php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #52982 Expose php_session_active to userland via new function (patch included)
Submitted: 2010-10-04 04:45 UTC Modified: 2011-08-30 03:01 UTC
Votes:5
Avg. Score:3.4 ± 1.4
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:1 (33.3%)
From: php dot net at kenman dot net Assigned: arpad (profile)
Status: Closed Package: Session related
PHP Version: 5.3.3 OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: php dot net at kenman dot net
New email:
PHP Version: OS:

 

 [2010-10-04 04:45 UTC] php dot net at kenman dot net 
Description:
------------
Attempting to start a session after a session has already been started raises an 
E_NOTICE, however, there is no sane way to check if a session has already been 
started. The only ways that I could devise were using the shut-up op (@) or by 
creating wrapper functions around all of the session functions.

This is extreme because there exists in the PHP source, code which can do this; my 
patch exposes this code for userland comsumption.

More info: 
http://stackoverflow.com/questions/3788369/how-to-tell-if-a-session-is-active

Test script:
---------------
session_start();

// 1000's of lines of code, which may/may not have closed the session

session_start(); // how to tell if a session is active here?

Expected result:
----------------
Should be able to ask PHP whether or not it knows of an active session.

Actual result:
--------------
Notice: A session had already been started - ignoring session_start()

Patches

php-trunk-session-status-bools (last revision 2011-07-26 18:53 UTC by arpad@php.net)
php-trunk-session-status (last revision 2011-07-26 18:52 UTC by arpad@php.net)
session.c.patch.txt (last revision 2010-10-04 07:05 UTC by php dot net at kenman dot net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-10-04 10:31 UTC] kalle@php.net
-Status: Open +Status: Assigned -Assigned To: +Assigned To: kalle
 [2010-10-04 10:31 UTC] kalle@php.net 
If we are going to expose php_session_active, we might aswell expose the other values. I will cook up a patch and apply it to trunk shortly
 [2010-10-04 12:15 UTC] pajoye@php.net 
The notice is documented and can be disabled using the display error settings. To detect whether or not session_start was successful, you have to test its return value (as of 5.3.0).

It is actually a documentation problem as the examples in the manual does not check the return values (maybe add one on top of them using 5.3+).
 [2010-10-05 07:34 UTC] php dot net at kenman dot net 
pajoye,

I'm not sure if you understand which problem I'm trying to address here; it's 
not whether or not session_start() was successful, it's whether or not there is 
a current active session.

Many times, in frameworks or other large-scale applications, you have no way of 
knowing whether session_start() has already been called. You cannot rely on 
session_id(), SID, session_start(), $_SESSION, or any other session functions or 
session functionality (that I'm aware of) to tell me "yes, you already have a 
session open" or "no, you do not have a session open" _before_ I call 
session_start().
 [2011-07-25 17:25 UTC] php dot net at kenman dot net 
Any update on this? 

Simple request; I'm not exactly sure what all Kalle was speaking to WRT "expose 
the other values", but what I'm requested here is a tiny piece of functionality, 
and that is *all* that is being requested.
 [2011-07-25 22:37 UTC] arpad@php.net 
If you're trying to establish whether it's safe to start your own session, this patch is deficient because PS(session_status) is not a boolean - it could also be php_session_disabled.

I'd imagine robust code to handle this (rather unusual) case where you require a session but don't know if it's present, would be something like:

if (session_is_available()) {
    if (!session_is_active()) {
        if (headers_sent()) {
            // bail out
        } else {
            session_start();
        }
    }
} else {
    // bail out
}

We could instead provide a session_status() function which corresponds to the internal enum (returning SESSION_DISABLED, SESSION_NONE or SESSION_ACTIVE.)

I assume this is what Kalle was talking about WRT exposing the other values.

Both options are trivial patches. The former seems friendlier but more prone to error.
 [2011-07-26 14:31 UTC] php dot net at kenman dot net 
Thank you very much, Arpad; my rudimentary C skills were barely enough for me to 
craft the patch (which I somehow managed to compile and use), and so I appreciate 
the background info. I would be happy with any solution that helps me to solve the 
problem!
 [2011-07-26 18:52 UTC] arpad@php.net 
The following patch has been added/updated:

Patch Name: php-trunk-session-status
Revision:   1311706347
URL:        https://bugs.php.net/patch-display.php?bug=52982&patch=php-trunk-session-status&revision=1311706347
 [2011-07-26 18:53 UTC] arpad@php.net 
The following patch has been added/updated:

Patch Name: php-trunk-session-status-bools
Revision:   1311706403
URL:        https://bugs.php.net/patch-display.php?bug=52982&patch=php-trunk-session-status-bools&revision=1311706403
 [2011-08-20 18:11 UTC] arpad@php.net
-Assigned To: kalle +Assigned To: arpad
 [2011-08-29 21:29 UTC] arpad@php.net 
Automatic comment from SVN on behalf of arpad
Revision: http://svn.php.net/viewvc/?view=revision&revision=315745
Log: Expose session status via new function, session_status (Req #52982)
 [2011-08-29 21:38 UTC] arpad@php.net
-Status: Assigned +Status: Closed
 [2011-08-29 21:38 UTC] arpad@php.net 
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.
 [2011-08-30 03:01 UTC] php dot net at kenman dot net 
Thank you Arpad!
 [2023-03-16 11:05 UTC] ghazu at mil dot com 
ee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3dee3e3deee3e3de3e3dee3e3dee3e3dee3e3dee3e3d
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Oct 27 08:00:01 2025 UTC