This is an old revision of the document!
PHP RFC: User defined session serializer
- Version: 0.9
- Date: 2016-11-17
- Author: Yasuo Ohgaki yohgaki@ohgaki.net
- Status: Under Discussion
- First Published at: http://wiki.php.net/rfc/user_defined_session_serializer
Introduction
Currently, only C module can add additional session data serializer. If there is user defined serializer, users can
- Encrypt/decrypt session data transparently.
- Use any serialization format such as JSON/XML/etc.
- Add invisible data to session data.
Proposal
Add session serializer registration function.
bool session_set_serializer(callable $serialize_func, callable $unserialize_func)
Add session serializer interface.
interface SessionSerializerInterface { function encode(array $session_data_array); function decode(string $serialized_session_data_string); }
Please refer to the pull request phpt files for usage.
Backward Incompatible Changes
None.
Proposed PHP Version(s)
Next PHP. Currently 7.2.
Future Scope
Current session modules OO user save handler uses internal save handler as its base object. This design caused many problems.
User defined serializer can get rid of this design issue. i.e. There will be new and clean OO session save handler interface.
Proposed Voting Choices
50%+1 majority
Patches and Tests
Implementation
After the project is implemented, this section should contain
- the version(s) it was merged to
- a link to the git commit(s)
- a link to the PHP manual entry for the feature
- a link to the language specification section (if any)
References
Links to external references, discussions or RFCs
Rejected Features
Keep this updated with features that were discussed on the mail lists.