8000 [HttpFoundation][Sessions] NativeFileSession won't override the php.ini settings anymore by dlsniper · Pull Request #5267 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

[HttpFoundation][Sessions] NativeFileSession won't override the php.ini settings anymore #5267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

[HttpFoundation][Sessions] NativeFileSession won't override the php.ini settings anymore #5267

wants to merge 1 commit into from

Conversation

dlsniper
Copy link
Contributor

This is a redo of #5266 as I had to delete my repository for some other reasons.

Bug fix: yes - but in the 2.1 branch
Feature addition: no
Backwards compatibility break: not sure
Symfony2 tests pass: Build Status
Fixes the following tickets: ~
Todo: ~
License of the code: MIT
Documentation PR: ~

Today I've noticed that the sessions are stored in files even if the configuration of the PHP server was to use the memcached driver to do so.
After a bit of digging I've noticed that the native storage solution Symfony2.1 comes with will override the server settings in the PHP.ini which is very bad as this is not the expected default behavior.
I think this should be solved before releasing 2.1 as the changes for the session subsystem are already major.
One other thing to add to this would be to force the sessions to be stored in files regardless of the settings in php.ini but for that I think we need to use a configuration option. If you think that it would be better to solve the problem that way then I'll gladly do it.

cc @fabpot @Drak

@dlsniper dlsniper mentioned this pull request Aug 15, 2012
Closed
@ghost
Copy link
ghost commented Aug 15, 2012

@dlsniper

Out of the box, we've expected that native NativeFileSessionHandler would just mean that we can implement whatever we want in php.ini and it would just use that

No, it is as the name says - native file session handler :-)

Maybe a solution would be to implement a NativePHPSettingsHandler and ship it with Symfony2 but imho if you look at the configuration of Symfony2 Standard, you wouldn't expect that the sessions are not obeying the rules of php.ini.

As I said before if you want to leave the save handlers as specified in php.ini (which is a mistake imo), then simply pass null to the NativeSessionStorage constructor for the handler arg.

As a matter of principal, an application's configuration be explicit and not make assumptions about the environment it's deployed in. You might have an exception for this, but as a general rule, the application should behave the same way on server 1 or server 2 because it makes the application robust and saves some poor admin time scratching their head as to why server 1 works, and server 2's deployment doesn't.

But now the problem we're faced is like this: we want to use memcached as session server. If we don't write any code for it then it should be the fastest/reliable way to implement it as we control the web servers. If we need to write code for this then it means we need to test it and so on.

This is why we had the Native* drivers - and this is exactly why I was against them being removed because it's now more annoying to use them. We were told instead, that if someone wants to implement native storage handlers they should directly specify ini_set('save_handler', 'memcache') or whatever which is suddenly outside of the whole paradigm we expect in Symfony.

Yet another thing that we might just as well change would be to change the sessions storage path to have it under app/sessions/[SF2_ENV]/ as it seems there's a lot of people clearing their cache and just forgetting/not knowing that the sessions folder is in their cache folder.

This is already configurable, the default folder is sensible for most purposes. Especially when testing or re-deploying clearing out sessions may make very good sense.

@ghost
Copy link
ghost commented Aug 15, 2012

This PR breaks the intended behaviour - there is no way to set to files if the environment was set to something other than files. The purpose of this class is to set the save handler to files.

@travisbot
Copy link

This pull request passes (merged 314c16b into 50df1a7).

@dlsniper
Copy link
Contributor Author

@Drak Thanks for feedback.

I've got the first part but either I'm too asleep right now, or passing: handler_id: null doesn't help at all. All I get is a big error. You can check it out at: https://github.com/dlsniper/symfony-standard maybe you can spot something that I don't understand/I'm doing wrong.

In regards to the whole Native* part, it doesn't seem like a good approach to defer common things to the user to implement. I mean yeah, if the user wants, he can have the whole php.ini thing, like my client has, but how many people do that? Like you said, it's a matter of consistency and some people might have clients/business that actually want that :)

As for changing the folder path, I think I've seen at least half a dozen of people complaining about the problem that they've deleted the cache folder and they've lost the sessions in process. Maybe a manual warning might be enough but lets face it, if they didn't knew where the sessions are stored what makes you think that they'll notice that? Even so, cache is not the best name to describe the session folder placement, no?

@vicb
Copy link
Contributor
vicb commented Aug 16, 2012

@Drak what about a cookbook entry detailing the setup to use in order to use the settings from php.ini ?

@dlsniper
Copy link
Contributor Author

@Drak if I change this in order to add an option to allow the user to ignore_ini_settings then would this be ok for the scope of the PR? Thanks.

@ghost
Copy link
ghost commented Aug 17, 2012

@dlsniper - you are missing the point. Doing so would just be a hack. The right way to do this is to allow the configuration in FrameworkBundle to accept null like this:

session:
        handler_id: ~

For those not using just the component, they pass null in the constructor (which means just not completing the second arg).

@ghost ghost mentioned this pull request Aug 17, 2012
Merged
@ghost
Copy link
ghost commented Aug 17, 2012

This PR can be closed for #5290 which achieves the requested end result but in a non-disruptive manner.

@dlsniper
Copy link
Contributor Author

Closing this in favor of #5290, thanks for help @Drak. I'll try and provide a PR for the documentation tonight.

@dlsniper dlsniper closed this Aug 17, 2012
fabpot added a commit that referenced this pull request Aug 18, 2012
@fabpot
merged branch drak/nullhandler (PR #5290)
df889fb 
Commits
-------

8e11aaa [FrameworkBundle] Allow to set null for the handler in NativeSessionStorage

Discussion
----------

[FrameworkBundle] Allow to set null for the handler in NativeSessionStorage

Bug fix: no
Feature addition: yes (ok for RC)
Backwards compatibility break: yes
Symfony2 tests pass: yes
Fixes the following tickets: 5267
Todo: ~
License of the code: MIT
Documentation PR: ~

Refs #5267

Adds the following configuration

```
session:
        handler_id: ~
```

Which allows the configuration of the session not to use any save handler and therefor just use whatever save_handler is set in `php.ini`

---------------------------------------------------------------------------

by dlsniper at 2012-08-17T17:24:37Z

:+1:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dlsniper @travisbot @vicb
0