ZF-47: session_commit() before header redirect (TRAC#48)


If you are writing things to the session and then call Zend_Controller_Action::_redirect() occasionally your changes to the session variables will not be saved. This is due to the fact that header redirects occasionally happen before the php saves the session to permanent storage on the server. This happens intermittently and is a vexing problem to fix.

This could easily be remedied if _redirect added a session_commit() before sending a redirection header.

The only other way to fix this is to have the developer call session_commit() every time they alter a session variable, or have them call session_write_close() before making a call to Zend_Controller_Action::_redirect(). Those are inferior solutions in my opinion because the proposed alteration to _redirect() is so simple and non-intrusive.


Wouldn't this be handled by the Controller's plugin handler instead? Whilst I can see the convenience for this method, it's not strictly the Controller's job to handle session shutdowns/commits.

It may pay instead to have a pre-made plugin that interacts with the Zend_Session component so that it will be trivial to add this to the Controller chain.

I agree, would be best to make this pluggable behavior either via a plugin or on/off switch. But I do also agree it is useful to have and simplifies the process.

The issue is that Zend_Controller_Action::_redirect() actually calls exit() as its last argument, meaning that no plugins are then called.

A simple check for $_SESSION can determine if the session is started, and then a session_write_close() prior to the header will fixate it.

Resolved with revision 1519 in subversion.