Skip to end of metadata
Go to start of metadata

<h2>Overview</h2>

<p>Since ZF 2.0 will be released somewhere in 2010, now would be a good time to start discussing the pain points and potential growth ideas that might resolve around Zend_Session.  The motivation is that since ZF 2.0 represents a non-BC release, we have the opportunity to take and grow the API in a way that makes it more consistent with the rest of the framework as well as clean up the code and provide an API that is as updated as the current PHP version requirement.</p>

<h2>Areas for Improvement</h2>

<ol>
<li>Overall Component Structure
<ul>
<li>Should Zend_Session become a Singleton?</li>
<li>Should Zend_Session support pluggable/modular storage engines (ext/session as default)?</li>
<li>Examine how Zend_Session_Namespace can be more consistent with the Zend_Registry interface/api and visa-versa</li>
</ul>
</li>
<li>Zend_Session Component Unit Testing
<ul>
<li>Need better test coverage</li>
<li>Need better mechanism for request simulation (currently using exec, perhaps runkit would be better?) We should talk to Sebastien on this one</li>
</ul>
</li>
<li>Zend_Session Consumer Unit Testing
<ul>
<li>FlashMessenger should be able to use whatever mechanism is used by Zend_Session for unit testing</li>
</ul>
</li>
<li>Zend_Session will not work with PHP 5.2.0, perhaps ZF can raise requirements</li>
<li>Documentation overhaul with any changes implemented</li>
</ol>

<h2><a href="http://framework.zend.com/issues/secure/IssueNavigator.jspa?resolution=-1&component=10096">Open JIRA Issues</a></h2>

<ac:macro ac:name="jiraissues"><ac:parameter ac:name="columns">key;type;priority;summary;created;updated</ac:parameter><ac:parameter ac:name="url">http://framework.zend.com/issues/secure/IssueNavigator.jspa?view=rss&amp;resolution=-1&amp;component=10096</ac:parameter><ac:parameter ac:name="cache">off</ac:parameter></ac:macro>

Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
  1. Feb 25, 2008

    <p>I know it's not exactly aligned with the above possible improvements, but the Zend_Session documentation could use some attention, as it's not the clearest documentation in our manual.</p>

  2. Feb 29, 2008

    <p>Hi,</p>

    <p>I already added a similar comment to the session proposal but after the review period had finished. So I will repeat it here. <br />
    In my opinion we should not completely differentiate between a session and a registry. They both do the same in general. They simply store objects that can be accesses via a key.<br />
    So in my opinion we should create an interface that a session class as well as a registry class must implement.<br />
    Instead of thinking of different objects we should think of different scopes. </p>

    <p>a) request scope: at the moment this scope is covered by Zend_Registry<br />
    b) session scope: this scope is covered by Zend_Session<br />
    c) "registry" scope: I think of the windows registry, where data can be stored durably</p>

    <p>for the registry scope we could also introduce adapters that store data in the filesystem(standard) or in a database. But I think we already have this with session, haven't we?</p>

    <p>But the most important thing is that these objects stay interchangable, because they really have the same function and they of course should be accessed the same way. At the moment I don't like the session and registry objects being accessed in different ways.</p>

    <p>I also want to address a second issue just as a basis for discussion. <br />
    We could think about the observer pattern being implemented with the above mentioned objects. This could enable different objects being registered with a session or registry object and getting informed whenever the state of those objects change. </p>

    1. Mar 03, 2008

      <blockquote>
      <p>the same in general. They simply store objects that can be accesses via a key.<br />
      So in my opinion we should create an interface that a session class as well as a registry class must implement.</p></blockquote>

      <p>Currently, both Zend_Session_Namespace and Zend_Registry mimic php's stdObject and/or ArrayObject.</p>

      <p>I am interested in what other use cases are beyond what they currently do.</p>

      <blockquote>
      <p>Instead of thinking of different objects we should think of different scopes.</p>

      <p>a) request scope: at the moment this scope is covered by Zend_Registry<br />
      b) session scope: this scope is covered by Zend_Session<br />
      c) "registry" scope: I think of the windows registry, where data can be stored durably</p></blockquote>

      <p>Aside from the interchangable interface, these object represent different costs to the application. Sessions are generally more expensive (due to serialization and deserialization, than do Registry objects, which are memory only).</p>

      <blockquote>
      <p>for the registry scope we could also introduce adapters that store data in the filesystem(standard) or in a database. But I think we already have this with session, haven't we?</p></blockquote>

      <p>The registry is for a any one request to be able to store things in a "safe scope". Essentially, what Zend_Registry does for php applications, is provide a safe, namespaced, non-global space, place to store data.</p>

      <p>I think that persisting data outside of Zend_Registry is outside the scope of Zend_Registry. But again, if a compelling use case can be demonstrated, perhaps its an avenue worth exploring.</p>

      <blockquote>
      <p>But the most important thing is that these objects stay interchangable, because they really have the same function and they of course should be accessed the same way. At the moment I don't like the session and registry objects being accessed in different ways.</p></blockquote>

      <p>Please explain, I am unsure how the interfaces are that different at current.</p>

      <blockquote>
      <p>I also want to address a second issue just as a basis for discussion.<br />
      We could think about the observer pattern being implemented with the above mentioned objects. This could enable different objects being registered with a session or registry object and getting informed whenever the state of those objects change. </p></blockquote>

      <p>This is interesting. I will have to do more homework on what it means to be an observer/notifier in PHP. Generally speaking, the nature of php (build up - tear down) has been (historically) a good reason to not have observers in the same sense that you see them in Java.</p>

  3. Jun 09, 2009

    <p>This bug is really a big problem: <a class="external-link" href="http://framework.zend.com/issues/browse/ZF-5182">http://framework.zend.com/issues/browse/ZF-5182</a></p>

    <p>I have posted an code example to reproduce it in the mailinglist: <a class="external-link" href="http://www.nabble.com/authentification-plugin-fails%2C-because-form-hash-is-not-in-session--td23685261.html#a23685261">http://www.nabble.com/authentification-plugin-fails%2C-because-form-hash-is-not-in-session--td23685261.html#a23685261</a></p>

    1. Nov 11, 2009

      <p>I am removing your comment. Please limit the discussion to the 2.0 roadmap, and only reference issues if they can only be solved in 2.0.</p>