|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #20650 Change of Read($sess_id) to ($sess_id, $maxlifetime)
Submitted: 2002-11-26 09:43 UTC Modified: 2012-03-31 04:10 UTC
Avg. Score:4.5 ± 0.5
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: andreas dot birrer at ag dot ch Assigned:
Status: Wont fix Package: Session related
PHP Version: 4.2.2 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: andreas dot birrer at ag dot ch
New email:
PHP Version: OS:


 [2002-11-26 09:43 UTC] andreas dot birrer at ag dot ch
If I install a user save handler class
e.g. MySqlSessionHandler with methods Read, Write, GC etc.

MySqlSessionHandler::Read($sess_id) is always called before

This has the problem, that a session is read, which potentially would be garbage collected.

Therefore it would be nice to get the $maxlifetime parameter also in Read e.g. Read($sess_id, $maxlifetime)

This allows to return an empty session if it has timeouted.

For Clarification here are two Methods GC and Read with $lifetime information

function Read($sess_id, $maxlifetime)
		// beware of timouted sessions not yet gced
		$time_stamp= time();
		$removeDate= date("YmdHis", ($time_stamp - $maxlifetime));

		$search_query=	"SELECT * FROM $_session_table WHERE (session_id = '$sess_id') and (last_accessed >= $removeDate)";
		$result= @ mysql_query($search_query, $_connection);
			// No session found - return an empty string
			return "";
			// Found a session - return the serialized string
			$row = mysql_fetch_array($result);
			return $row["session_variable"];

function GC($max_lifetime)
		global $_connection;
		global $_session_table;

		$time_stamp= time();
		$removeDate= date("YmdHis", ($time_stamp - $max_lifetime));

		$delete_query = "DELETE FROM $_session_table WHERE last_accessed < $removeDate";
		$result = @mysql_query($delete_query,$_connection);
		return true;


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-12-29 17:45 UTC]
-Package: Feature/Change Request +Package: Session related
 [2012-03-31 04:10 UTC]
You need to lock data, so that the date may not be deleted and/or can stay 
 [2012-03-31 04:10 UTC]
-Status: Open +Status: Wont fix
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Dec 02 10:03:34 2021 UTC