Hi all, On Wed, Jan 27, 2016 at 12:28 PM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: >> Note for this issue. >> The change does not breaks normal codes as PHP cannot set new session >> ID when header is already sent. The session is _not_ accessible >> anyway. Not writing orphaned session does not matter at all. >> >> If you understand exactly what is happening, it is understandable this >> is not a BC for production code, but only breaks test code that >> inspect session behaviors and it found out bogus write() is gone now. >> >> Anyway, to fix existing app/framework unit test failures, (it's not >> fixing anything but leave bogus write(), though) >> removing php_session_abort() from php_session_cache_limitter() should be >> enough. > > One additional note. > > Removing the php_session_abort() will result in session_start() return > TRUE even when the session is unusable. This may results in hard to > debug bug why session is lost in certain pages. > > Anyway, I don't have much opinion to restore old behavior including > restoring crashes by save handler abuse for PHP 5.6. I think PHP 7.0 > is better to keep the patch as is, but it may be fixed in PHP 7.1.
Sorry for scattered message, but it would be the best resolution to ask those frameworks/apps developer to ignore/remove the test? Returning FALSE for invalid session_start() should worth for frameworks/apps developer rather than keeping bogus test passing. IMO. Any comments? -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php