Hi Andrey, On Fri, Apr 8, 2016 at 6:24 PM, Andrey Andreev <n...@devilix.net> wrote: > On Fri, Apr 8, 2016 at 11:38 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: >> >> Hi Andrey, >> >> On Fri, Apr 8, 2016 at 5:02 PM, Andrey Andreev <n...@devilix.net> wrote: >> > On Fri, Apr 8, 2016 at 6:46 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: >> >> >> >> ,,, >> >> >> >> > >> >> > Speaking of the documentation part - it's not hard to imagine A LOT >> >> > of >> >> > people doing this: >> >> > >> >> > session_start(); >> >> > session_gc(); >> >> > >> >> > That's not a small problem. >> >> >> >> Shooting their own foot is not our problem, but leaving obsolete and >> >> possibly active session is ours. >> >> >> > >> > If you want to explicitly document something as a best practice, it IS >> > your >> > problem when users shoot their feet with it >> >> Lack of proper API for required task is our problem. Misuse is not ours. >> IMHO. > > > I understand your POV, but you can't advertise something as a best practice > and not warn about mistakes that are easy to make - it would be indecent at > the very least.
We were getting bug reports like "Calling save handler function directly crashes PHP". Many of crash bugs by misuse are fixed, but we have to consider such misuses also. We also have to consider service providers. They should be able to use session_gc() properly and mitigate risk of obsolete session being active again. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
