#43980 [Opn->]: Difficult to unserialize session data in user session save function

Sun, 16 Mar 2008 17:48:09 -0700 

 ID:               43980
 Updated by:       [EMAIL PROTECTED]
 Reported By:      rhm31 at cam dot ac dot uk
-Status:           Open
+Status:           Wont Fix
 Bug Type:         Session related
 Operating System: Linux
 PHP Version:      4.4.8
 New Comment:

We are sorry, but we can not support PHP 4 related problems anymore.
Momentum is gathering for PHP 6, and we think supporting PHP 4 will
lead to a waste of resources which we want to put into getting PHP 6
ready.




Previous Comments:
------------------------------------------------------------------------

[2008-01-30 02:49:47] rhm31 at cam dot ac dot uk

Description:
------------
A custom session handler has a save function, which is given an opaque
piece of session data. No functions are provided to modify this data,
even though this can be useful in some cases.

As a workaround, session_decode and session_encode can be used.
However, there are some problems:
1. BUG:session_start() must be called in the save function; presumably
because in the save handler the session is already closed.
2. HARD TO USE:The functions do not simply take a string and return an
array or vise-versa; instead they work directly on the $_SESSION array.
This means you cannot easily use them for generic purposes.

A function that implements decode_session below could be added to the
standard library, and the existing functions deprecated, since this
function subsumes them.
Also, a similar function for encode_session.


Reproduce code:
---------------
function decode_session($session_string)
{
        $current_session=session_encode();
        foreach($_SESSION as $key => $value)
        {
                unset($_SESSION[$key]);
        }
        session_decode($session_string);
        $restored_session = $_SESSION;
        foreach ($_SESSION as $key => $value){
                unset($_SESSION[$key]);
        }
        session_decode($current_session);
        return $restored_session;
}

Expected result:
----------------
The session_string to be decoded and returned as an array.

Actual result:
--------------
An empty array is returned with no error message when above function is
called from a session save handler.


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=43980&edit=1

Reply via email to