Edit report at https://bugs.php.net/bug.php?id=49622&edit=1
ID: 49622
Updated by: yohg...@php.net
Reported by: giunta dot gaetano at gmail dot com
Summary: allow usage of json and/or php standard serialize
format for sessions
-Status: Assigned
+Status: Wont fix
Type: Feature/Change Request
Package: Session related
Operating System: *
PHP Version: 5.3.0
Assigned To: yohgaki
Block user comment: N
Private report: N
New Comment:
I considered adding JSON and BSON serializer and come to conclusion that would
not worth implementing it.
JSON is text based serializer and cannot handle binary well. Therefore, all
strings in $_SESSION array has be preprocessed by base64encode. Reverse
operation is required when decoding. I think it just do not worth it.
If one would like to use BSON, they may simply use MongoDB as session data
storage. It seems there are number of session save handlers.
https://github.com/nicktacular/php-mongo-session
Users can retrieve BSON from MongoDB.
There will be "php_serialize" serialize handler if you need better serializer
that communicate with other systems.
PERL: http://search.cpan.org/~bobtfish/PHP-Serialization-
0.34/lib/PHP/Serialization.pm
Python: https://pypi.python.org/pypi/phpserialize
Ruby: https://github.com/jqr/php-serialize
Lua:
http://gitorious.org/nutria/seawolf/blobs/bfb9beb250176103f8b02c7fb938b3a09abf89
55/variable/serialize/serialize.lua
Use "php_serialize" instead.
Previous Comments:
------------------------------------------------------------------------
[2013-08-10 09:08:08] yohg...@php.net
Related To: Bug #65359
------------------------------------------------------------------------
[2012-03-31 03:50:43] yohg...@php.net
JSON cannot be used (e.g. can't handle binary well) May be BSON?
Plain serializer will be added.
------------------------------------------------------------------------
[2011-02-02 20:49:57] lealcy at gmail dot com
Just add a second parameter to the existing function: $overwrite_session =
true.
This avoid create a extra function and doesn't break any existing code.
------------------------------------------------------------------------
[2009-09-22 12:14:10] giunta dot gaetano at gmail dot com
Description:
------------
The current session_decode() function is good when the user needs to decode a
serialized session string, but it
- needs to have session_start() called beforehand
- has an impact on the current session state
A lot of comments in the php man pages for unserialize() and session_decode()
are from users trying to write a preg_ based decoder of session data (and
failing).
A new function that session_decode_to_array() that
- returned the deserialized data as an array
- did not impact current session state
would imho be quite useful (or adding a flag param to the existing function, to
the same effect)
Since this feat. request has already been filed and closed as bogus
(http://bugs.php.net/bug.php?id=42725), what I am proposing here is slightly
different: besides 'wddx' and 'php', allow usage of 'json' and 'serialize' as
native serialization formats for session data - the latter corresponding to the
native serialize function.
If there is some information loss involved in using those two formats (ie.
references), just make it clear in the docs.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=49622&edit=1
