTA/82LFuu8DlqDaThpq0xy8nML97kniitCRx7HPSo5pr8oH9KlKmccYJun1c54
         c3vQ==
X-Gm-Message-State: AG10YOSIEqjUdsmIvZ5l7aozRqBZDxoA+BbT14TEB94k8wA1qTEOZBPm/fP7hE6Y07AKBtkbQCy6WYBEeEoXBQ==
X-Received: by 10.129.60.12 with SMTP id j12mr7603908ywa.86.1454150293133;
 Sat, 30 Jan 2016 02:38:13 -0800 (PST)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.129.109.22 with HTTP; Sat, 30 Jan 2016 02:37:33 -0800 (PST)
In-Reply-To: <CAGa2bXbg_kebBVg3tSh4uFHZ6nQXRbjUXNQa0JZx9sezQqb5kg@mail.gmail.com>
References: <CAGa2bXbg_kebBVg3tSh4uFHZ6nQXRbjUXNQa0JZx9sezQqb5kg@mail.gmail.com>
Date: Sat, 30 Jan 2016 19:37:33 +0900
X-Google-Sender-Auth: mhwzyo_WCCuFVN6pSDeaFDBoSHM
Message-ID: <CAGa2bXYr7Xe5fMs_G+bxjCH8PSkJ4Awbtt95Kh9j4f5QbVwevw@mail.gmail.com>
To: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [RFC Discussion] Precise Session Management
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

Hi all,

On Sat, Dec 19, 2015 at 7:33 AM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
> I would like to restart better session management for PHP 7.1.
>
> https://wiki.php.net/rfc/precise_session_management
>
> Although this RFC targets PHP 7.1, new session management
> could be applied to older releases also if majority of us agree.
> Please comment.

The patch is stable enough now.

https://github.com/php/php-src/pull/1734

I made patch a little simpler by removing per session basis timestamp
handling. It's system wide now. i.e. Cannot control timestamps per
session. If it is needed, it may be added later.

Since session expiration is managed by timestamp in session data, GC
may be performed when session closes. GC may take time and prevents
server outputs because session_start() is called at the beginning of
script execution usually. If GC is done at the end of
session(rshutdown), user gets the page content just like GC is not
performed while browser looks it's still loading page. I would like to
perform GC only when session is still active when request is shutting
down.

Consequences
 - If script executes session_commit()/session_destroy()/use read only
option, PHP will not perform GC. i.e. GC function is not called at
all. Therefore, probability of GC decreases and GC becomes less
likely.
 - If script uses multiple session storage, only the last session
storage performs GC. i.e. Previously used session storage may not call
GC function at all if this is done for site wide.
 - User will not see occasional page rendering delay by GC. (This is
the main reason of this change)

This behavior is preferred than current one. IMO.
Does anyone have problem with this?

--
Yasuo Ohgaki
yohgaki@ohgaki.net