Re: [PHP-DEV] User defined session serialize handler

Thomas Bley Fri, 23 Jan 2015 19:46:15 -0800

Sessions take a big amount of data in production systems, so it might be worth 
to use msgpack (or others) as an option.


Regards
Thomas


Yasuo Ohgaki wrote on 24.01.2015 03:28:

> Hi all,
> 
> Session module has session serializer modules that serializes $_SESSION
> back and forth.
> Session serializer module can be defined by user if there is API for it. I
> would like to
> propose user defined serialize handler API.
> 
> The user defined serializer API will have similar API like
> session_set_save_handler().
> 
> bool session_set_save_handler(callable $serialize_callback, callable
> $unserialize_callback)
> bool session_set_save_handler(SessionSerializer $serializer);
> 
> interface SessionSerializer {
>  public string function serialize(array $_SESSION); // Return serialized
> session data
>  public bool function unserialize(array &$_SESSION, string $session_data);
> // Initialize $_SESSION by $session_data
> }
> 
> php.ini :
> There is "session.serialize_handler" (Default: php) "user" will be added,
> but user must use
> session_set_serialize_handler() just like session_set_save_handler().
> 
> I also would like to php_serialize handler as the default serializer and
> make php/php_binary deprecated.
> 
> php/php_binary serializers are made to work with register_globals and have
> many limitations.
> e.g. Integer key not allowed, key cannot start with number, delimiter chars
> are invalid and
> ignored, etc. php_serialize does not have such limitations at all.
> 
> Thank you for your feedback.
> 
> Regards,
> 
> --
> Yasuo Ohgaki
> yohg...@ohgaki.net
> 


-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP-DEV] User defined session serialize handler

Reply via email to