|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #71187 session_regenerate_id(): Failed to create(read) session
Submitted: 2015-12-21 20:39 UTC Modified: 2016-01-15 21:26 UTC
Avg. Score:4.6 ± 0.6
Reproduced:17 of 17 (100.0%)
Same Version:13 (76.5%)
Same OS:4 (23.5%)
From: akauffman at ne4u dot com Assigned: yohgaki (profile)
Status: Closed Package: Session related
PHP Version: 7.0.1 OS: Ubuntu 14.04 LTS
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: akauffman at ne4u dot com
New email:
PHP Version: OS:


 [2015-12-21 20:39 UTC] akauffman at ne4u dot com
There seems to be a type casting problem with custom session handlers (specifically the memcached module) when session_regenerate_id() is called.  Perhaps related to a null return value.  It looks like it was introduced around 7RC3.

PHP message: PHP Catchable fatal error:  session_regenerate_id(): Failed to create(read) session ID: user

Test script:

$_SESSION['value'] = session_id();

Work around:

class MemcachedSession extends SessionHandler
        public function read($session_id) {
                return (string)parent::read($session_id);

$sess = new MemcachedSession();
session_set_save_handler($sess, true);

$_SESSION['value'] = session_id();

Expected result:
Shouldn't have to implement a workaround.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2015-12-22 04:30 UTC]
-Assigned To: +Assigned To: yohgaki
 [2015-12-22 05:08 UTC]
When I ported the save handler, I think I made sure it returns string always for successful cases. I'll have a look shortly.

@akauffman, could you give info where did you get the memeached module source code? Just making sure to get the same code.
 [2015-12-22 14:22 UTC] coldfff at gmail dot com
In case its any easier for testing, this bug is affecting me too using the Cache Savehandler from ZF2.

The workaround as suggested can also be applied there:

use Zend\Session\SaveHandler\Cache as ZendCache;

class Cache extends ZendCache
    public function read($id)
        return (string) parent::read($id);
 [2015-12-22 15:22 UTC] akauffman at ne4u dot com
Memcache with php7:

$ git clone
$ cd php-memcached
$ git checkout -b php7 origin/php7

$ /usr/local/php7/bin/phpize
$ ./configure --with-php-config=/usr/local/php7/bin/php-config
$ make
$ sudo make install

# Memcached
 [2015-12-24 15:04 UTC] ivun at wirebyte dot com

We are having exactly the same problem. In addition, this seems to be a major problem, because the memcache (alternative to memcached) driver is not available any more and this bugs prevents from upgrading to PHP7. Looking forward for the fix!
 [2016-01-06 12:31 UTC] andrew dot mcgrath at fasttrackit dot com dot au
I'm experiencing this issue too, but I wanted to confirm that the work around described in the bug report seems to function as a reasonable work around.
 [2016-01-15 21:26 UTC]
-Status: Assigned +Status: Closed
 [2016-01-15 21:26 UTC]
Please note that

 - PHP 7.0 and up does not allow buggy return values from user save handler.
user read handler MUST return "string" data for success always.
 - Native save handler must return SUCCESS for successful cases including non-existing session data. 
 - FALSE/failure means "Something wrong in read" such as permission/network/etc errors.

Checked memcached code and it needs this patch.

@@ -326,6 +326,8 @@ PS_READ_FUNC(memcached)
 		*val = zend_string_init(payload, payload_len, 1);
 		return SUCCESS;
+	} else if (status = MEMCACHED_NOTFOUND) {
+		*val = ZSTR_EMPTY_ALLOC();
 	} else {
 		return FAILURE;

I made PR including new session features.

Since this is not PHP session module bug, closed.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Mon Jan 30 14:05:53 2023 UTC