Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

PHP & Sessions: Is there any way to disable PHP session locking?

Tags:

Is there any way to disable the session locking in PHP while using the default session handler?

[EDIT:] Or is there at least a way to restart a session after calling session_write_close()? session_start() does not work if any output is already sent to the browser.

like image 905
Taloncor Avatar asked Jul 30 '10 12:07

Taloncor


People also ask

What is PHP is used for?

PHP is an open-source server-side scripting language that many devs use for web development. It is also a general-purpose language that you can use to make lots of projects, including Graphical User Interfaces (GUIs).

Is PHP used anymore?

It is true that PHP has slipped down the rankings of the most popular programming languages, from 5th in 2017 to 8th in 2020 as per the Stack Overflow annual developer survey. And yet, PHP continues to be used by nearly 80% of all websites, powering some major platforms like Wordpress and Facebook.

What coding is PHP?

PHP is a server side scripting language. that is used to develop Static websites or Dynamic websites or Web applications. PHP stands for Hypertext Pre-processor, that earlier stood for Personal Home Pages. PHP scripts can only be interpreted on a server that has PHP installed.


1 Answers

You don't want to disable it... If you do, you'll potentially run into all sorts of weird issues where you login on one window, be logged out on another and then wind up in an inconsistent state... The locking is there for a reason...

Instead, close the session very early if you know you are not going to write to it in that request. Once you start it, you'll be able to read from it for the whole request (unless you re-start it, or do some other special things) even after you call session_write_close. So what you would do, is check the request to see if it's a write request, and if it's not, just close it right after opening it. Note that this may have some adverse affects if you later try writing to the session (For Captcha or CSRF protection or something else), so use with caution...

But instead of trying to get around it, I would put my effort into either shortening the request lengths (to reduce lock contention), or making cookieless requests for those requests that don't need the session at all...

like image 76
ircmaxell Avatar answered Sep 21 '22 09:09

ircmaxell