rfc:session-gc

PHP RFC: Add session_gc()

  • Version: 1.0
  • Create Date: 2014-03-13
  • Modify Date: 2016-08-10
  • Author: Yasuo Ohgaki, yohgaki@ohgaki.net
  • Status: Voting

Introduction

Current session GC depends on probability. Thus, low traffic sites would not delete expired session data and could be usable as valid session. Traffic varies day and night time for high traffic sites. Chances are high that expired session may not be deleted as it should.

The best way to purge old session data is executing GC periodically.

Although timestamp based session management is declined twice, it is mandatory for session management. Please refer to Strict Session RFC for details.

Proposal

  • Add session_gc() API.
  • Document calling session_gc() periodically is the best practice.
int session_gc(void)

It simply executes GC save handler defined.

Backward Incompatible Changes

None

Proposed PHP Version(s)

PHP 7.2

Vote

This project requires a 2/3 majority. Vote starts: 2016/08/10 - Vote ends: 2016/08/17 23:59:59 UTC

Add session_gc() function
Real name Yes No
bishop (bishop)  
cmb (cmb)  
colinodell (colinodell)  
derick (derick)  
diegopires (diegopires)  
lstrojny (lstrojny)  
mariano (mariano)  
mike (mike)  
stas (stas)  
trowski (trowski)  
yohgaki (yohgaki)  
yunosh (yunosh)  
Final result: 12 0
This poll has been closed.

Patches and Tests

Implementation

After the project is implemented, this section should contain

  1. the version(s) it was merged to
  2. a link to the git commit(s)
  3. a link to the PHP manual entry for the feature

References

rfc/session-gc.txt · Last modified: 2016/08/19 10:36 by salathe