Re: SessionHandlerInterface protocol

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Le 23/06/2021 à 12:01, Christoph M. Becker a écrit :

On 23.06.2021 at 09:08, Mathieu Dubois wrote:


Dear list,

I'm trying to understand PHP session handlers and more precisely the
return value of SessionHandlerInterface::read.

The doc [1] states (emphasis mine):

    Returns an encoded string of the read data. *If nothing was read, it
    must return false*. Note this value is returned internally to PHP
    for processing.

However, the example used in the documentation of the SessionHandler
class [2] and other implementations (for instance Symfony's
PdoSessionHandler [3]) seem to return an empty string when nothing can
be read.

If I understand well, the first time you connect to an host, nothing can
be read. My own test seems to indicate that returning false in this case
triggers an error while returning an empty string creates a new session.

Can someone clarify this ? How is the value false used ? More generally,
I haven't found a clear explanation of which method is called at which
time during session creation and how the values are used.

Note that I have posted the same question on SO [4] but I'm not
satisfied by the answers.

Thanks in advance,
Mathieu

   [1] https://www.php.net/manual/en/sessionhandlerinterface.read.php
   [2] https://www.php.net/manual/en/class.sessionhandler
   [3]
https://github.com/symfony/symfony/blob/c71c8727cc665c9e9b56e299fcfcc0adfbf02bac/src/Symfony/Component/HttpFoundation/Session/Storage/Handler/PdoSessionHandler.php#L638

   [4] https://stackoverflow.com/questions/68025570

Before ::read() is called, open() is called.  ::open() is suppossed to
create the empty session data, if no data for the given session exist.
This empty data string should then be returned from ::read().  If
::read() fails to read the data, it should return false (or actually any
non-string value in the current implementation) to signal failure.
I might be confused but the session id is not passed to ::open() so how is it supposed to create the empty session data ? By using session_id ? 


Mathieu

--
Mathieu Dubois - IR - UMR 8030 équipe LABGeM
CEA - Genoscope. 2 rue Gaston Crémieux. 91057 Evry Cedex France.
Bureau B07
+33 1 60 87 53 35
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux