Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96476
Return-Path: <yohgaki@ohgaki.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 45650 invoked from network); 19 Oct 2016 12:17:54 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 19 Oct 2016 12:17:54 -0000
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@ohgaki.net
X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp  
Received: from [180.42.98.130] ([180.42.98.130:43563] helo=es-i.jp)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id CD/F4-14749-F6467085 for <internals@lists.php.net>; Wed, 19 Oct 2016 08:17:54 -0400
Received: (qmail 58530 invoked by uid 89); 19 Oct 2016 12:17:48 -0000
Received: from unknown (HELO mail-qk0-f171.google.com) (yohgaki@ohgaki.net@209.85.220.171)
  by 0 with ESMTPA; 19 Oct 2016 12:17:48 -0000
Received: by mail-qk0-f171.google.com with SMTP id z190so31070154qkc.2
        for <internals@lists.php.net>; Wed, 19 Oct 2016 05:17:47 -0700 (PDT)
X-Gm-Message-State: AA6/9RlBCoUi+/BUjcfapDVvmeVH+EiHtIuY00lZ56AP9BLtl0G2bSv9MM/rGt9yI6ig5smQqNp7L0nwBi1PBA==
X-Received: by 10.55.121.133 with SMTP id u127mr5475431qkc.233.1476879462175;
 Wed, 19 Oct 2016 05:17:42 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.22.38 with HTTP; Wed, 19 Oct 2016 05:17:01 -0700 (PDT)
In-Reply-To: <CAGa2bXZ3ehA-ufXn68B2W-vVXRc1s9JKEFviFyWKDn2O++iKRw@mail.gmail.com>
References: <CAGa2bXYq=656z9eq-b=agpqJmojDn+DpDt1zfLLc_QTcFcLt8g@mail.gmail.com>
 <CAGa2bXaGg0PocgtJEQ2Xhi6Us4F=ncEN-6zhZKEjGE1UuSoQ5A@mail.gmail.com>
 <1d22f996-27b6-35bb-03a6-df3acf9e33d4@gmail.com> <CAGa2bXZ3ehA-ufXn68B2W-vVXRc1s9JKEFviFyWKDn2O++iKRw@mail.gmail.com>
Date: Wed, 19 Oct 2016 21:17:01 +0900
X-Gmail-Original-Message-ID: <CAGa2bXZWcX0hbZXAZxmuyajUbPoedzQWot9pJR0Z_E+XNZ86bg@mail.gmail.com>
Message-ID: <CAGa2bXZWcX0hbZXAZxmuyajUbPoedzQWot9pJR0Z_E+XNZ86bg@mail.gmail.com>
To: Stanislav Malyshev <smalyshev@gmail.com>
Cc: Davey Shafik <davey@php.net>, "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] Re: Fixing insane session_start() behaviors
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

Hi Stas,

On Wed, Oct 19, 2016 at 8:57 PM, Yasuo Ohgaki <yohgaki@ohgaki.net> wrote:
> Only valid use case is
>
> <?php
> ob_start();
> session_start();
> session_set_cache_limiter('public'); // <== Call this between
> session_start() and session_regenerate_id()
> session_regenerate_id();
> ?>
>
> Other than this, all calls after session_start() is invalid. Valid use
> case is very limited and unlikely. If users have to change cache
> limiter, they can session_commit(), then session_start(). So I would
> like to keep as it is now.

I thought php_session_reset_id() sends all headers, but it sends only
session ID cookie header. So current code is good. Sorry for
confusion.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net