[HttpFoundation] Use the correct syntax for session gc based on Pdo driver #25922
Conversation
…n Pdo driver The initial fix for symfony#24456 was wrong, since it only accounted for Postgres. @WhiteEagle88 correctly identified symfony#25665 - but having time as SIGNED is ... off, since time shouldn't be negative. Using CAST to solve this issue surely has a performance penalty, so I believe the best approach is to have a switch based on the driver.
|
Thanks for the PR. Why do we need to have a switch? Can't we just use the version with the |
|
@nicolas-grekas According to #24456 the version with a + breaks Postgres. I haven't tested myself but it seems likely. Unfortunately the fix for #24456 breaks MySQL. I have noticed the issue myself in production using Percona and it was confirmed in #25665 - We could use an if or a short if, but I think this way it's more clear. Would be worthwhile to test sqlite driver as well. |
|
OK thanks. I think an if/else would be better in fact :) also note that we use four-spaces indentation. |
IssueBecause MySQL cast the result of this expression to unsigned types when doing sess_lifetime < time() - sess_time an out of range exception is thrown by MySQL when the PDOSessionHandler is closing a session and does garbage collection. MySQL Exception Example from Production (percona:5.6)
How to replicateUsing an MySQL Server (replicated with mysql:latest, percona:latest and percona:5.6) create a custom PdoSessionHandler - force garbage collection when session is closed and set time time to 1 day ago and simply make a request. This is a valid replication as in a production environment I had the above error without a custom Handler and these changes just force the circumstances creating the bug to appear, you just have to match the garbage collection with having a session that needs collecting PdoSessionHandler.php:374 PdoSessionHandler.php:381 Why was the initial fix working for Postgres:latest**If you used lifetime sessions you could end up with the issue below.
ConclusionI personally wouldn't add session time as MAXINT, but it does make sense if you want to have an unlimited session and the fix works fine in this case, but breaks normal functionality in MySQL/Percona. Thank you Nicolas, will use an if and change indentation. Sorry for this and for the long message 😄 |
… driver with if && change to four space indentation
|
Thank you @tanasecosminromeo. |
…ed on Pdo driver (tanasecosminromeo) This PR was submitted for the master branch but it was squashed and merged into the 2.7 branch instead (closes #25922). Discussion ---------- [HttpFoundation] Use the correct syntax for session gc based on Pdo driver | Q | A | ------------- | --- | Branch? | master | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #25665 #24456 | License | MIT | Doc PR | The initial fix for #24456 was wrong, since it only accounted for Postgres. @WhiteEagle88 correctly identified #25665 - but having time as SIGNED is ... off, since time shouldn't be negative. Using CAST to solve this issue surely has a performance penalty, so I believe the best approach is to have a switch based on the driver. Commits ------- 826dfbd [HttpFoundation] Use the correct syntax for session gc based on Pdo driver
The initial fix for #24456 was wrong, since it only accounted for Postgres. @WhiteEagle88 correctly identified #25665 - but having time as SIGNED is ... off, since time shouldn't be negative. Using CAST to solve this issue surely has a performance penalty, so I believe the best approach is to have a switch based on the driver.