NYCPHP Meetup

NYPHP.org

[nycphp-talk] PHP 4.3.3 and session_start

Emmanuel Décarie emm at scriptdigital.com
Fri Feb 27 11:24:42 EST 2004


Thanks Dan for the reply. Were progressing.

>Dan Cech  wrote: 
>Exactly, now if it was throwing an E_WARNING or E_ERROR there might be a 
>case for arguing against it, but a notice is just there to let you know 
>that you have some code which may be sloppy.

Which is definitely not the case in my scenario. It’s not my code that is sloppy
since the access framework is called first and will start the session, it’s the
existing code base made by different programmers in different shops that is
sloppy because their application didn't implemented some defensive coding
against the case that they should check that a session already existed before
calling session_start ().

>I am surprised myself, I have never heard of anyone running a production 
>server with error_reporting set to E_ALL, and definitely not without 
>some form of custom error handling routine.

Why are you assuming that this on a production server? And why are you assuming
that there is no custom error handling routine?

>Just to be clear, the error is there as a notice to let you know you 
>might be doing something silly, which is absolutely correct because in 
>the vast majority of cases having multiple session_start calls is an 
>indication of bad programming.

I think you are wrong here. What I'm talking about is modularity and autonomy.

Some courses have a high level of abstraction and can be plugged in other
frameworks. That's why they need some level of autonomy and can assume that in
some scenario they will be called without a prior session existing. What I
understand now is to tell these programmers to always check if a session already
exists before calling session_start (). These programmers works on legacy code
that was done 1 to 2 years ago.

Now, I must confess that I'm totally taken off-guard by this and didn't know
that there was such a strong consensus on the question that multiple calls to
session_start () were a bad thing. I'll go reread the PHP books I have and check
the web.

But I still don't have an answer to my questions. What's the penalty for a
second call to session_start ()?

Is PHP running faster with defensive coding checking if a session already exists
and no call to session_start () is made?

Is a second call to  session_start () waste resources and make PHP slower?

Cheers
-Emmanuel
--
Emmanuel Décarie / Programmation pour le Web - Programming for the Web
<http://scriptdigital.com/> - Blog: <http://blog.scriptdigital.com> - AIM: scriptdigital



More information about the talk mailing list