Skip to content
This repository has been archived by the owner. It is now read-only.

session_regenerate_id() issue on PHP7 #659

Open
driesdroesbeke opened this Issue Dec 14, 2015 · 7 comments

Comments

Projects
None yet
6 participants
@driesdroesbeke
Copy link

driesdroesbeke commented Dec 14, 2015

I have the following code that works on php 5.6 but throws a warning on PHP7. The session is not stored in the db with Zend_Session_SaveHandler_DbTable.

$session_handler = new Zend_Session_SaveHandler_DbTable ( $configSessionHandler );
Zend_Session::setSaveHandler ( $session_handler );

If (! Zend_Session::sessionExists ()) {
     Zend_Session::rememberMe ( $seconds );
     Zend_Session::start ( $config );
}

The rememberMe method calls self::regenerateId() wich causes the following error on PHP7

PHP Warning:  session_regenerate_id(): Session object destruction failed.  ID: user (path: /var/lib/php/sessions)
@driesdroesbeke

This comment has been minimized.

Copy link
Author

driesdroesbeke commented Dec 14, 2015

Is fixed by #660

@githoober

This comment has been minimized.

Copy link

githoober commented Aug 30, 2016

It was not fixed, the PR was declined.

@fewspider

This comment has been minimized.

Copy link

fewspider commented Sep 5, 2016

same problem
2016-09-05 16 06 04

@xorock

This comment has been minimized.

Copy link

xorock commented Sep 19, 2016

Is there any chance that someone will fix it before ZF1 EOL? I'm using lot of components from ZF1 and everything is fine under PHP7 except of Session.

@driesdroesbeke

This comment has been minimized.

Copy link
Author

driesdroesbeke commented Sep 19, 2016

I wrote some tests that worked in vagrant but failed on Travis.

I worked around the issue by changing the order of the session bootstrap. Make sure a session exists before regenerateId() is called.

@xorock

This comment has been minimized.

Copy link

xorock commented Sep 19, 2016

My code

public function _initZendSession() {
        $this->bootstrap('db');
        $this->bootstrap('session');
        Zend_Session::start();
        $defaultNamespace = new Zend_Session_Namespace();

        if (!isset($defaultNamespace->started)) {
            Zend_Session::regenerateId();
            $defaultNamespace->started = true;
        }
    }

And error is on line 320 of Zend\Session.php.

if (!self::$_unitTestEnabled) {
    session_regenerate_id(true);
}
@GuillaumeRossolini

This comment has been minimized.

Copy link

GuillaumeRossolini commented Dec 2, 2016

@driesdroesbeke the fix you suggested works by hiding the error message, but then the sid doesn't change when the user logs in (same cookie sid before and after they authenticate).
Am I understanding this correctly?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
You can’t perform that action at this time.