Am 26.05.2013 19:23, schrieb Thomas Bruederli:
Will PHP just sleep B) until session-files are unlocked or will it just fail in writing the session data? And do database backends of PHPs session handler do locking as well?
it sleeps
you can see this clearly if you have a frameset and every frame is using the session and can imporve this if you do sessin_write_close() as soon as you know you will not write changes to the session data
if this is done right you see no delays in loading the frameset
Maybe my knowledge about that is outdated and we can indeed drop our custom handlers but that all wasn't given some years ago when we ran into problems with the default PHP session storage
no need to drop, make it optional and all are happy the ones with shared sessions over load balancers and the one which have not the need because zero load in context of webmail
it should be quite simple to skip the custom session handler
BTW: you should use session_write_close(); if you are working with redirects, that's why i use a custom redirect method which also disconnects the db-connection as soon as possible
public function location($location, $permanent=false) { if(PHP_SAPI == 'cli') { return false; } session_write_close(); $this->db->disconnect(); switch($permanent) { case true: header($_SERVER['SERVER_PROTOCOL'] . ' 301 Moved Permanently', true, 301); exit(header('Location: ' . $location, true, 301)); break; case false: header($_SERVER['SERVER_PROTOCOL'] . ' 302 Moved Temporarily', true, 302); exit(header('Location: ' . $location, true, 302)); break; } }
it is the combination of Suhosin and PHP 5.4
but since my main-job is php-developer and all applications i developed and maintain except RC are working in the test-setups and on all of the developer-machines i have zero understanding for *one* app which does not and there are much more critical things like a webmail client which is nice-to-have but not more if it comes to business users
Shall I take this as *no*? Fair enough, but if you're not willing to help us tracking the issue down
it is *clearly* Suhosin + custom session handlers + PHP 5.4 what i have ztracked down days ago in the list