Re: "php_serialize" session serialize handler

From:	Stas Malyshev	Date:	Wed, 07 Aug 2013 20:34:26 +0000
Subject:	Re: "php_serialize" session serialize handler
References:	1	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

Hi!

> Current session module has a few limitations due to "register_globals"
> support which is now obsolete. One of them is numeric key indexed session
> data. i.e. $_SESSION[1] = $var is not allowed now and it raises error at
> R_SHUTDOWN with useless message for debugging.

Why is it useful to do this? I don't see how using numerical indexes in
global namespace (and SESSION is one of global namespaces in PHP) is a
good idea. Could you explain the use case here?

This seems to be to be of a very limited use and introducing new
serializer format with all resulting BC problems and confusion doesn't
seem to be worth it.
-- 
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227


   

Thread (26 messages)

• Yasuo OhgakiWed, 07 Aug 2013 06:59:14 +0000
  • Stas MalyshevWed, 07 Aug 2013 20:34:26 +0000
    • Yasuo OhgakiThu, 08 Aug 2013 00:58:11 +0000
      • Stas MalyshevThu, 08 Aug 2013 01:03:35 +0000
        • Yasuo OhgakiThu, 08 Aug 2013 01:41:43 +0000
          • Stas MalyshevThu, 08 Aug 2013 02:03:54 +0000
            • Yasuo OhgakiThu, 08 Aug 2013 02:11:33 +0000
              • Yasuo OhgakiThu, 08 Aug 2013 02:23:33 +0000
                • Lester CaineThu, 08 Aug 2013 08:26:10 +0000
                  • Yasuo OhgakiThu, 08 Aug 2013 10:09:18 +0000