Hi all,

On Wed, Jan 27, 2016 at 12:19 PM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
>
> On Wed, Jan 27, 2016 at 11:04 AM, Stanislav Malyshev
> <smalys...@gmail.com> wrote:
>>
>>>> It seems that using a user land SessionHandler, the "write" method
>>>> is not called, raising this issue.
>>>
>>> Attached as .phpt
>>
>> Bisecting with this test shows a15e9ccba8a34553c029fb4574edba87c76447e5
>> as the breaking change. So we need to either fix it (this week, as next
>> week it should be released) or revert this patch.
>
> Note for this issue.
> The change does not breaks normal codes as PHP cannot set new session
> ID when header is already sent. The session is _not_ accessible
> anyway. Not writing orphaned session does not matter at all.
>
> If you understand exactly what is happening, it is understandable this
> is not a BC for production code, but only breaks test code that
> inspect session behaviors and it found out bogus write() is gone now.
>
> Anyway, to fix existing app/framework unit test failures, (it's not
> fixing anything but leave bogus write(), though)
> removing php_session_abort() from php_session_cache_limitter() should be 
> enough.

One additional note.

Removing the php_session_abort() will result in session_start() return
TRUE even when the session is unusable. This may results in hard to
debug bug why session is lost in certain pages.

Anyway, I don't have much opinion to restore old behavior including
restoring crashes by save handler abuse for PHP 5.6. I think PHP 7.0
is better to keep the patch as is, but it may be fixed in PHP 7.1.

Regards,

--
Yasuo Ohgaki
yohg...@ohgaki.net

-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to