Hi all,
Session module has session serializer modules that serializes $_SESSION
back and forth.
Session serializer module can be defined by user if there is API for it. I
would like to
propose user defined serialize handler API.
The user defined serializer API will have similar API like
session_set_save_handler().
bool session_set_save_handler(callable $serialize_callback, callable
$unserialize_callback)
bool session_set_save_handler(SessionSerializer $serializer);
interface SessionSerializer {
public string function serialize(array $_SESSION); // Return serialized
session data
public bool function unserialize(array &$_SESSION, string $session_data);
// Initialize $_SESSION by $session_data
}
php.ini :
There is "session.serialize_handler" (Default: php) "user" will be added,
but user must use
session_set_serialize_handler() just like session_set_save_handler().
I also would like to php_serialize handler as the default serializer and
make php/php_binary deprecated.
php/php_binary serializers are made to work with register_globals and have
many limitations.
e.g. Integer key not allowed, key cannot start with number, delimiter chars
are invalid and
ignored, etc. php_serialize does not have such limitations at all.
Thank you for your feedback.
Regards,
--
Yasuo Ohgaki
yohg...@ohgaki.net
