Hi all, Session module has session serializer modules that serializes $_SESSION back and forth. Session serializer module can be defined by user if there is API for it. I would like to propose user defined serialize handler API.
The user defined serializer API will have similar API like session_set_save_handler(). bool session_set_save_handler(callable $serialize_callback, callable $unserialize_callback) bool session_set_save_handler(SessionSerializer $serializer); interface SessionSerializer { public string function serialize(array $_SESSION); // Return serialized session data public bool function unserialize(array &$_SESSION, string $session_data); // Initialize $_SESSION by $session_data } php.ini : There is "session.serialize_handler" (Default: php) "user" will be added, but user must use session_set_serialize_handler() just like session_set_save_handler(). I also would like to php_serialize handler as the default serializer and make php/php_binary deprecated. php/php_binary serializers are made to work with register_globals and have many limitations. e.g. Integer key not allowed, key cannot start with number, delimiter chars are invalid and ignored, etc. php_serialize does not have such limitations at all. Thank you for your feedback. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net