Re: [RFC] Revert/extend/postpone original RFC about read_only, lazy_write sessions

From:	Andrey Andreev	Date:	Thu, 20 Mar 2014 11:19:15 +0000
Subject:	Re: [RFC] Revert/extend/postpone original RFC about read_only, lazy_write sessions
References:	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

Hi all,

I did this prototype/concept about SessionHandler,
SessionHandlerInterface in PHP 5.6:
https://gist.github.com/narfbg/9643416
In the context of this discussion, the important part is the
updateTimestamp() method (in relation to 'lazy_write'), you should
ignore the rest (for now). I want to discuss it here first before
updating the RFC with it.

So, I had a chat with Yasuo about it to identify the problems and/or
limitations and this is the most important one:

The patch (https://github.com/php/php-src/pull/628) doesn't allow
calling parent::updateTimestamp() and users should call
parent::write() instead. This is because there are PECL extensions
that provide a session handler and they won't have support for that,
which is hard to detect at runtime.
However, I don't think that this is convenient, nor that documenting
this is better than documenting that PECL extensions might not support
the parent::updateTimestamp() call. To me, that's an unnecessary
limitation and here are the alternatives:

1. Don't declare SessionHandler::updateTimestamp() if
session.save_handler doesn't support it and put a big red warning in
the docs that PECL extensions might lack the method.

I think this is a good trade-off, given that most users trust (or
have) only "stock" PHP extensions and can benefit from this.
Also, this wouldn't be a precedent - you can take mysqli and it's
dependancies on mysqlnd for example (where the docs mention this very
briefly).

2. Scrap the updateWhatever() method and just modify write() to only
update the timestamp when necessary.

I have no idea why nobody has thought about this previously. The
'lazy_write' idea is inspired by a feature request from 2002
(https://bugs.php.net/bug.php?id=17860) that simply asks for an API
identifying whether $_SESSION has been changed or not, or in other
words - and API saying whether session data or only the timestamp
should be updated.

Now, Yasuo prefers providing explicit API for the lazy_write feature
(namely, the updateTimestamp() method), but simply providing such a
flag via i.e. yet another magic constant, similar to SID, solves ALL
of the problems:

 - No API changes
 - No BC breaks
 - No effect on PECL extensions that don't support it

IMO, that's way more flexible and would allow doing lazy_write by
default, no option - after all, the feature represents a performance
improvement.
It also solves another, side-effect problem: the
SessionUpdateTimestampInterface, that currently exists only because of
internal implementation details.

Thoughts? More suggestions? Concerns?

Cheers,
Andrey.


   

Thread (34 messages)

• Andrey AndreevSat, 15 Mar 2014 18:24:11 +0000
  • Yasuo OhgakiSun, 16 Mar 2014 01:12:02 +0000
    • Andrey AndreevSun, 16 Mar 2014 01:27:24 +0000
    • Stas MalyshevSun, 16 Mar 2014 01:28:32 +0000
      • Yasuo OhgakiSun, 16 Mar 2014 01:44:17 +0000
      • Andrey AndreevSun, 16 Mar 2014 16:34:31 +0000
        • Stas MalyshevSun, 16 Mar 2014 20:03:44 +0000
          • Andrey AndreevSun, 16 Mar 2014 23:07:02 +0000
            • Yasuo OhgakiMon, 17 Mar 2014 00:09:19 +0000
              • Andrey AndreevMon, 17 Mar 2014 08:52:51 +0000
                • Yasuo OhgakiMon, 17 Mar 2014 09:02:06 +0000
                  • Andrey AndreevMon, 17 Mar 2014 09:14:41 +0000
                    • Yasuo OhgakiMon, 17 Mar 2014 09:31:27 +0000
                      • Andrey AndreevMon, 17 Mar 2014 09:57:54 +0000
                        • Yasuo OhgakiMon, 17 Mar 2014 10:35:49 +0000
                          • Andrey AndreevMon, 17 Mar 2014 10:47:45 +0000
                            • Yasuo OhgakiTue, 18 Mar 2014 00:50:57 +0000
                              • Stas MalyshevTue, 18 Mar 2014 05:45:18 +0000
                                • Yasuo OhgakiTue, 18 Mar 2014 07:43:56 +0000
                                  • Andrey AndreevTue, 18 Mar 2014 10:58:44 +0000
                                    • Ferenc KovacsTue, 18 Mar 2014 18:45:41 +0000
                                    • Yasuo OhgakiTue, 18 Mar 2014 23:04:32 +0000
                                      • Andrey AndreevTue, 18 Mar 2014 23:27:33 +0000
                                        • Yasuo OhgakiTue, 18 Mar 2014 23:50:40 +0000
                                          • Andrey AndreevWed, 19 Mar 2014 00:17:24 +0000
                                            • Yasuo OhgakiWed, 19 Mar 2014 01:38:16 +0000
                                              • Andrey AndreevThu, 20 Mar 2014 11:19:15 +0000
                                                • John LeSueurThu, 20 Mar 2014 18:35:38 +0000
                                                  • Andrey AndreevFri, 21 Mar 2014 13:46:07 +0000
    • Yasuo OhgakiSun, 16 Mar 2014 01:39:42 +0000
  • Yasuo OhgakiSun, 16 Mar 2014 05:32:54 +0000
    • Andrey AndreevSun, 16 Mar 2014 16:47:57 +0000
  • Yasuo OhgakiSun, 16 Mar 2014 07:57:02 +0000
    • Stas MalyshevSun, 16 Mar 2014 19:59:39 +0000