Hi Pierre, On Thu, May 12, 2016 at 10:53 AM, Pierre Joye <pierre....@gmail.com> wrote: > My answer is clearly no. We must rather simplified improved the > session implementations and APIs, focusing purely on its core > purposes, managing session data storage and provides interfaces&APIs > to match application needs. We do not do that very well anymore.
We did not do very well for a long time, indeed. Session manager must not accept uninitialized session ID. It's obvious mandatory requirement for decent session manager, but it took me many years to add it and it's not enabled by default yet. I think a decade has passed since strict session was proposed. Another mandatory feature that time stamp based session data management is taking years and I'm not sure if I can add this for PHP 7.1. Even simple mandatory API for house keeping task like session_gc() is taking many years to be implemented. It could be an option that abandon session module and let users to implement decent session manager because we are taking too long time even for mandatory things even if there are implementations. It is simply taking too long time to fix them. I'm half joking, but half serious :) Regards, -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
